www.citibenefits.com Open in urlscan Pro
205.156.141.241  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.citibenefits.com/	74 KB 16 KB	1278ms 857ms	Document text/html	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash cafb9ed56f6a54b3132e399c762d61b692557bea7fb4ea107b076ed0730fe722 Security Headers Name Value Content-Security-Policy script-src 'self' http://*.mercer.com https://*.mercer.com http://*.trustarc.com https://*.trustarc.com https://*.cloudflare.com https://*.firebaseapp.com https://*.vimeocdn.com https://*.google-analytics.com https://*.pez.ai https://*.trueviewportal.com https://*.google.com https://*.gstatic.com https://*.socrates.ai https://www.youtube-nocookie.com https://web.microsoftstream.com 'unsafe-eval' 'unsafe-inline' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Methods GET, POST Cache-Control no-cache, no-store, must-revalidate Content-Encoding gzip Content-Length 15011 Content-Security-Policy script-src 'self' http://*.mercer.com https://*.mercer.com http://*.trustarc.com https://*.trustarc.com https://*.cloudflare.com https://*.firebaseapp.com https://*.vimeocdn.com https://*.google-analytics.com https://*.pez.ai https://*.trueviewportal.com https://*.google.com https://*.gstatic.com https://*.socrates.ai https://www.youtube-nocookie.com https://web.microsoftstream.com 'unsafe-eval' 'unsafe-inline' Content-Type text/html; charset=utf-8 Date Mon, 19 Jun 2023 03:48:03 GMT Expires -1 Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=31536000 Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-NID 0261 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	VisitorIdentification.js Show response www.citibenefits.com/layouts/system/	2 KB 2 KB	158ms 157ms	Script application/javascript	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/layouts/system/VisitorIdentification.js Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce Security Headers Name Value Content-Security-Policy script-src 'self' http://*.mercer.com https://*.mercer.com http://*.trustarc.com https://*.trustarc.com https://*.cloudflare.com https://*.firebaseapp.com https://*.vimeocdn.com https://*.google-analytics.com https://*.pez.ai https://*.trueviewportal.com https://*.google.com https://*.gstatic.com https://*.socrates.ai https://www.youtube-nocookie.com https://web.microsoftstream.com 'unsafe-eval' 'unsafe-inline' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Security-Policy script-src 'self' http://*.mercer.com https://*.mercer.com http://*.trustarc.com https://*.trustarc.com https://*.cloudflare.com https://*.firebaseapp.com https://*.vimeocdn.com https://*.google-analytics.com https://*.pez.ai https://*.trueviewportal.com https://*.google.com https://*.gstatic.com https://*.socrates.ai https://www.youtube-nocookie.com https://web.microsoftstream.com 'unsafe-eval' 'unsafe-inline' Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:03 GMT X-NID 0261 Content-Length 910 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Wed, 13 Nov 2019 17:14:30 GMT ETag "09f61cf459ad51:0" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST Content-Type application/javascript X-Frame-Options SAMEORIGIN Accept-Ranges bytes
GET H/1.1	200 OK	e9a46beb2e864895a6cc5176def45506.css www.citibenefits.com/resources/global/css/design/	418 KB 95 KB	319ms 161ms	Stylesheet text/css	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 396243c09123d896029f6b89a7b3128ba9a1f8497fb3b7caa0a9d5782e98813f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip X-Content-Type-Options nosniff Date Mon, 19 Jun 2023 03:48:03 GMT Last-Modified Mon, 19 Jun 2023 03:10:12 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Transfer-Encoding chunked X-NID 0261 Cache-Control public, max-age=2592000 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	13bc7025043b421f843d01890893ffed.css www.citibenefits.com/resources/css/site/	4 KB 2 KB	417ms 158ms	Stylesheet text/css	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/resources/css/site/13bc7025043b421f843d01890893ffed.css?v=BBC38BD13CD915B7D89AA1B18291CDDB Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 4fbf40eb2f7b5e4dedf43f5cd0ce834a975910c114a56faeb7c8c5bc203971e7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip X-Content-Type-Options nosniff Date Mon, 19 Jun 2023 03:48:03 GMT Last-Modified Mon, 19 Jun 2023 01:37:45 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 X-NID 0260 Cache-Control public, max-age=2592000 Content-Length 1420 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	e9a46beb2e864895a6cc5176def45506.js Show response www.citibenefits.com/resources/global/js/design/top/	720 B 1 KB	413ms 154ms	Script application/x-javascript	