www.34-125-214-216.cprapid.com Open in urlscan Pro
34.125.214.216  Malicious Activity! Public Scan

URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Submission: On November 18 via manual from IN — Scanned from DE

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 92 HTTP transactions. The main IP is 34.125.214.216, located in Las Vegas, United States and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is www.34-125-214-216.cprapid.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 13th 2021. Valid for: 3 months.
This is the only time www.34-125-214-216.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

Domain Requested by
71 online.citi.com www.34-125-214-216.cprapid.com
online.citi.com
5 www.google.com www.34-125-214-216.cprapid.com
cse.google.com
2 6260004.fls.doubleclick.net 1 redirects www.34-125-214-216.cprapid.com
2 resources.digital-cloud-citi.medallia.com www.34-125-214-216.cprapid.com
2 www.34-125-214-216.cprapid.com online.citi.com
1 adservice.google.com 6260004.fls.doubleclick.net
1 udc-neb.kampyle.com www.34-125-214-216.cprapid.com
1 nebula-cdn.kampyle.com resources.digital-cloud-citi.medallia.com
1 bid.g.doubleclick.net www.34-125-214-216.cprapid.com
1 sr.rlcdn.com www.34-125-214-216.cprapid.com
1 cse.google.com online.citi.com
1 di.rlcdn.com www.34-125-214-216.cprapid.com
1 www.googleadservices.com www.34-125-214-216.cprapid.com
0 contents3.00110.citi.com Failed online.citi.com
0 stags.bluekai.com Failed www.34-125-214-216.cprapid.com
92 15
Subject Issuer Validity Valid
auth05secureverify-login01.3-a.net
cPanel, Inc. Certification Authority
2021-11-13 -
2022-02-11
3 months crt.sh
online.citibank.com
DigiCert SHA2 Extended Validation Server CA
2020-03-13 -
2022-05-14
2 years crt.sh
www.googleadservices.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
www.google.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.digital-cloud-citi.medallia.com
SSL.com RSA SSL subCA
2021-11-15 -
2022-10-20
a year crt.sh
*.google.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh

This page contains 5 frames:

Primary Page: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Frame ID: F604466173B91C1A36E60689036D531E
Requests: 87 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 36FA0A4D348CCD65FEA95E3300F7DAD5
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_pr%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do&phint=__bk_l%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB&phint=__bk_v%3D3.1.8&limit=10&r=61954064
Frame ID: B42241AB7A9A8110FAAE65D8B15723C3
Requests: 1 HTTP requests in this frame

Frame: https://6260004.fls.doubleclick.net/activityi;dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB
Frame ID: 8ED3FF3E62C5CBF77948A819157B2C08
Requests: 2 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 101E1D08D9DB3A950B1FCE62F036FB86
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Online Banking, Mortgages, Personal Loans, Investing | Citi.com

Page Statistics

92
Requests

95 %
HTTPS

23 %
IPv6

9
Domains

15
Subdomains

14
IPs

2
Countries

2489 kB
Transfer

5990 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://6260004.fls.doubleclick.net/activityi;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB HTTP 302
  • https://6260004.fls.doubleclick.net/activityi;dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB

92 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
www.34-125-214-216.cprapid.com/auth/
201 KB
202 KB
Document
General
Full URL
https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.125.214.216 Las Vegas, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
216.214.125.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
9424a9bd37f8a8bfa9593148c7f58f3460e86d849af5a797172c53eb6d14a441

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 18 Nov 2021 08:07:56 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
styles.css
online.citi.com//ui.powerreviews.com/tag-builds/10111/4.0/
0
0
Stylesheet
General
Full URL
https://online.citi.com//ui.powerreviews.com/tag-builds/10111/4.0/styles.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

conversion_async.js
www.googleadservices.com/pagead/
37 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14378
x-xss-protection
0
server
cafe
etag
684346926396516684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 08:07:56 GMT
main.css
online.citi.com/GFC/branding/responsivebranding/css/
46 KB
8 KB
Stylesheet
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/css/main.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bd3ccc27cf9be600088075633085caa59ffdc6226dd98603eee03baee986d7d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 09:55:15 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
7313
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
ddl.min.css
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/
624 KB
69 KB
Stylesheet
General
Full URL
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 06:51:10 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
69731
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
jfpm.autocomplete.off.js
online.citi.com/JFP/js/modules/
1 KB
894 B
Script
General
Full URL
https://online.citi.com/JFP/js/modules/jfpm.autocomplete.off.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
344
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
main_branding.css
online.citi.com/GFC/branding/responsivebranding/css/
332 KB
47 KB
Stylesheet
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/css/main_branding.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6f62163437764c5ba5175120e4741cb76d1d48cecfec3224ebdf2b856cfe046
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 15:43:06 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
47322
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
branding_header_v2.css
online.citi.com/GFC/branding/responsivebranding/css/
121 KB
15 KB
Stylesheet
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9a1b668eb01f48f23ea23ef4b756ec79671636184cc8a435716219179479a596
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 05:41:24 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
15267
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
branding_footer_v2.css
online.citi.com/GFC/branding/responsivebranding/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
482589f759fc49dfe43504889a3bd57361e94b46c97e5a92a81bb6716e766fb1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 09:49:09 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
3736
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
vendor.js
online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/
204 KB
64 KB
Script
General
Full URL
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/vendor.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f2dd1ff20c3df202418f9d59c76f40bdb304d7a85d7163fc9935391528f3dee8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 17:12:06 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
64910
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Bootstrap.js
online.citi.com//nexus.ensighten.com/citi/na_prod/
0
0
Script
General
Full URL
https://online.citi.com//nexus.ensighten.com/citi/na_prod/Bootstrap.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

