odmex.com Open in urlscan Pro
94.102.15.166 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://odmex.com/vqmod/xml/access/index.php
Submission: On October 28 via manual (October 28th 2019, 2:39:36 pm UTC) from BR

Summary HTTP 64 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 2 domains to perform 64 HTTP transactions. The main IP is 94.102.15.166, located in Turkey and belongs to NETINTERNET Netinternet Bilisim Teknolojileri AS, TR. The main domain is odmex.com.

This is the only time odmex.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
29	94.102.15.166 94.102.15.166	51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS)
27	104.111.235.119 104.111.235.119	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.225.133.139 54.225.133.139	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	54.243.85.66 54.243.85.66	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
64	5

29 94.102.15.166 (Turkey)

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: 166lfr2ab.ni.net.tr

odmex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.111.235.119 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-235-119.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.133.139 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-133-139.compute-1.amazonaws.com

paper.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.243.85.66 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-243-85-66.compute-1.amazonaws.com

paper.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	citi.com online.citi.com paper.citi.com	352 KB
29	odmex.com odmex.com	230 KB
64	2

	Domain	Requested by
29	odmex.com	odmex.com
27	online.citi.com	odmex.com
3	paper.citi.com	odmex.com
64	3

This site contains links to these domains. Also see Links.

Domain
www.citi.com
www.facebook.com
www.twitter.com
www.youtube.com
www.citigroup.com
citieasydeals.com
www.citiprivatepass.com
www.privatebank.citibank.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2018-03-14` - `2020-05-14`	2 years	crt.sh

This page contains 3 frames:

Primary Page: http://odmex.com/vqmod/xml/access/index.php
Frame ID: 1EE18A9E613A74C487D7DDE7CC05C885
Requests: 62 HTTP requests in this frame

Frame: http://paper.citi.com/127893/CWrT.html?si=1&e=http%3A%2F%2Fodmex.com&LSESSIONID=jLd1oq4c4oklcSaFJxwg3j4DpPOSo3rdXEG3EXavFtPX08UvN8F3682k&t=xframe&eu=http%3A%2F%2Fodmex.com%2Fvqmod%2Fxml%2Faccess%2Findex.php&icid=157227356810164177
Frame ID: A62B3379736F46553CDFADE447059383
Requests: 1 HTTP requests in this frame

Frame: http://paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=1&e=http%3A%2F%2Fodmex.com&LSESSIONID=jLd1oq4c4oklcSaFJxwg3j4DpPOSo3rdXEG3EXavFtPX08UvN8F3682k&t=xframe&eu=http%3A%2F%2Fodmex.com%2Fvqmod%2Fxml%2Faccess%2Findex.php&icid=157227356810550607
Frame ID: 34DA41CFF134CF6A5C87BF0CD3FFB3D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

64
Requests

42 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

5
IPs

3
Countries

582 kB
Transfer

1701 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citi.com/credit-cards/citi.action
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citi
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/citi
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/citi
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.citigroup.com/citi/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://citieasydeals.com/
Title: Citi Easy DealsSM

Search URL Search Domain Scan URL

URL: http://www.citiprivatepass.com/
Title: Citi&rreg; Private Pass®

Search URL Search Domain Scan URL

URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank

Search URL Search Domain Scan URL

URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
odmex.com/vqmod/xml/access/ 229 KB
230 KB 1313ms
136ms Document
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache /
Resource Hash: ff9055592f7c4a2646cab47a75489572b95aba8cd972d98d7d84c32a056fa08e

Request headers

Host: odmex.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 28 Oct 2019 14:39:00 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8;

GET
H/1.1 404
Not Found amw.js
odmex.com/JFP/amw/ 0
0 798ms
689ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JFP/amw/amw.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:01 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found jquery-combined.min.js
odmex.com/CBOL/portal/layout/js/ 0
0 740ms
630ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/CBOL/portal/layout/js/jquery-combined.min.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:01 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found jfp.branding.js
odmex.com/JFP/js/widgets/ 0
0 1246ms
451ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JFP/js/widgets/jfp.branding.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:01 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found cssPref.js
odmex.com/JPS/portal/js/ 0
0 1381ms
527ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JPS/portal/js/cssPref.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:01 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found jfp.widgets.js
odmex.com/JFP/js/widgets/ 0
0 1683ms
558ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JFP/js/widgets/jfp.widgets.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found SitecatCampaigns.js
odmex.com/JPS/portal/js/ 0
0 1585ms
458ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JPS/portal/js/SitecatCampaigns.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found citi_Common.js
odmex.com/GFC/common/js/ 0
0 1854ms
726ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/GFC/common/js/citi_Common.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET JFPNav.js
odmex.com/JPS/portal/js/ 0
0