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/resources/global/js/design/top/e9a46beb2e864895a6cc5176def45506.js?v=C3ED97FBEC5EA1B6A157DE4FCBF2676A Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash a85cbd1c9c615c45b21c159700ad596ae184693253cb7f919d812451e997c312 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip X-Content-Type-Options nosniff Date Mon, 19 Jun 2023 03:48:03 GMT Last-Modified Mon, 19 Jun 2023 01:39:08 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/x-javascript; charset=utf-8 X-NID 0259 Cache-Control public, max-age=2592000 Content-Length 546 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	icon-menu-team.png www.citibenefits.com/-/media/Mercer/Belong_Universal/Menu-Icons/	1 KB 2 KB	153ms 152ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/Belong_Universal/Menu-Icons/icon-menu-team.png?rev=c12f8ef9875245a5b2c2f709e55bfdf3&h=22&w=22&la=en&hash=9F1E68CE7EDA237752DE687C2921A894 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 8e55262ae7e51d5024fbb2d1cb7ca5d7aa8bc4d29699b1f817ce50340291a436 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:03 GMT X-Content-Type-Options nosniff Last-Modified Thu, 18 Jun 2020 18:24:20 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0261 Cache-Control private, max-age=604800 Content-Length 1214 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	icon-menu-health.png www.citibenefits.com/-/media/Mercer/Belong_Universal/Menu-Icons/	1 KB 2 KB	147ms 146ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/Belong_Universal/Menu-Icons/icon-menu-health.png?rev=9eef6e5ffc1849b981dd135d34a3fa46&h=22&w=22&la=en&hash=00B17CFBCED3ABABA876EC2EDEB38FFD Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 338a3342b85a754535cf4dec818b488cea9c098b0e670d618ba5ec9edff04bfa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Thu, 18 Jun 2020 18:24:14 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0259 Cache-Control private, max-age=604800 Content-Length 1284 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	icon-menu-health.png www.citibenefits.com/-/media/Mercer/Belong20Imagery/Universal-menu-icons/	1 KB 2 KB	146ms 146ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/Belong20Imagery/Universal-menu-icons/icon-menu-health.png?rev=435fd9d92d194f6d81785fa7730c4181&h=22&w=22&la=en&hash=D5E68E4810408A0D775208D00803CE5A Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 338a3342b85a754535cf4dec818b488cea9c098b0e670d618ba5ec9edff04bfa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Tue, 23 Jun 2020 15:51:07 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0259 Cache-Control private, max-age=604800 Content-Length 1284 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	icon-menu-wealth.png www.citibenefits.com/-/media/Mercer/Belong_Universal/Menu-Icons/	1 KB 2 KB	712ms 146ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/Belong_Universal/Menu-Icons/icon-menu-wealth.png?rev=1e28ecd2d665401c8dc41e73576aee7f&h=22&w=22&la=en&hash=C6224C8D62373E2753606F0A0B95B9E2 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash f8c2b9a3ab05ddb4edaef11929502aff3d20f04607563ea6470233f57efb33ec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Thu, 18 Jun 2020 18:24:26 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0261 Cache-Control private, max-age=604800 Content-Length 1177 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	icon-menu-life.png www.citibenefits.com/-/media/Mercer/Belong_Universal/Menu-Icons/	1 KB 2 KB	809ms 148ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/Belong_Universal/Menu-Icons/icon-menu-life.png?rev=970aa73b7f8e45fa926a814cd35958b8&h=22&w=22&la=en&hash=9E5DE5572A42E866E772AB5F7CB44E3F Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash e43e2f70301cd8ad59a2e2686174bb5cf8c16f390cabe70cb738ab4508f7bd14 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Thu, 18 Jun 2020 18:24:17 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0260 Cache-Control private, max-age=604800 Content-Length 1377 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	citi_logo.png www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Site-Logo/	9 KB 10 KB	533ms 150ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Site-Logo/citi_logo.png?rev=d10f36c2135a4b4eaca585dd41703b27&h=53&w=311&la=en&hash=775F10AA2AED70D59DA8184D04344401 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 15adb89f1f9a4d6aac4cddd57a2f4e1ceded965fac4fdcf44e70a225698ecba5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Tue, 04 Jun 2019 19:23:08 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0261 Cache-Control private, max-age=604800 Content-Length 9142 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	june-parents-self-care.jpg www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/	504 KB 505 KB	671ms 156ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/june-parents-self-care.jpg?rev=d2670ea7f21a4890b95d26195b2b2949 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 155b11f9288f9c3cd1ad117c8dfe8ed87c3f63fc58d9b5e53bfa1d48f545df90 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Fri, 19 May 2023 16:29:00 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0259 Cache-Control private, max-age=604800 Content-Length 516276 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	june-bright-horizons.jpg www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/	555 KB 556 KB	672ms 156ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/june-bright-horizons.jpg?rev=b06721827f6647768e45b8077ecb91b3 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 94e7263ed949adc8df233f1a1e11f53e8a8d88abcc9e17570c10de3bc746facf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Fri, 19 May 2023 16:27:05 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0259 Cache-Control private, max-age=604800 Content-Length 568454 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	carousel-june-global-community-day.jpg www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/	595 KB 596 KB	156ms 156ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/carousel-june-global-community-day.jpg?rev=3ae656d10c8e4f3e82b0f95d8f248353 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash f7117efb338d5d6479123c984dca2ab2d485eb8f6c3d14e599c09a21cd71c0bd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Tue, 24 May 2022 15:41:31 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0261 Cache-Control private, max-age=604800 Content-Length 609579 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Citi-Web-Rotator-Images---256-A---LGBTQ.jpg www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/	214 KB 215 KB	157ms 156ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/Citi-Web-Rotator-Images---256-A---LGBTQ.jpg?rev=4ab09707972b40b9a88e4b630d51d984 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 840997a71ecb3fe017ffb7459279259f58cb73a1518e865b5a6619840e5d1e17 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Thu, 01 Jun 2023 16:07:32 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0261 Cache-Control private, max-age=604800 Content-Length 219569 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	june-spending-account-claims.jpg www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/	241 KB 241 KB	160ms 160ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/Carousel/june-spending-account-claims.jpg?rev=b501eebf70e94b6bb5abd71ca8a3fe78 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash c084c75d48a936a1e7d9d8c00431f3244346614d119054c4466a0c016937bbb2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Fri, 19 May 2023 16:30:55 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0260 Cache-Control private, max-age=604800 Content-Length 246379 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	cta-icon-1.png www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/CTA/	4 KB 4 KB	150ms 149ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/CTA/cta-icon-1.png?rev=36abe1aa423a4cc898105a8807f060f9&hash=549E868F5C5B43F2BE7DD91D7E8C5A7E Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 7b819e307d1ef9e4761575b17b26aa610c8ec3601fa4573dfe17e914875b1210 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Apr 2022 21:46:52 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0261 Cache-Control private, max-age=604800 Content-Length 4001 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	cta-icon-2.png www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/CTA/	5 KB 6 KB	149ms 148ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/CTA/cta-icon-2.png?rev=163f44d37dca425f835bfbd90bebb729&hash=3783AC2413CE5AEC5E9EFB6EE87EF6CE Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 95dfae3d08333977c8160c2cb9e95297bf5c638ef0e1526a996af2ccd310f7dc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Apr 2022 21:46:54 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0260 Cache-Control private, max-age=604800 Content-Length 5237 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	cta-icon-3.ashx www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/CTA/	5 KB 6 KB	152ms 149ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/CTA/cta-icon-3.ashx?rev=935cdb8587bf4780a697d94c06e9cd60&hash=3B14B03E880EC33BD534C1A5C9638EB6 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 5beaf7991553d44999c61dbe013993d411d15a6af53462b302f69e559981bd50 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Apr 2022 21:42:41 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0261 Cache-Control private, max-age=604800 Content-Length 5484 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	