homePage.min.css
online.citi.com/loginpage/styles/
24 KB
5 KB
Stylesheet
General
Full URL
https://online.citi.com/loginpage/styles/homePage.min.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e035b79ab90f8c8ce0c5d34ae36fd666e84353307bdbf06ca62fdff8e77691dd
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 13 Oct 2020 18:02:06 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
5046
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
jquery.tmpl.js
online.citi.com/JFP/js/jquery/plugins/
6 KB
3 KB
Script
General
Full URL
https://online.citi.com/JFP/js/jquery/plugins/jquery.tmpl.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
2905
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
fp.min.js
online.citi.com/JSO/js/
15 KB
5 KB
Script
General
Full URL
https://online.citi.com/JSO/js/fp.min.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
4322
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
citilive-search-responsive.css
online.citi.com/JEA/CitiSearch/nexus-platform/css/
1 KB
876 B
Stylesheet
General
Full URL
https://online.citi.com/JEA/CitiSearch/nexus-platform/css/citilive-search-responsive.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61eb086edee74d836ac3ff4cf7e7eefb28f97934c0e17748251e3db8d949c0b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Sun, 14 Nov 2021 08:24:22 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:56 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:56 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
337
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
cse_element__en.js
www.google.com/cse/static/element/a57bc5975bc720b0/
275 KB
90 KB
Script
General
Full URL
https://www.google.com/cse/static/element/a57bc5975bc720b0/cse_element__en.js?usqp=CAM%3D
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ce5619a84bf7d3e559a5b45aa7f56fee491dd3f648775bbb7b42cb1f6f3c6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 23:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92399
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 18:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 15 Nov 2022 23:32:48 GMT
default+en.css
www.google.com/cse/static/element/a57bc5975bc720b0/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/a57bc5975bc720b0/default+en.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:30:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9032
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 18:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 12 Nov 2022 04:30:18 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
5 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:59:25 GMT
x-content-type-options
nosniff
age
511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4495
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 18 Nov 2021 08:49:25 GMT
463166.gif
di.rlcdn.com/
0
66 B
Image
General
Full URL
https://di.rlcdn.com/463166.gif?partner_uid=7d0f4114-b82d-409a-851f-1e7f7c838e38
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
bcsid.js
online.citi.com/passivebio/
947 B
977 B
Script
General
Full URL
https://online.citi.com/passivebio/bcsid.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 30 Oct 2018 06:18:02 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
427
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
BiocatchATO.js
online.citi.com/passivebio/
602 KB
113 KB
Script
General
Full URL
https://online.citi.com/passivebio/BiocatchATO.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7075cd51e089027f92c8cbb5fa73d4df72bd8a58e112ea577133f4bc7667bada
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Sat, 24 Apr 2021 05:43:28 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
114417
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
pl-profile.png
online.citi.com/GFC/branding/img/redesigned/
678 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/pl-profile.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
96a25378d5d5fed38414a3d798eddc8367ebb206b45b125c837b9bab43c8799d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
last-modified
Tue, 21 Jul 2020 15:27:27 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
678
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
atmbranchloc.svg
online.citi.com/GFC/branding/img/redesigned/
2 KB
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/atmbranchloc.svg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Wed, 29 Jul 2020 05:29:17 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
758
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/svg+xml
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
lang.svg
online.citi.com/GFC/branding/img/redesigned/
3 KB
2 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/lang.svg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e37a02e78fe6cf2e9359c395b6c677688c4d4ea5f8f7d4cd79ae03824daa44d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 04 Aug 2020 06:59:05 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
1434
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/svg+xml
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
cc-know.png
online.citi.com/GFC/branding/img/redesigned/
547 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/cc-know.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e8296753489472722a900b40958f4cb93b5efa530499287debe37fdaac97cdb
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
last-modified
Fri, 17 Jul 2020 09:29:34 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
547
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
cc-mail.png
online.citi.com/GFC/branding/img/redesigned/
713 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/cc-mail.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
351566f41ad89bb03b7855b58661b377836aebe50db166052eaa17f17e156799
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
last-modified
Fri, 03 Jul 2020 10:19:28 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
713
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
banking-savings.png
online.citi.com/GFC/branding/img/redesigned/
917 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/banking-savings.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87578cd8ec6b565afd5be1b9a00845ca3dcb8024d64f2d96e4ce00bb07c94902
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
last-modified
Mon, 06 Jul 2020 06:45:19 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
917
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
mort-calculator.png
online.citi.com/GFC/branding/img/redesigned/
374 B
865 B
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/mort-calculator.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77aae11467c6e42598b9c17f8a34f9ffb08c3acedd22db327fabf5b1becd24a2
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
last-modified
Mon, 06 Jul 2020 07:56:13 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
374
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
mort-home.png
online.citi.com/GFC/branding/img/redesigned/
515 B
1005 B
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/mort-home.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
474a06e61c5ff0b6def6e5619529e0664e6fa2d9904ba6f796e4e1032c2ab3c3
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
last-modified
Mon, 06 Jul 2020 07:56:26 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
515
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Investing-FP.png
online.citi.com/GFC/branding/img/redesigned/
399 B
888 B
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/Investing-FP.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
31a7d0a6362cd6d8fcbb3200740a252be4fc633363cc71021fb18faf4470eb5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
last-modified
Mon, 06 Jul 2020 08:52:29 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
399
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Investing-MI.png
online.citi.com/GFC/branding/img/redesigned/
822 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/Investing-MI.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
643030db71af1915a7c02ec3589b64d1b826cb8c8c97e0f7b80d70e0c830726b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Mon, 06 Jul 2020 08:52:58 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
822
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Investing-II.png