GET
H/1.1 404
Not Found jquery.autocomplete.js
odmex.com/JFP/js/jquery/plugins/ 0
0 3321ms
178ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JFP/js/jquery/plugins/jquery.autocomplete.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET verisign.js
odmex.com/JRS/js/ 0
0

GET
H2 200 JPPTemp.css
online.citi.com/JFP/css/common/ 245 KB
35 KB 111ms
72ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JFP/css/common/JPPTemp.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cc415ff6c7e1c19761a0ea19ece60e6e8a59725188f57474a0a81d2e1cdb366

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:24:52 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:00 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:00 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 35061
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 US-Regional.css
online.citi.com/JRS/css/ 48 KB
10 KB 117ms
79ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/css/US-Regional.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

b256194e43343f5c19794cdc252cab31e88d6abada730497248e3f4dd3d6ebbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 06:19:08 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:00 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:00 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 9989
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 branding_main_citi.css
online.citi.com/GFC/branding/css/ 38 KB
7 KB 120ms
81ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/css/branding_main_citi.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

026e098101372517dfd286b39bc511b51190e8d62fde539c1c3f53ba4aa61086

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 15:41:40 GMT
x-akamai-citisite: SWDC
date: Mon, 28 Oct 2019 14:39:00 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:00 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 6645
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cbol-topNav.css
online.citi.com/CBOL/IAServicing/css/ 34 KB
6 KB 115ms
77ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/IAServicing/css/cbol-topNav.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a61ec9d955b378da3a9a84db760e01ba239ce11182c33b03e4392c1ebf27644

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Aug 2019 07:17:14 GMT
x-akamai-citisite: SWDC
date: Mon, 28 Oct 2019 14:39:00 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:00 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 5275
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET mbox.js
odmex.com/JRS/js/ 0
0

GET
H2 200 Citi-Enterprise-White.png
online.citi.com/GFC/branding/img/ 1 KB
1 KB 39ms
39ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/Citi-Enterprise-White.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:29:05 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:00 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 1040
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cbol-smartSearch.css
online.citi.com/NCCS/smartSearch/css/ 8 KB
1 KB 16ms
16ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/NCCS/smartSearch/css/cbol-smartSearch.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 16:10:30 GMT
x-akamai-citisite: SWDC
date: Mon, 28 Oct 2019 14:39:00 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:00 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 899
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 search-white.png
online.citi.com/GFC/branding/img/ 429 B
859 B 53ms
52ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/search-white.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:29:07 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 429
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 BrowserUpgrade.css
online.citi.com/JPS/portal/css/ 2 KB
1 KB 15ms
15ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JPS/portal/css/BrowserUpgrade.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

522d8553b114774ec08b1fe8f0004510368c3070cc26a17cf7a200e0e9a55d6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:00 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:00 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 671
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found signon.js
odmex.com/JSO/js/ 0
0 653ms
434ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JSO/js/signon.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found jfpm.autocomplete.off.js
odmex.com/JFP/js/modules/ 0
0 2246ms
321ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JFP/js/modules/jfpm.autocomplete.off.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 signon_overlay.css
online.citi.com/JRS/css/common/ 3 KB
1 KB 40ms
16ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/JRS/css/common/signon_overlay.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

428bee7b9889e486f7a940078709a1283b91690d65af6afc1853a99649f588fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:24:52 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:02 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:02 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 874
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found new_signon.js
odmex.com/JRS/js/ 0
0 382ms
327ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/new_signon.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found bauble.js
odmex.com/JRS/cm/js2/ 0
0 1071ms
926ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/cm/js2/bauble.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:03 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found bt_addelivery.js
odmex.com/JRS/js/ 0
0 355ms
299ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/bt_addelivery.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:03 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found adServe2.js
odmex.com/JRS/js/ 0
0 812ms
336ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/adServe2.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:04 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 so_lock.gif
online.citi.com/JRS/images/signon/ 197 B
627 B 108ms
108ms Image
image/gif 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/signon/so_lock.gif

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a564f37be2712b675335f2472c980e29bfbff448b5f925a92cd230d285aeb8d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite: SWDC
date: Mon, 28 Oct 2019 14:39:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 197
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/gif
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found fieldValidation.js
odmex.com/JFP/js/jquery/plugins/ 0
0 15997ms
184ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JFP/js/jquery/plugins/fieldValidation.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:19 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found SCFormElementReporting.js
odmex.com/JSO/js/ 0
0 15622ms
196ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JSO/js/SCFormElementReporting.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:19 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found signonUnamePwdMyCiti.js
odmex.com/JSO/js/ 0
0 17059ms
217ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JSO/js/signonUnamePwdMyCiti.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:21 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET fp.js
odmex.com/JSO/js/ 0
0