news-custom1.jpg www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/News/	66 KB 67 KB	155ms 154ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/News/news-custom1.jpg?rev=db19ffb411914e32b4bc83afa78ada78 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 90449fe6514bcd051539a69f7980b80b457b27827b7ca8a5da43c4167c6f9575 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Apr 2022 21:41:23 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0261 Cache-Control private, max-age=604800 Content-Length 68070 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	news-custom2.jpg www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/News/	42 KB 43 KB	156ms 155ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/News/news-custom2.jpg?rev=5908913197f34b809ed297960a609159 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 2bba59cdb5a4f1f9075621705e0b24dc511f5baebe328f0d1303e9565108b08b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Apr 2022 21:41:21 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0260 Cache-Control private, max-age=604800 Content-Length 43084 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	news-tile-lgbtq.jpg www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/	81 KB 82 KB	160ms 159ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/news-tile-lgbtq.jpg?rev=68f7bfaf3d4d434bb3273d3a88c073e4 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash cc3be9d71d1b6ebb883572c4a94e389c79584c4a375882b84e9b10a28645e7ed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Fri, 13 Jan 2023 19:40:56 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0260 Cache-Control private, max-age=604800 Content-Length 83373 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	b20-news-apr-23.jpg www.citibenefits.com/-/media/Mercer/Belong20Imagery/News-images/	62 KB 63 KB	156ms 156ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/Belong20Imagery/News-images/b20-news-apr-23.jpg?rev=c5c90de885a343cf82b332452c3dcb6a Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 86c3af885d78d0416b54bd52fd22ebf9df892135a11cfb337a137e6a9ad1ee0e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Wed, 29 Mar 2023 20:00:44 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0259 Cache-Control private, max-age=604800 Content-Length 63469 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	b20-news-jun-23.jpg www.citibenefits.com/-/media/Mercer/Belong20Imagery/News-images/	72 KB 73 KB	145ms 145ms	Image image/jpeg	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/Belong20Imagery/News-images/b20-news-jun-23.jpg?rev=ca94348c5f97460ca92cd6540996b9d0 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 16171cc04349db2c6a2ec311efa5bee93b6c14406ebd620f02b5eee408647a04 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Mon, 29 May 2023 14:38:43 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg X-NID 0261 Cache-Control private, max-age=604800 Content-Length 73702 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	e9a46beb2e864895a6cc5176def45506.js Show response www.citibenefits.com/resources/global/js/design/	2 MB 521 KB	162ms 162ms	Script application/x-javascript	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/resources/global/js/design/e9a46beb2e864895a6cc5176def45506.js?v=DD907A15BE7D1355EC5F7DD75B1DE005 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 5d3830c9e6d1d9565963a4877eaf164ba1e43f36846728827d2e3bcb65436e04 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip X-Content-Type-Options nosniff Date Mon, 19 Jun 2023 03:48:03 GMT Last-Modified Mon, 19 Jun 2023 01:36:57 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/x-javascript; charset=utf-8 Transfer-Encoding chunked X-NID 0260 Cache-Control public, max-age=2592000 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	secondary-ad.png www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/AdSpace/	25 KB 26 KB	171ms 152ms	Image image/png	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Show image Full URL https://www.citibenefits.com/-/media/Mercer/CitiBenefits/Images/B22_Upgrade/AdSpace/secondary-ad.png?rev=c12d836c811e45058cf943cd2234c77a Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 6e40cf819d0e7df3c843ecb322e7f8f533bbff5caa64323b7c5a460531484481 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Apr 2022 21:41:41 GMT X-Frame-Options SAMEORIGIN Content-Type image/png X-NID 0260 Cache-Control private, max-age=604800 Content-Length 25847 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	fa-solid-900-woff2.woff2 www.citibenefits.com/-/media/files/fonts/	127 KB 127 KB	272ms 142ms	Font application/octet-stream	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/-/media/files/fonts/fa-solid-900-woff2.woff2 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Origin https://www.citibenefits.