online.citi.com/GFC/branding/img/redesigned/
894 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/Investing-II.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e0a06ba70b7556d61f872bd1ca50148094683ed1ba026a78164563d3c63db0c0
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Mon, 06 Jul 2020 08:52:35 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
894
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
atmbranch.png
online.citi.com/GFC/branding/img/redesigned/
697 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/atmbranch.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
489ac0d5e6bb586f0144108a782f87e10aa6387fa5925c0f7b526142dbbf9987
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 02 Jul 2020 08:41:48 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
697
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
WM-conce.png
online.citi.com/GFC/branding/img/redesigned/
819 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/WM-conce.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e866b41975af77f752d3feae581391b018128ad2cb495e783349ca49cb94c38
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Mon, 06 Jul 2020 09:28:15 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
819
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
cbol-smartSearch.css
online.citi.com/NCCS/smartSearch/css/
8 KB
1 KB
Stylesheet
General
Full URL
https://online.citi.com/NCCS/smartSearch/css/cbol-smartSearch.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 13 Feb 2018 16:10:30 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
899
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
search.png
online.citi.com/GFC/branding/img/redesigned/
540 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/search.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1cdd8699d632d98047b60975c127bde93707685555e0894c2087105e26298ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Sun, 12 Jul 2020 13:52:29 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
540
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
navigationMobile.png
online.citi.com/GFC/branding/img/redesigned/
137 B
628 B
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/navigationMobile.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9704bca992680b1698b6c364e5fd7fd20991aa230c700f3378765fdf99a8b27d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Tue, 21 Jul 2020 10:47:19 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
137
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
closeMobile.png
online.citi.com/GFC/branding/img/redesigned/
327 B
816 B
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/closeMobile.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87e414e65461d63f3c18fdec21dc973fbb3b04db9269aa2fa9f2b1e9fb4d58f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Tue, 21 Jul 2020 10:47:19 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
327
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
atmbranchlink.png
online.citi.com/GFC/branding/img/redesigned/
888 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/atmbranchlink.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
424b0508d87aeff62bf98099b98490558de97db21d02343fd4b0e46252a74d58
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Sun, 26 Jul 2020 08:00:17 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
888
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
icon_globe_med-grey.png
online.citi.com/GFC/branding/img/redesigned/
1 KB
2 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/icon_globe_med-grey.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f9ea3e5b79df3924376af98d3639b49ef970ef77063203b3ef3abaa84daca88a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 02 Jul 2020 08:42:08 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
1300
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
peworkflow.min.js
online.citi.com/personalization/
5 KB
2 KB
Script
General
Full URL
https://online.citi.com/personalization/peworkflow.min.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 06:51:10 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
1806
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
HP2.0_Diamond_Preferred_Hero_Card_Background.jpg
online.citi.com/JRS/banners/hero_background/
108 KB
108 KB
Image
General
Full URL
https://online.citi.com/JRS/banners/hero_background/HP2.0_Diamond_Preferred_Hero_Card_Background.jpg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
73bda4635bfa51c64ab47b1fba9a7cb20b6ab3ae44f7c1d2abf78041a9da0fee
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 15 Mar 2018 21:03:36 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
110256
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/jpeg
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
8150_cardArt.png
online.citi.com/JRS/banners/card_art/
44 KB
45 KB
Image
General
Full URL
https://online.citi.com/JRS/banners/card_art/8150_cardArt.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1cec78f793f28bed6cd96765e693bd6b7ba1efbfdd7d68ca5b8ea5390ff8bec0
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Mon, 03 Aug 2020 19:29:08 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
45386
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
M1-M7_DoubleCash.jpg
online.citi.com/JRS/banners/modules/
21 KB
21 KB
Image
General
Full URL
https://online.citi.com/JRS/banners/modules/M1-M7_DoubleCash.jpg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8083753fb5c831319d97aea7f3e2fbafb4e30c01e86f41ca32489fa00b9d0b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Fri, 16 Jul 2021 16:04:56 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
21180
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/jpeg
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Cards-tile-grey-1120.jpg
online.citi.com/JRS/banners/modules/
51 KB
52 KB
Image
General
Full URL
https://online.citi.com/JRS/banners/modules/Cards-tile-grey-1120.jpg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3636e5e8010b2e4e186788a748a7cbd16572b386cf2d67b3bea73cb7417abf9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Tue, 21 Sep 2021 22:10:14 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
52559
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/jpeg
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
8763_M1-M7.jpg
online.citi.com/JRS/banners/modules/
45 KB
45 KB
Image
General
Full URL
https://online.citi.com/JRS/banners/modules/8763_M1-M7.jpg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0fc0c5e3b942752d5a811676f479650575e3c0a6c42c25ed57311064b2d836a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Fri, 16 Jul 2021 16:05:20 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
45996
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/jpeg
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
M1-M7_Rewards.jpg
online.citi.com/JRS/banners/modules/
34 KB
35 KB
Image
General
Full URL
https://online.citi.com/JRS/banners/modules/M1-M7_Rewards.jpg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b880a027d8db72f3120d1666c1bc4f016c126d0d6e0b7852155c1ea204da4b63
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Fri, 16 Jul 2021 16:04:56 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
35239
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/jpeg
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
2020_Q3_HELOC_M1-M7-3UP.jpg
online.citi.com/JRS/banners/modules/
49 KB
49 KB
Image
General
Full URL
https://online.citi.com/JRS/banners/modules/2020_Q3_HELOC_M1-M7-3UP.jpg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67d342b059e3ee89919786b1a83c6ebb76b657bbbe0105d2c7c9876d08026c80
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Fri, 16 Jul 2021 16:05:20 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
50031
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/jpeg
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
social-media_facebook@2x.png
online.citi.com/GFC/branding/responsivebranding/img/
329 B
820 B
Image
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/img/social-media_facebook@2x.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9fa97f780f20b95ac6a2baeed3961d39ec6086e3417eb59cd294e4e528187b7b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
329
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