GET
H2 200 pixel.gif
online.citi.com/JRS/images/ 42 B
471 B 531ms
530ms Image
image/gif 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/pixel.gif

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 42
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/gif
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 CBNA_441x222_contextual_generic.jpg
online.citi.com/JRS/images/ads/ 10 KB
11 KB 58ms
58ms Image
image/jpeg 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/ads/CBNA_441x222_contextual_generic.jpg

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

eee52f6396c21a450545c7a3956596da8faba552a595616553baa67635a7f57a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:24:53 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 10514
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/jpeg
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 cobrowse_overlay.css
online.citi.com/GPS/portal/css/ 7 KB
2 KB 53ms
52ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GPS/portal/css/cobrowse_overlay.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 13 Aug 2019 07:17:14 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:03 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 1597
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 citi-logo-footer.png
online.citi.com/CBOL/common/ddl/1.1.0/images/catalogue/ 2 KB
2 KB 69ms
68ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/CBOL/common/ddl/1.1.0/images/catalogue/citi-logo-footer.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:24:53 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 1705
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 memberfdic.png
online.citi.com/GFC/branding/responsivebranding/img/ 2 KB
2 KB 72ms
72ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/memberfdic.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

fde2419dbb975ba13ee435b8e15b754a11569815f6ef87a68b9984b99cd607cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:30:23 GMT
x-akamai-citisite: SWDC
date: Mon, 28 Oct 2019 14:39:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 1784
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 EqualHousing.png
online.citi.com/JRS/images/ 416 B
847 B 77ms
77ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/EqualHousing.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

705f1ccbf32b8ebd6c4a04262ca5c320c50aa324f80a34fb3b160a8138257e14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:38:37 GMT
x-akamai-citisite: SWDC
date: Mon, 28 Oct 2019 14:39:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 416
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK style4.js Show response
paper.citi.com/127893/ 34 KB
16 KB 209ms
91ms XHR
application/x-javascript 54.225.133.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://paper.citi.com/127893/style4.js?r=0.4403926745568407
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 54.225.133.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-225-133-139.compute-1.amazonaws.com
Software: haile /
Resource Hash: e3c56b69b2f6610473121cd3ef21dee5ede4df7c56a3555ac6f556af2a75ff52

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:01 GMT
Content-Encoding: gzip
Server: haile
transfer-encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: http://odmex.com
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET jquery-combined.min.js
odmex.com/CBOL/portal/layout/js/ 0
0

GET
H/1.1 404
Not Found SitecatCampaigns.js
odmex.com/JPS/portal/js/ 0
0 433ms
379ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JPS/portal/js/SitecatCampaigns.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found citi_Common.js
odmex.com/GFC/common/js/ 0
0 447ms
248ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/GFC/common/js/citi_Common.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:03 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 branding_main.css
online.citi.com/GFC/branding/css/ 115 KB
18 KB 61ms
61ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/GFC/branding/css/branding_main.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

c06421fc9106509698ec603e84b6b0e6f6b5f8513311ea5418d0626260ac1fc1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 19:18:07 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:03 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 17388
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 topNavBase.css
online.citi.com/CBOL/IAServicing/css/ 745 KB
73 KB 78ms
77ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/IAServicing/css/topNavBase.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

19ff35516626fde80a6ff464d1dc038f5839f08e18f9e82f4613bc002f605a86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 08 May 2018 04:46:52 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:03 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 branding.css
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/ 24 KB
5 KB 62ms
61ms Stylesheet
text/css 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

08efa970cb660c1b05eb90856a8295dcf0d42cbdabcef61e2ebb936b28e82d36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:24:53 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
expires: Mon, 28 Oct 2019 20:39:03 GMT
cache-control: max-age=21600
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 4487
content-type: text/css
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 jfpw.overlay.stripe.bg.png
online.citi.com/JFP/images/widgets/ 152 B
581 B 67ms
67ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JFP/images/widgets/jfpw.overlay.stripe.bg.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

07759a8c16aaf61f4428763c7ea3756d31164933e7c5a6081fe6ab9bc3e5fdba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://online.citi.com/JPS/portal/css/BrowserUpgrade.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:24:52 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 152
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Interstate-Bold.woff
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/ 70 KB
71 KB 36ms
22ms Font
application/octet-stream 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/Interstate-Bold.woff