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:03 GMT X-Content-Type-Options nosniff Last-Modified Mon, 18 Nov 2019 18:11:29 GMT X-Frame-Options SAMEORIGIN Content-Type application/octet-stream X-NID 0261 Cache-Control private, max-age=604800 Content-Disposition attachment; filename="fa-solid-900-woff2.woff2" Content-Length 129832 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	ProximaNova-Bold.otf www.citibenefits.com/-/media/files/fonts/	62 KB 63 KB	278ms 143ms	Font application/octet-stream	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/-/media/files/fonts/ProximaNova-Bold.otf Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Origin https://www.citibenefits.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Mon, 18 Nov 2019 18:17:28 GMT X-Frame-Options SAMEORIGIN Content-Type application/octet-stream X-NID 0259 Cache-Control private, max-age=604800 Content-Disposition attachment; filename="ProximaNova-Bold.otf" Content-Length 63808 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	ProximaNova-Light.otf www.citibenefits.com/-/media/files/fonts/	61 KB 62 KB	277ms 143ms	Font application/octet-stream	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/-/media/files/fonts/ProximaNova-Light.otf Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Origin https://www.citibenefits.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:04 GMT X-Content-Type-Options nosniff Last-Modified Mon, 18 Nov 2019 18:17:36 GMT X-Frame-Options SAMEORIGIN Content-Type application/octet-stream X-NID 0259 Cache-Control private, max-age=604800 Content-Disposition attachment; filename="ProximaNova-Light.otf" Content-Length 62968 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	ProximaNova-Semibold.otf www.citibenefits.com/-/media/files/fonts/	62 KB 62 KB	393ms 146ms	Font application/octet-stream	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/-/media/files/fonts/ProximaNova-Semibold.otf Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Origin https://www.citibenefits.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:03 GMT X-Content-Type-Options nosniff Last-Modified Mon, 18 Nov 2019 18:17:44 GMT X-Frame-Options SAMEORIGIN Content-Type application/octet-stream X-NID 0260 Cache-Control private, max-age=604800 Content-Disposition attachment; filename="ProximaNova-Semibold.otf" Content-Length 63116 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	ProximaNova-Regular.otf www.citibenefits.com/-/media/files/fonts/	61 KB 62 KB	393ms 145ms	Font application/octet-stream	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/-/media/files/fonts/ProximaNova-Regular.otf Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Origin https://www.citibenefits.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:03 GMT X-Content-Type-Options nosniff Last-Modified Mon, 18 Nov 2019 18:17:40 GMT X-Frame-Options SAMEORIGIN Content-Type application/octet-stream X-NID 0261 Cache-Control private, max-age=604800 Content-Disposition attachment; filename="ProximaNova-Regular.otf" Content-Length 62892 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	p.js Show response matomo.us-east-1.prod.ext.mercer.com/	128 KB 38 KB	880ms 125ms	Script application/javascript	167.245.12.11 MMC
General Check archive.org Show headers Download Go to Full URL https://matomo.us-east-1.prod.ext.mercer.com/p.js Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/resources/global/js/design/e9a46beb2e864895a6cc5176def45506.js?v=DD907A15BE7D1355EC5F7DD75B1DE005 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.245.12.11 , United States, ASN17161 (MMC, US), Reverse DNS career-analytics.mercer.com Software Apache / Resource Hash f1839d7e60fc07b171e808db9526cc9600e4a625990a7185f834459f060c6f0f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://www.citibenefits.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Mon, 19 Jun 2023 03:48:06 GMT Content-Encoding gzip Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Last-Modified Fri, 10 Jun 2022 19:33:55 GMT Server Apache ETag "1fe33-5e11d04e34a27" Transfer-Encoding chunked Content-Type application/javascript Accept-Ranges bytes
GET H/1.1	200 OK	fa-regular-400-woff2.woff2 www.citibenefits.com/-/media/files/fonts/	156 KB 157 KB	546ms 501ms	Font application/octet-stream	205.156.141.241 MMC