social-media_twitter@2x.png
online.citi.com/GFC/branding/responsivebranding/img/
840 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/img/social-media_twitter@2x.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d343d5e2bc616fe04642af586793b51ba2291a6c9616ee92e4246bde9fa72a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
840
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
social-media_youtube@2x.png
online.citi.com/GFC/branding/responsivebranding/img/
808 B
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/img/social-media_youtube@2x.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f43f86e82f4cf6b5ddf863fbb8cd9bafb53790bd2016a7b2b36d51ad96fb32b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 21 May 2020 04:51:42 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
808
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Citi_FooterLogo.png
online.citi.com/GFC/branding/responsivebranding/img/
27 KB
28 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/img/Citi_FooterLogo.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Wed, 20 May 2020 04:39:29 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
28149
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Citi_FooterLogo_Mobile.png
online.citi.com/GFC/branding/responsivebranding/img/
11 KB
12 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/img/Citi_FooterLogo_Mobile.png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Wed, 20 May 2020 04:39:29 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
11562
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
oo_engine.min.js
online.citi.com/GFC/branding/olab/js/
42 KB
12 KB
Script
General
Full URL
https://online.citi.com/GFC/branding/olab/js/oo_engine.min.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
11704
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
navBarRedesign.js
online.citi.com/GFC/branding/responsivebranding/js/
252 KB
30 KB
Script
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/js/navBarRedesign.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9631a9d9dd48f754dae53091527ca587e96b6862a8340d19b17888cba1d2170e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 09:39:17 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
29999
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
ddl.min.js
online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/
64 KB
18 KB
Script
General
Full URL
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ddl.min.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
17670
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
main.js
online.citi.com/GFC/branding/responsivebranding/js/
33 KB
8 KB
Script
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/js/main.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 14:46:15 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
7957
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
citilive-search.js
online.citi.com/JEA/CitiSearch/nexus-platform/js/
3 KB
1 KB
Script
General
Full URL
https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ff2cadd5d4f613bc461fe2c427466d05a6a7f975a7a763d8008616df5d757474
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Sun, 14 Nov 2021 08:24:01 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
957
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
cbol-smartSearch-inject.js
online.citi.com/NCCS/smartSearch/js/
13 KB
3 KB
Script
General
Full URL
https://online.citi.com/NCCS/smartSearch/js/cbol-smartSearch-inject.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b95fb980f8f91f1c113d3411d3fbf608e143bf4d10fe0706bb6d2231f13bd228
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Mon, 11 May 2020 19:00:46 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
3030
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
TMXProfiling.js
online.citi.com/TMX/
1 KB
1 KB
Script
General
Full URL
https://online.citi.com/TMX/TMXProfiling.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Fri, 10 Aug 2018 07:26:42 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
546
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
cobrowse_overlay.css
online.citi.com/GPS/portal/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://online.citi.com/GPS/portal/css/cobrowse_overlay.css
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 13 Aug 2019 07:17:14 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
1597
content-type
text/css
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
errorLogo.svg
online.citi.com/GFC/branding/img/
1 KB
1 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/errorLogo.svg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f9bd92ac3e3a127d29f3f9786e6233961312cd256b895975cb5dce2f363916e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 24 Apr 2018 15:26:47 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:58 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
584
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/svg+xml
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
citilive-search-library.js
online.citi.com/JEA/CitiSearch/nexus-platform/js/
179 KB
61 KB
Script
General
Full URL
https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-library.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 17:20:58 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
61658
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
citilive-search-service.js
online.citi.com/JEA/CitiSearch/nexus-platform/js/
9 KB
3 KB
Script
General
Full URL
https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-service.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 11 Sep 2018 07:31:14 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
2415
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
citi-search-tmpl.js
online.citi.com/JEA/CitiSearch/nexus-platform/js/
1 MB
732 KB
Script
General
Full URL
https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citi-search-tmpl.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4061018b43e420a8f4513629af7dc6c78465e9f9d42c13c97104c637c2480f25
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 07:27:38 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
747501
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
citilive-search-controller.js
online.citi.com/JEA/CitiSearch/nexus-platform/js/
132 KB
26 KB
Script
General
Full URL
https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search-controller.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0ed28149098ff4c10fe73564f0808527cc9ab60e4abcab1f05a5d02588e6a9ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Sat, 24 Apr 2021 05:43:48 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 18 Nov 2021 14:07:57 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
25945
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
generic1608054710811.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/
333 KB
62 KB
Script
General
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1608054710811.js
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78af61897fafb5a82b787273472a93de723186b17f46ed315617c70ae2b6a6fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Kqi2p6FS.A2AzLCJok5fsBD_5A7fWxpm
content-encoding
gzip
etag
"57e6c47a533050c63dc8fefbdeb401d1"
age
29300
via
1.1 varnish
x-cache
HIT
content-length
63129
x-amz-id-2
J5Uj+BkyIuFy7vicnvpR9wEGGvD7p7snCbjDf8Iw/MeIuJWDh4pGfKs95JefalJtxEGcLQ38yhk=
x-served-by
cache-fra19120-FRA
last-modified
Tue, 15 Dec 2020 17:51:52 GMT
server
AmazonS3
x-timer
S1637222878.533943,VS0,VE1
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
x-amz-request-id
GWWNSCAFDM67SFY1
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
1592741950571_CTA_Feedback(final).png
resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/
2 KB
3 KB
Image
General
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/1592741950571_CTA_Feedback(final).png
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Yu5KFpG13jOL6lsHUOzbaMYLsyQXTr7u
content-encoding
gzip
etag
"e6ed675f115fb1568bb1aabc00aa3f30"
age
30775
via
1.1 varnish
x-cache
HIT
content-length
2219
x-amz-id-2
W6hLL3l4nFX5eN21igahGZfQTgEEwJ7lasF8tjX6GfvxPOGjF1TfRaRUEjJ7DLhl/ZN9Wi0U1Rc=
x-served-by
cache-fra19120-FRA
last-modified
Sun, 21 Jun 2020 12:19:35 GMT
server
AmazonS3
x-timer
S1637222878.534102,VS0,VE1