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: cors
Referer: https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css
Origin: http://odmex.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 71859
content-type: text/plain
access-control-allow-origin: *
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 Interstate-Light.woff
online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/ 74 KB
74 KB 46ms
32ms Font
application/octet-stream 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/fonts/interstate/Interstate-Light.woff

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: cors
Referer: https://online.citi.com/CBOL/common/ddl/1.1/bootstrap/styles/branding.css
Origin: http://odmex.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:03 GMT
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length: 75483
content-type: text/plain
access-control-allow-origin: *
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 404
Not Found signon.js
odmex.com/JSO/js/ 0
0 294ms
257ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JSO/js/signon.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:03 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found new_signon.js
odmex.com/JRS/js/ 0
0 441ms
341ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/new_signon.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:04 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found new_signon.js
odmex.com/JRS/js/ 0
0 630ms
300ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/new_signon.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:04 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found new_signon.js
odmex.com/JRS/js/ 0
0 323ms
270ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/new_signon.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found new_signon.js
odmex.com/JRS/js/ 0
0 490ms
316ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/new_signon.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found bauble.js
odmex.com/JRS/cm/js2/ 0
0 853ms
271ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/cm/js2/bauble.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found bt_addelivery.js
odmex.com/JRS/js/ 0
0 300ms
254ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/bt_addelivery.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found adServe2.js
odmex.com/JRS/js/ 0
0 245ms
188ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JRS/js/adServe2.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:07 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found jfpm.autocomplete.off.js
odmex.com/JFP/js/modules/ 0
0 724ms
203ms Script
text/html 94.102.15.166
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://odmex.com/JFP/js/modules/jfpm.autocomplete.off.js
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 94.102.15.166 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: 166lfr2ab.ni.net.tr
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Referer: http://odmex.com/vqmod/xml/access/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Oct 2019 14:39:07 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bg-blue-chat-button.gif
online.citi.com/JRS/images/common/ 119 B
548 B 92ms
91ms Image
image/gif 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/JRS/images/common/bg-blue-chat-button.gif

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

6091dc31b3c03e1a5b401ff2d35e21ae9f76a8630a85aaf4fe8d5cab1c5bb38a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://online.citi.com/JRS/css/common/signon_overlay.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:24:52 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:07 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 119
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/gif
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 sprite_social_icons.png
online.citi.com/GFC/branding/img/ 358 B
788 B 50ms
50ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/img/sprite_social_icons.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3c02bcaca12da1a9ce27e3760e479fface7a05319c2708088cceb05af286eb1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Wed, 14 Jun 2017 18:29:10 GMT
x-akamai-citisite: SWDC
date: Mon, 28 Oct 2019 14:39:07 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 358
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 appStore_1px.png
online.citi.com/GFC/branding/responsivebranding/img/ 3 KB
4 KB 57ms
57ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/appStore_1px.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Thu, 27 Sep 2018 21:19:09 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:07 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 3513
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 googlePlay_1px.png
online.citi.com/GFC/branding/responsivebranding/img/ 4 KB
4 KB 59ms
58ms Image
image/png 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/responsivebranding/img/googlePlay_1px.png

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Thu, 27 Sep 2018 21:21:52 GMT
x-akamai-citisite: SWDC
date: Mon, 28 Oct 2019 14:39:07 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 3900
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/png
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H2 200 oo_icon_retina.gif
online.citi.com/GFC/branding/olab/images/ 2 KB
3 KB 60ms
60ms Image
image/gif 104.111.235.119
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.citi.com/GFC/branding/olab/images/oo_icon_retina.gif

Requested by

Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.235.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-235-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net
Strict-Transport-Security	max-age=300
X-Content-Security-Policy	frame-ancestors https://.citi.com https://.citigroup.net https://*.nsroot.net

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://online.citi.com/GFC/branding/css/branding_main_citi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=300
last-modified: Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite: GTDC
date: Mon, 28 Oct 2019 14:39:07 GMT
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
status: 200
content-length: 2204
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges: bytes
content-type: image/gif
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

GET
H/1.1 200
OK CWrT.html
paper.citi.com/127893/ Frame A62B 0
0 197ms
89ms Document
text/html 54.243.85.66
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://paper.citi.com/127893/CWrT.html?si=1&e=http%3A%2F%2Fodmex.com&LSESSIONID=jLd1oq4c4oklcSaFJxwg3j4DpPOSo3rdXEG3EXavFtPX08UvN8F3682k&t=xframe&eu=http%3A%2F%2Fodmex.com%2Fvqmod%2Fxml%2Faccess%2Findex.php&icid=157227356810164177
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 54.243.85.66 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-243-85-66.compute-1.amazonaws.com
Software: haile /
Resource Hash