General Check archive.org Show headers Download Go to Full URL https://www.citibenefits.com/-/media/files/fonts/fa-regular-400-woff2.woff2 Requested by Host: www.citibenefits.com URL: https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 205.156.141.241 , United States, ASN17161 (MMC, US), Reverse DNS nrg.mercerbelong.com Software / Resource Hash 42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.citibenefits.com/resources/global/css/design/e9a46beb2e864895a6cc5176def45506.css?v=943008AB479A31CD1BC2CB53E679B149 Origin https://www.citibenefits.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Mon, 19 Jun 2023 03:48:05 GMT X-Content-Type-Options nosniff Last-Modified Tue, 26 Nov 2019 21:29:24 GMT X-Frame-Options SAMEORIGIN Content-Type application/octet-stream X-NID 0259 Cache-Control private, max-age=604800 Content-Disposition attachment; filename="fa-regular-400-woff2.woff2" Content-Length 159884 X-XSS-Protection 1; mode=block
POST H/1.1	204 No Response	p.dyd matomo.us-east-1.prod.ext.mercer.com/	0 280 B	410ms 409ms	Ping text/plain	167.245.12.11 MMC
General Check archive.org Show headers Download Go to Full URL https://matomo.us-east-1.prod.ext.mercer.com/p.dyd?action_name=Citi%20Benefits%20%7C%20Home&idsite=67&rec=1&r=526612&h=3&m=48&s=6&url=https%3A%2F%2Fwww.citibenefits.com%2F&_id=d66c6d8b9c775655&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=auth_no%2Cprofile_no&pv_id=8Hx61e&ip=Qf3OwnulRsFkBkAn0RmUjg%3D%3D%24MQH7k%2Bs%2F4jwA2UZ7UMGBoQ%3D%3D&fa_pv=1&fa_fp[0][fa_vid]=Kiy0t6&fa_fp[0][fa_fv]=1&pf_net=420&pf_srv=857&pf_tfr=3&pf_dm1=1596 Requested by Host: matomo.us-east-1.prod.ext.mercer.com URL: https://matomo.us-east-1.prod.ext.mercer.com/p.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.245.12.11 , United States, ASN17161 (MMC, US), Reverse DNS career-analytics.mercer.com Software Apache / PHP/7.4.19 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers Referer https://www.citibenefits.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers Access-Control-Allow-Origin https://www.citibenefits.com Date Mon, 19 Jun 2023 03:48:06 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Access-Control-Allow-Credentials true Server Apache X-Powered-By PHP/7.4.19

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| subscribeEvent function| unsubscribeEvent function| startActivityHandler function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent function| GetIEVersion function| setup_ieMaintenance function| saveAs function| ics object| $mer function| prepShowAllHiddenPanels function| prepStyleRotation function| prepDebugger function| logMe function| removeCurtain function| removeCurtain2 function| removeCurtain3 function| prepPositionPanel function| formatInput function| formatPerc function| formatPct function| formatCur function| formatCurrency function| unformatCurrency function| unformatCurrency2 function| unformatCurrency3 object| dates function| validateDate function| patchTheDate function| prepTopNav function| topNavSetup function| topNavSetupASPX function| validateJSONOutput function| showErrorDialog function| setup_alertModal function| setup_subNavBar function| setup_misc1 function| setup_homeSlickStartup function| setup_mobileSlickStartup function| setup_slickStartup function| setup_search function| setup_cloneForMobile function| setup_cta_dropdown function| setup_notificationBar function| setup_mainMenu function| setup_overlayMask function| setup_equalizer function| scrollToTop function| setup_footer function| setup_misc function| setup_operatingSystem function| setup_resourceFilter function| setup_contactsFilterV2 function| setup_contactsFilterV1 function| setup_leFilterV1 function| setup_leFilterV2 function| RightMenuPosition function| customCheckbox function| GetParameterValues function| setup_QABStates function| setup_QAB function| setup_toggleDashboards function| setupEventCal function| eventSorting object| pen object| pn function| initQAB function| setup_filters function| setup_pagination function| setup_resources_v2 object| intlData function| baseCompare function| baseMath function| isObject function| convertUTCDateToLocalDate object| DashboardManager object| _paq function| setupMatomo function| $ function| jQuery object| Foundation object| Tablesaw function| _ function| s function| calculateTimerStart function| calculateTimerElapsed function| log object| classie object| Handlebars object| HandlebarsIntl object| $secondarySidebar object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.citibenefits.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: at1q4zaeatbh0ibw33lymekc
			www.citibenefits.com/	1970-01-20 22:15:06	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 27f4520642b94f48bb2c1d6f80fa0118|False
			.www.citibenefits.com/	1969-12-31 23:59:59	Name: TS017d43b3 Value: 011c2377629baee7c07c72592319dffe614e9d272b8928ca158bcd85dbb0b5a590ffa2d2846d908890b7791279b1f0744df2e91bad8a6269623e243f7f7cb90fd18929b54bfa7fbf5fa79ae8be4cbe0c259e84615b
			www.citibenefits.com/	1970-01-20 22:05:01	Name: _pk_id.67.bc26 Value: d66c6d8b9c775655.1687146486.