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
x-amz-request-id
7Q1PQE57J8FP0PV8
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
image/png
x-cache-hits
1
citilogoredesign.png
online.citi.com/GFC/branding/img/redesigned/
2 KB
2 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/redesigned/citilogoredesign.png
Requested by
Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 02 Jul 2020 07:18:33 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
1799
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Interstate-Light.woff
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/
74 KB
74 KB
Font
General
Full URL
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/Interstate-Light.woff
Requested by
Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Referer
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Origin
https://www.34-125-214-216.cprapid.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin
*
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
75483
content-type
text/plain
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Interstate-Regular.ttf
online.citi.com/JFP/fonts/
150 KB
79 KB
Font
General
Full URL
https://online.citi.com/JFP/fonts/Interstate-Regular.ttf
Requested by
Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c891ffec93e4e682a8621d0e632f8d918d75857dfb0983cb357a032933fad03
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Referer
https://online.citi.com/GFC/branding/responsivebranding/css/branding_header_v2.css
Origin
https://www.34-125-214-216.cprapid.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin
*
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
79753
content-type
text/plain
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Interstate-Bold.woff
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/
70 KB
71 KB
Font
General
Full URL
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/Interstate-Bold.woff
Requested by
Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Referer
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Origin
https://www.34-125-214-216.cprapid.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 17:16:57 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
access-control-allow-origin
*
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
71859
content-type
text/plain
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
a410c031-6bcd-40c7-b564-e421736cfd52
https://www.34-125-214-216.cprapid.com/
161 KB
0
Other
General
Full URL
blob:https://www.34-125-214-216.cprapid.com/a410c031-6bcd-40c7-b564-e421736cfd52
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
165178
close.svg
online.citi.com/loginpage/images/icons/svgs/
1 KB
1 KB
Image
General
Full URL
https://online.citi.com/loginpage/images/icons/svgs/close.svg
Requested by
Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 17:12:07 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:58 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
641
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/svg+xml
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
HP8564_M.jpg
online.citi.com/JRS/banners/modules/
71 KB
72 KB
Image
General
Full URL
https://online.citi.com/JRS/banners/modules/HP8564_M.jpg
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c193d1d0ed44d73f08a6e23c949d9ee2126b1d487ef9c0aa5c4e9cf47c3a1a84
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Fri, 16 Jul 2021 16:04:54 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
72898
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/jpeg
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
arrow-btn-next-blue-sm-bold.svg
online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/
918 B
1012 B
Image
General
Full URL
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-blue-sm-bold.svg
Requested by
Host: online.citi.com
URL: https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ddl.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 16:59:12 GMT
x-akamai-citisite
SWDC
date
Thu, 18 Nov 2021 08:07:58 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
499
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/svg+xml
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Citi-Branding-Sprite.png
online.citi.com/GFC/branding/img/
5 KB
5 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/img/Citi-Branding-Sprite.png
Requested by
Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Wed, 14 Jun 2017 18:29:01 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
4952
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
googlePlay_2px.png
online.citi.com/GFC/branding/responsivebranding/img/
9 KB
10 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/img/googlePlay_2px.png
Requested by
Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c4287f94e9dc9cda82125a6f528b0d4dcd8c2e9ee26b899c4481490312b146a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 27 Sep 2018 21:21:52 GMT
x-akamai-citisite
GTDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
9255
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
appStore_2px.png
online.citi.com/GFC/branding/responsivebranding/img/
8 KB
9 KB
Image
General
Full URL
https://online.citi.com/GFC/branding/responsivebranding/img/appStore_2px.png
Requested by
Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2e1950e9fecaa7d00944c88becb315026208890e3d9ffe2545504105e181ad47
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 08:07:58 GMT
last-modified
Thu, 27 Sep 2018 21:19:09 GMT
x-akamai-citisite
SWDC
strict-transport-security
max-age=300
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
8272
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/png
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
arrow-btn-next-white-sm-bold.svg
online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/
918 B
1009 B
Image
General
Full URL
https://online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/arrow-btn-next-white-sm-bold.svg
Requested by
Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f918cd256712c03a1b88007176cabf623cc63740e919d35a217c18dc7ebe607
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.citi.com/GFC/branding/responsivebranding/css/branding_footer_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 17:22:45 GMT
x-akamai-citisite
GTDC
date
Thu, 18 Nov 2021 08:07:58 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-length
496
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
accept-ranges
bytes
content-type
image/svg+xml
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
cse.js
cse.google.com/cse/
10 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Requested by
Host: online.citi.com
URL: https://online.citi.com/GFC/branding/responsivebranding/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5ef3486cabdf4baef9fbe885a9b9045cc7dc9b981a047a69576f46b8be490310
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Thu, 18 Nov 2021 08:07:57 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3499
x-xss-protection
0
expires
Thu, 18 Nov 2021 08:07:57 GMT
ddlbase.css
www.34-125-214-216.cprapid.com/JRS/Marketing/common/DDL/1.1.11/styles/
0
0
Stylesheet
General
Full URL
https://www.34-125-214-216.cprapid.com/JRS/Marketing/common/DDL/1.1.11/styles/ddlbase.css
Requested by
Host: online.citi.com
URL: https://online.citi.com/JEA/CitiSearch/nexus-platform/js/citilive-search.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.125.214.216 Las Vegas, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
216.214.125.34.bc.googleusercontent.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 08:07:57 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
cse_element__de.js
www.google.com/cse/static/element/54e62135847a1703/
300 KB
100 KB
Script
General
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/cse_element__de.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
383034a475005344e388b34fdca2708e38d4dedc1505b22d31b0767d1fe32af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101829
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 17 Nov 2022 21:09:25 GMT
default+de.css
www.google.com/cse/static/element/54e62135847a1703/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 17 Nov 2022 21:09:25 GMT
425466.html
sr.rlcdn.com/ Frame 36FA
0
98 B
Document
General
Full URL
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/