Request headers

Host: paper.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://odmex.com/vqmod/xml/access/index.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://odmex.com/vqmod/xml/access/index.php

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 28 Oct 2019 14:39:28 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Server: haile
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///http... Frame 34DA 0
0 197ms
90ms Document
text/html 54.243.85.66
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://paper.citi.com/127893/h7H.html/discovercard.com/dfs/accounthome/summary/-www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=1&e=http%3A%2F%2Fodmex.com&LSESSIONID=jLd1oq4c4oklcSaFJxwg3j4DpPOSo3rdXEG3EXavFtPX08UvN8F3682k&t=xframe&eu=http%3A%2F%2Fodmex.com%2Fvqmod%2Fxml%2Faccess%2Findex.php&icid=157227356810550607
Requested by: Host: odmex.com
URL: http://odmex.com/vqmod/xml/access/index.php
Protocol: HTTP/1.1
Server: 54.243.85.66 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-243-85-66.compute-1.amazonaws.com
Software: haile /
Resource Hash

Request headers

Host: paper.citi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://odmex.com/vqmod/xml/access/index.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://odmex.com/vqmod/xml/access/index.php

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 28 Oct 2019 14:39:28 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Server: haile
transfer-encoding: chunked
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: odmex.com
URL: http://odmex.com/JPS/portal/js/JFPNav.js

Domain: odmex.com
URL: http://odmex.com/JRS/js/verisign.js

Domain: odmex.com
URL: http://odmex.com/JRS/js/mbox.js

Domain: odmex.com
URL: http://odmex.com/JSO/js/fp.js

Domain: odmex.com
URL: http://odmex.com/CBOL/portal/layout/js/jquery-combined.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.citi.com/	1969-12-31 23:59:59	Name: ___so127893 Value: eyJsc2giOjMyMDk3NjY5OTJ9
			.citi.com/	1969-12-31 23:59:59	Name: LSESSIONID Value: jLd1oq4c4oklcSaFJxwg3j4DpPOSo3rdXEG3EXavFtPX08UvN8F3682k

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

odmex.com
online.citi.com
paper.citi.com
odmex.com
104.111.235.119
54.225.133.139
54.243.85.66
94.102.15.166
026e098101372517dfd286b39bc511b51190e8d62fde539c1c3f53ba4aa61086
07759a8c16aaf61f4428763c7ea3756d31164933e7c5a6081fe6ab9bc3e5fdba
08efa970cb660c1b05eb90856a8295dcf0d42cbdabcef61e2ebb936b28e82d36
19ff35516626fde80a6ff464d1dc038f5839f08e18f9e82f4613bc002f605a86
1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b
428bee7b9889e486f7a940078709a1283b91690d65af6afc1853a99649f588fb
522d8553b114774ec08b1fe8f0004510368c3070cc26a17cf7a200e0e9a55d6b
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
6091dc31b3c03e1a5b401ff2d35e21ae9f76a8630a85aaf4fe8d5cab1c5bb38a
6cc415ff6c7e1c19761a0ea19ece60e6e8a59725188f57474a0a81d2e1cdb366
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484
705f1ccbf32b8ebd6c4a04262ca5c320c50aa324f80a34fb3b160a8138257e14
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
8a61ec9d955b378da3a9a84db760e01ba239ce11182c33b03e4392c1ebf27644
9a564f37be2712b675335f2472c980e29bfbff448b5f925a92cd230d285aeb8d
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
b256194e43343f5c19794cdc252cab31e88d6abada730497248e3f4dd3d6ebbc
c03c473373b74ec78cd18149c63791f1879e0521776846e6ffd9dcfecd413b1e
c06421fc9106509698ec603e84b6b0e6f6b5f8513311ea5418d0626260ac1fc1
c3c02bcaca12da1a9ce27e3760e479fface7a05319c2708088cceb05af286eb1
e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7
e3c56b69b2f6610473121cd3ef21dee5ede4df7c56a3555ac6f556af2a75ff52
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
eee52f6396c21a450545c7a3956596da8faba552a595616553baa67635a7f57a
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2
fde2419dbb975ba13ee435b8e15b754a11569815f6ef87a68b9984b99cd607cf
ff9055592f7c4a2646cab47a75489572b95aba8cd972d98d7d84c32a056fa08e

odmex.com Open in urlscan Pro 94.102.15.166 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

64 Requests

42 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

5 IPs

3 Countries

582 kBTransfer

1701 kBSize

2 Cookies

11 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

odmex.com Open in urlscan Pro
94.102.15.166 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

42 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

5
IPs

3
Countries

582 kB
Transfer

1701 kB
Size

2
Cookies

64 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!