			www.citibenefits.com/	1970-01-20 12:39:08	Name: _pk_ses.67.bc26 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' http://*.mercer.com https://*.mercer.com http://*.trustarc.com https://*.trustarc.com https://*.cloudflare.com https://*.firebaseapp.com https://*.vimeocdn.com https://*.google-analytics.com https://*.pez.ai https://*.trueviewportal.com https://*.google.com https://*.gstatic.com https://*.socrates.ai https://www.youtube-nocookie.com https://web.microsoftstream.com 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

matomo.us-east-1.prod.ext.mercer.com
www.citibenefits.com
167.245.12.11
205.156.141.241
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
155b11f9288f9c3cd1ad117c8dfe8ed87c3f63fc58d9b5e53bfa1d48f545df90
15adb89f1f9a4d6aac4cddd57a2f4e1ceded965fac4fdcf44e70a225698ecba5
16171cc04349db2c6a2ec311efa5bee93b6c14406ebd620f02b5eee408647a04
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
2bba59cdb5a4f1f9075621705e0b24dc511f5baebe328f0d1303e9565108b08b
338a3342b85a754535cf4dec818b488cea9c098b0e670d618ba5ec9edff04bfa
396243c09123d896029f6b89a7b3128ba9a1f8497fb3b7caa0a9d5782e98813f
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b
4fbf40eb2f7b5e4dedf43f5cd0ce834a975910c114a56faeb7c8c5bc203971e7
5beaf7991553d44999c61dbe013993d411d15a6af53462b302f69e559981bd50
5d3830c9e6d1d9565963a4877eaf164ba1e43f36846728827d2e3bcb65436e04
6e40cf819d0e7df3c843ecb322e7f8f533bbff5caa64323b7c5a460531484481
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
7b819e307d1ef9e4761575b17b26aa610c8ec3601fa4573dfe17e914875b1210
840997a71ecb3fe017ffb7459279259f58cb73a1518e865b5a6619840e5d1e17
86c3af885d78d0416b54bd52fd22ebf9df892135a11cfb337a137e6a9ad1ee0e
8e55262ae7e51d5024fbb2d1cb7ca5d7aa8bc4d29699b1f817ce50340291a436
90449fe6514bcd051539a69f7980b80b457b27827b7ca8a5da43c4167c6f9575
94e7263ed949adc8df233f1a1e11f53e8a8d88abcc9e17570c10de3bc746facf
95dfae3d08333977c8160c2cb9e95297bf5c638ef0e1526a996af2ccd310f7dc
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
a85cbd1c9c615c45b21c159700ad596ae184693253cb7f919d812451e997c312
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec
c084c75d48a936a1e7d9d8c00431f3244346614d119054c4466a0c016937bbb2
cafb9ed56f6a54b3132e399c762d61b692557bea7fb4ea107b076ed0730fe722
cc3be9d71d1b6ebb883572c4a94e389c79584c4a375882b84e9b10a28645e7ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43e2f70301cd8ad59a2e2686174bb5cf8c16f390cabe70cb738ab4508f7bd14
f1839d7e60fc07b171e808db9526cc9600e4a625990a7185f834459f060c6f0f
f7117efb338d5d6479123c984dca2ab2d485eb8f6c3d14e599c09a21cd71c0bd
f8c2b9a3ab05ddb4edaef11929502aff3d20f04607563ea6470233f57efb33ec