Response headers

date
Thu, 18 Nov 2021 08:07:57 GMT
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
63068
stags.bluekai.com/site/ Frame B422
0
0

activityi;dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Fl...
6260004.fls.doubleclick.net/ Frame 8ED3
Redirect Chain
  • https://6260004.fls.doubleclick.net/activityi;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2...
  • https://6260004.fls.doubleclick.net/activityi;dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=ht...
444 B
704 B
Document
General
Full URL
https://6260004.fls.doubleclick.net/activityi;dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB?
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f6.1e100.net
Software
cafe /
Resource Hash
e06be077cf5b267953abb5386aa552d01bf1d1e0d625be61aad6b5e8ead2c864
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 18 Nov 2021 08:07:57 GMT
expires
Thu, 18 Nov 2021 08:07:57 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
365
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 18 Nov 2021 08:07:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6260004.fls.doubleclick.net/activityi;dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
bid.g.doubleclick.net/xbbe/ Frame 101E
0
559 B
Document
General
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 18 Nov 2021 08:07:57 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 18 Nov 2021 08:07:57 GMT
cache-control
private
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/
14 KB
5 KB
Script
General
Full URL
https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by
Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1608054710811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding
gzip
etag
"80dd5e3be5152c5c72d552c6a26ef6ff"
age
341402
via
1.1 varnish
x-cache
HIT
content-length
5197
x-amz-id-2
pHeUzC6+qBOfm81AEOHRZaFtOtah4u8rAZ2DP4Pyd7K6NDf/lSq/IGnqCk/SIn9qgnD/JHqRTzI=
x-served-by
cache-fra19179-FRA
last-modified
Sun, 24 Jan 2021 11:03:10 GMT
server
AmazonS3
x-timer
S1637222878.906915,VS0,VE0
date
Thu, 18 Nov 2021 08:07:57 GMT
vary
Accept-Encoding
x-amz-request-id
4N69ZY3D7X53TVBR
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
4657
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/
0
318 B
Image
General
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk1LjAuNDYzOC41NCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTYzNzIyMjg3NzkxNSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTdkMzIxNjhhZDljYjAtMDMxZjRhM2U0ZGVlZTQtNTdiMTkzZS0xZDRjMDAtMTdkMzIxNjhhZGFiYjgiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly93d3cuMzQtMTI1LTIxNC0yMTYuY3ByYXBpZC5jb20vYXV0aC9sb2dpbi5waHA/cHJpbWFyeW1lbWJlcl9pZD1hYTI5ZWQyZWUyZGRmYzQwYTM0YjdhNWVhIiwid2Vic2l0ZUlkIjogNTAsImZlZWRiYWNrX3V1aWQiOiBudWxsLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI2YTI0LTk5YjAtOWJiNC05MThmLTlkZDQtNDRmZi1kOGIyLTFiMjkiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTYzNzIyMjg3Nzg4MiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAzMDksImthbXB5bGVfdmVyc2lvbiI6ICIyLjM0LjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjM0LjEiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2MzcyMjI4Nzc4ODUsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Requested by
Host: www.34-125-214-216.cprapid.com
URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.34-125-214-216.cprapid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-41c8
date
Thu, 18 Nov 2021 08:07:57 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-application-context
application:9090
dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=*;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB
adservice.google.com/ddm/fls/z/ Frame 8ED3
42 B
494 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=*;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB
Requested by
Host: 6260004.fls.doubleclick.net
URL: https://6260004.fls.doubleclick.net/activityi;dc_pre=CP2JucC6ofQCFdYfBgAdCSsNYw;src=6260004;type=citih0;cat=citih00;qty=1;cost=1;ord=5474828976029.28;gtm=2od1d0;auiddc=253918765.1611308789;~oref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6260004.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 08:07:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cr.png
contents3.00110.citi.com/api/v1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_pr%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do&phint=__bk_l%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do%3FJFP_TOKEN%3DNOSXRGKB&phint=__bk_v%3D3.1.8&limit=10&r=61954064
Domain
contents3.00110.citi.com
URL
https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1637222878010-sjn0000960-2042997d-da15-4d73-8173-e86217a62071&muid=1637222877535-D5263A0D-4021-4109-B547-40651D6AAE7A

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| GooglemKTybQhCsO function| google_trackConversion string| module string| lang string| searchEnable string| userRole string| visitor string| isLoggedin string| _j function| $ function| jQuery object| jQuery19100941312786857289 object| respond object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol string| bcCookieName string| bcsid function| setBCCookie function| getBCCookie object| cdwpb object| cdApi function| getSpanishHref function| showSpanishDisclaimer function| closeSpanishDisclaimer function| redirectToSpanishPage function| getEnglishHref function| redirectToEnglishPage function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| topDM string| message boolean| flagvalue string| counter undefined| loginExp undefined| jsonContent undefined| offerPlacements boolean| epTurnedOff object| PRConfig undefined| PRcallback function| reviewsClicked function| prConnection function| setReview_banner function| fetchPRReviews string| isTaggingTransformationSet string| isCallBkOnpageloadFallBackFlag object| taggingDlArr string| OSResponse string| RFResponse string| CMSStatus object| moduleArr object| contentIdArr object| resPlKeys object| offerlistArr object| rfPlacementsArr boolean| isMobile boolean| RFthrottle string| userType string| GPOLUrl string| acxiomTimeout string| cmsCallTimeout string| CUUIDUpdated boolean| bkEnabled string| bluekaiUrl string| aoUrl string| mktUrl string| updateDmpTimeout string| ecmCampaign object| ecmNames string| loginbkTimeout string| subChannel string| RFUrl string| rfCallTimeout boolean| PEAugustFallback boolean| PESeptFallback string| clientIpAddress string| osUrl string| osTimeout string| osClientId string| osScope string| peOfferSSIFlowCookie boolean| peOctFallback boolean| peNovFallback undefined| callCMSServiceRFDecision string| cmsBannerServiceDomain string| cmsBannerServiceTimeout string| cmsBannerServiceScope string| cmsBannerServiceClientId string| locale_PE boolean| peBluekaiMobileIntgFlag string| metricsCaptureUrl string| metricsCaptureClientId string| metricsCaptureScope string| metricsCaptureTimeout object| clientMetricsStatus object| metricsCaptureArray object| clientMetricsRequestKeys boolean| peClientMetricsFlag boolean| august2018FeaturesSwitch object| defaultContentIdArray object| bannerTrackingJSON undefined| bannerTrackingDefaultOffers boolean| peUrlMaskingFeature object| OSRawResponse object| schshArray object| sourceCodeBrandArr string| clearExp string| expCookieValue undefined| exdate undefined| cookie_value boolean| clearExpCookie string| immediateReferrer boolean| isJavaEnabled string| screenResolution object| peworkflow object| commonUtils function| peintg boolean| signonLock undefined| detachedRemChkBoxDesktop undefined| detachedRemChkBoxMobile string| maskedPlaceHolder string| signOffMessageValue string| uidInputField string| contextPath object| alerts function| deleteSignOffCookie function| removeSignonLock function| checkTMXProfiling function| OpenInNewTab function| openJDlink object| OOo undefined| headerTag undefined| jscriptTag function| commaSeperatedList function| arraysEqual object| CM function| onYouTubeIframeAPIReady boolean| iOS string| titleAttr function| hasClass function| getCookie function| setSearchBarLabel function| changeViewport function| setPageTimeout function| delayPageTimeout function| resetPageTimeout function| sessionRecovery function| callSessionCheck function| sessionCheckReturn function| beforeYouGo function| getBrandingData function| getFinalURL function| lnk function| isSubappBusy function| confirmGo function| ConfirmGo function| myFunction function| closeActiveFlyoutMenu function| hideSearchBar function| displayLable function| initMLC function| displayServerName function| isTestDomain function| launchPopup function| tv object| globalNavigation function| gssCallback object| requestURL object| params undefined| element undefined| h1Element undefined| fullSearchURL undefined| newElement function| gsearch2 function| scEventL function| scEvent boolean| flag function| gsearch function| searchComplete function| renderSearchControls object| pageTimer object| delayTimer undefined| branding_sc_p3 string| displayPhrase string| displayPhrase2 undefined| subMenuMargin object| year function| getParameterByName object| ids_menu object| ids_hasdrop object| ids_dropbtn function| mobileDropdown function| mobileSubDropdown function| hideMobileDrop object| __gcse object| $desktopSearchWrap object| $desktopSearchBar object| $desktopSearchBtn object| CitiSearchConfig undefined| CitiSearch function| NexusPlatformDelegateToCBOL function| NexusPlatformChatEscalationCBOL function| getRequestParams function| nullCheck function| firstCobrowseOverlay function| hideOverlay function| cobrowseOverlay function| showAlert function| requestCobrowse object| dropdownData function| $CitiSearch function| StringBuffer object| Base64 function| Utf8EncodeEnumerator function| Base64DecodeEnumerator function| _ object| Handlebars object| CitiSearchService object| nexusPlatformChatEscalationCBOL function| CitiSearchDelegate object| CitiSmartSearchTmpl object| nexusPlatformDelegateToCBOL object| CitiSearchJSVar string| contentFetchFromDB boolean| bodySearchCall object| CitiLiveSearchController undefined| CitiFullSearchController object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata function| $autocomplete function| disableAutocomplete function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint object| jsonLogic number| m number| k number| p

12 Cookies

Domain/Path Name / Value
.cprapid.com/ Name: bmuid
Value: 1637222877535-D5263A0D-4021-4109-B547-40651D6AAE7A
.cprapid.com/ Name: cdContextId
Value: 2
.34-125-214-216.cprapid.com/ Name: cdContextId
Value: 2
.www.34-125-214-216.cprapid.com/ Name: cdContextId
Value: 2
www.34-125-214-216.cprapid.com/ Name: kampyle_userid
Value: 6a24-99b0-9bb4-918f-9dd4-44ff-d8b2-1b29
www.34-125-214-216.cprapid.com/ Name: kampyleUserSession
Value: 1637222877882
www.34-125-214-216.cprapid.com/ Name: kampyleUserSessionsCount
Value: 1
www.34-125-214-216.cprapid.com/ Name: kampyleSessionPageCounter
Value: 1
www.34-125-214-216.cprapid.com/ Name: count
Value: 0
.34-125-214-216.cprapid.com/ Name: cd_user_id
Value: 17d32168ad9cb0-031f4a3e4deee4-57b193e-1d4c00-17d32168adabb8
.doubleclick.net/ Name: IDE
Value: AHWqTUmHUoh8F2R_c1tU8pIzEcyBZ7SkvHbCarw99C7YPI4t-rdrxW5PEqb1Wbi2oNw
.cprapid.com/ Name: cdSNum
Value: 1637222878010-sjn0000960-2042997d-da15-4d73-8173-e86217a62071

9 Console Messages

Source Level URL
Text
network error URL: https://online.citi.com//ui.powerreviews.com/tag-builds/10111/4.0/styles.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://online.citi.com//nexus.ensighten.com/citi/na_prod/Bootstrap.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://di.rlcdn.com/463166.gif?partner_uid=7d0f4114-b82d-409a-851f-1e7f7c838e38
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://www.34-125-214-216.cprapid.com/JRS/Marketing/common/DDL/1.1.11/styles/ddlbase.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Message:
Failed to load resource: the server responded with a status of 451 ()
deprecation warning URL: https://online.citi.com/passivebio/BiocatchATO.js(Line 7)
Message:
Plan B SDP semantics, which is used when constructing an RTCPeerConnection with {sdpSemantics:"plan-b"}, is a legacy version of the Session Description Protocol that has severe compatibility issues on modern browsers. The standardized SDP format, "unified-plan", has been used by default since M72 (January, 2019). Dropping support for Plan B is targeted for M93. See https://www.chromestatus.com/feature/5823036655665152 for more details, including the possibility of registering for a Deprecation Trial in order to extend the Plan B deprecation deadline for a limited amount of time.
deprecation warning URL: https://online.citi.com/passivebio/BiocatchATO.js(Line 7)
Message:
RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
javascript error URL: https://www.34-125-214-216.cprapid.com/auth/login.php?primarymember_id=aa29ed2ee2ddfc40a34b7a5ea
Message:
Access to XMLHttpRequest at 'https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1637222878010-sjn0000960-2042997d-da15-4d73-8173-e86217a62071&muid=1637222877535-D5263A0D-4021-4109-B547-40651D6AAE7A' from origin 'https://www.34-125-214-216.cprapid.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://contents3.00110.citi.com/api/v1/cr.png?cid=cedric&snum=1637222878010-sjn0000960-2042997d-da15-4d73-8173-e86217a62071&muid=1637222877535-D5263A0D-4021-4109-B547-40651D6AAE7A
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6260004.fls.doubleclick.net
adservice.google.com
bid.g.doubleclick.net
contents3.00110.citi.com
cse.google.com
di.rlcdn.com
nebula-cdn.kampyle.com
online.citi.com
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
stags.bluekai.com
udc-neb.kampyle.com
www.34-125-214-216.cprapid.com
www.google.com
www.googleadservices.com
contents3.00110.citi.com
stags.bluekai.com
104.111.238.178
142.250.185.130
151.101.129.175
151.101.194.133
216.58.212.166
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
34.125.214.216
35.190.60.146
35.241.45.82
35.244.174.68
74.125.140.156
0bd3ccc27cf9be600088075633085caa59ffdc6226dd98603eee03baee986d7d
0ed28149098ff4c10fe73564f0808527cc9ab60e4abcab1f05a5d02588e6a9ad
0fc0c5e3b942752d5a811676f479650575e3c0a6c42c25ed57311064b2d836a4
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
1cec78f793f28bed6cd96765e693bd6b7ba1efbfdd7d68ca5b8ea5390ff8bec0
1e8296753489472722a900b40958f4cb93b5efa530499287debe37fdaac97cdb
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
1f43f86e82f4cf6b5ddf863fbb8cd9bafb53790bd2016a7b2b36d51ad96fb32b
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2e1950e9fecaa7d00944c88becb315026208890e3d9ffe2545504105e181ad47
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
31a7d0a6362cd6d8fcbb3200740a252be4fc633363cc71021fb18faf4470eb5c
351566f41ad89bb03b7855b58661b377836aebe50db166052eaa17f17e156799
3636e5e8010b2e4e186788a748a7cbd16572b386cf2d67b3bea73cb7417abf9d
383034a475005344e388b34fdca2708e38d4dedc1505b22d31b0767d1fe32af1
3c4287f94e9dc9cda82125a6f528b0d4dcd8c2e9ee26b899c4481490312b146a
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
4061018b43e420a8f4513629af7dc6c78465e9f9d42c13c97104c637c2480f25
424b0508d87aeff62bf98099b98490558de97db21d02343fd4b0e46252a74d58
474a06e61c5ff0b6def6e5619529e0664e6fa2d9904ba6f796e4e1032c2ab3c3
482589f759fc49dfe43504889a3bd57361e94b46c97e5a92a81bb6716e766fb1
489ac0d5e6bb586f0144108a782f87e10aa6387fa5925c0f7b526142dbbf9987
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4f918cd256712c03a1b88007176cabf623cc63740e919d35a217c18dc7ebe607
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17
5d343d5e2bc616fe04642af586793b51ba2291a6c9616ee92e4246bde9fa72a5
5ef3486cabdf4baef9fbe885a9b9045cc7dc9b981a047a69576f46b8be490310
61eb086edee74d836ac3ff4cf7e7eefb28f97934c0e17748251e3db8d949c0b7
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
643030db71af1915a7c02ec3589b64d1b826cb8c8c97e0f7b80d70e0c830726b
67d342b059e3ee89919786b1a83c6ebb76b657bbbe0105d2c7c9876d08026c80
690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee
6ce5619a84bf7d3e559a5b45aa7f56fee491dd3f648775bbb7b42cb1f6f3c6fc
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
6dfa343a68ef79e83fef5f7c705119d2473352190c609cf94c67ea99a29fa452
6e866b41975af77f752d3feae581391b018128ad2cb495e783349ca49cb94c38
7075cd51e089027f92c8cbb5fa73d4df72bd8a58e112ea577133f4bc7667bada
73bda4635bfa51c64ab47b1fba9a7cb20b6ab3ae44f7c1d2abf78041a9da0fee
77aae11467c6e42598b9c17f8a34f9ffb08c3acedd22db327fabf5b1becd24a2
78af61897fafb5a82b787273472a93de723186b17f46ed315617c70ae2b6a6fe
7c891ffec93e4e682a8621d0e632f8d918d75857dfb0983cb357a032933fad03
7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16
87578cd8ec6b565afd5be1b9a00845ca3dcb8024d64f2d96e4ce00bb07c94902
87e414e65461d63f3c18fdec21dc973fbb3b04db9269aa2fa9f2b1e9fb4d58f0
9424a9bd37f8a8bfa9593148c7f58f3460e86d849af5a797172c53eb6d14a441
9631a9d9dd48f754dae53091527ca587e96b6862a8340d19b17888cba1d2170e
96a25378d5d5fed38414a3d798eddc8367ebb206b45b125c837b9bab43c8799d
9704bca992680b1698b6c364e5fd7fd20991aa230c700f3378765fdf99a8b27d
9a1b668eb01f48f23ea23ef4b756ec79671636184cc8a435716219179479a596
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
9deb849bdc20c654810ae440c0c5110b1a1cbf2228e7a3b61db136a7633c0eda
9fa97f780f20b95ac6a2baeed3961d39ec6086e3417eb59cd294e4e528187b7b
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
b880a027d8db72f3120d1666c1bc4f016c126d0d6e0b7852155c1ea204da4b63
b95fb980f8f91f1c113d3411d3fbf608e143bf4d10fe0706bb6d2231f13bd228
c193d1d0ed44d73f08a6e23c949d9ee2126b1d487ef9c0aa5c4e9cf47c3a1a84
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16
d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e035b79ab90f8c8ce0c5d34ae36fd666e84353307bdbf06ca62fdff8e77691dd
e06be077cf5b267953abb5386aa552d01bf1d1e0d625be61aad6b5e8ead2c864
e0a06ba70b7556d61f872bd1ca50148094683ed1ba026a78164563d3c63db0c0
e1cdd8699d632d98047b60975c127bde93707685555e0894c2087105e26298ae
e37a02e78fe6cf2e9359c395b6c677688c4d4ea5f8f7d4cd79ae03824daa44d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f62163437764c5ba5175120e4741cb76d1d48cecfec3224ebdf2b856cfe046
e8083753fb5c831319d97aea7f3e2fbafb4e30c01e86f41ca32489fa00b9d0b2
e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f2dd1ff20c3df202418f9d59c76f40bdb304d7a85d7163fc9935391528f3dee8
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f378974fe6a831ae2f48d9191ea74eb21877d4964d5eedbc2810d8756ed13631
f9bd92ac3e3a127d29f3f9786e6233961312cd256b895975cb5dce2f363916e8
f9ea3e5b79df3924376af98d3639b49ef970ef77063203b3ef3abaa84daca88a
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b
ff2cadd5d4f613bc461fe2c427466d05a6a7f975a7a763d8008616df5d757474