1axpsacct-vrfymail.com Open in urlscan Pro
2606:4700:3035::ac43:be15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1axpsacct-vrfymail.com/citibank/citibank
Effective URL:
http://1axpsacct-vrfymail.com/citibank/citibank/login.php
Submission: On March 10 via automatic, source openphish (March 10th 2022, 1:24:51 pm UTC) — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3035::ac43:be15, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1axpsacct-vrfymail.com.

This is the only time 1axpsacct-vrfymail.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 41	2606:4700:303... 2606:4700:3035::ac43:be15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.238.178 104.111.238.178	16625 (AKAMAI-AS) (AKAMAI-AS)
41	3

41 2606:4700:3035::ac43:be15 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

1axpsacct-vrfymail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com

online.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	1axpsacct-vrfymail.com 1 redirects 1axpsacct-vrfymail.com	785 KB
1	citi.com online.citi.com — Cisco Umbrella Rank: 20517
41	2

	Domain	Requested by
41	1axpsacct-vrfymail.com	1 redirects 1axpsacct-vrfymail.com
1	online.citi.com	1axpsacct-vrfymail.com
41	2

This site contains no links.

Subject Issuer	Validity	Valid
online.citibank.com DigiCert SHA2 Extended Validation Server CA	`2020-03-13` - `2022-05-14`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://1axpsacct-vrfymail.com/citibank/citibank/login.php
Frame ID: 8AD824D7BDA2633B3E10B12C855B0EFC
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citibank Online

Page URL History Show full URLs

http://1axpsacct-vrfymail.com/citibank/citibank HTTP 301
http://1axpsacct-vrfymail.com/citibank/citibank/ Page URL
http://1axpsacct-vrfymail.com/citibank/citibank/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

41
Requests

2 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

785 kB
Transfer

2473 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1axpsacct-vrfymail.com/citibank/citibank HTTP 301
http://1axpsacct-vrfymail.com/citibank/citibank/ Page URL
http://1axpsacct-vrfymail.com/citibank/citibank/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://1axpsacct-vrfymail.com/citibank/citibank HTTP 301
http://1axpsacct-vrfymail.com/citibank/citibank/

41 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ 1axpsacct-vrfymail.com/citibank/citibank/ Redirect Chain http://1axpsacct-vrfymail.com/citibank/citibank http://1axpsacct-vrfymail.com/citibank/citibank/	50 B 914 B	204ms 204ms	Document text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/ Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Thu, 10 Mar 2022 13:24:40 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od6bHAipOUMb6XV8dIHscG8t3jBVIXwRAb46Fs88qSc9%2FBYH9pjDtM9ttrj3pkCCKcqYNqwQQI555Wrj5l%2BxCNRnrJst0mBu32MSs%2ByP2ioVIJDQN0iMPSuhrYI2M%2FCQoIKMugtTvXaHr%2BmtAlziCq0IPr8u"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6e9c5f390e489006-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers Date Thu, 10 Mar 2022 13:24:40 GMT Content-Type text/html; charset=iso-8859-1 Transfer-Encoding chunked Connection keep-alive Location http://1axpsacct-vrfymail.com/citibank/citibank/ CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjB1248Y40ShZDhFaB38YU1rRXD0CyrmT%2BymHp34wiQAzE5AloOyvvdbAxB7Jn1n%2BuWfecyLvdXqsuq5s8DhS7g65i1pBjllbUqP5JVqvZAj9sDEl2WIxedOnszHBzbL6KODAF9Gp2DF5jbXyfWQwoYAylWV"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6e9c5f369a9a9006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	Primary Request login.php Show response 1axpsacct-vrfymail.com/citibank/citibank/	692 KB 77 KB	195ms 195ms	Document text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login.php Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/ Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `32d0db9d6e6832cd2accddfc539475579a68452a110408e177271589ebf95590` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/ Response headers Date Thu, 10 Mar 2022 13:24:40 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klUlWvlJQRW50To9sCaTbpuaAsybXGZv%2B2ovm3APtc4Bbfp3gnrJ47Fn6Sh%2BP6Am6A3PpdtLzdHlE28ceoDKkoBtAkDYiuu8r0UxYnnqIS6f6fDVrWVkpGNl6wOziHmx9rSKjisWrK6nGexuZQ6bFKml5ajd"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6e9c5f3a68909006-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	styles.96e48ab9a5610e0bcfb4.css 1axpsacct-vrfymail.com/citibank/citibank/login_files/	1 MB 147 KB	389ms 370ms	Stylesheet text/css	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c4bceaa67185ef298cd35996a41cb40513af27624efed661338f11e234f4955` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:41 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Fri, 10 Sep 2021 18:48:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9h9i4Y1pNy0nj3i2JLJ6gSA%2FR6GDdQRaAhhAqzMOv3UrlAlJaLpA1XlR5M8DePVW5TqVxJD27f5pCx0eGc3BqfoV2cQUXJ%2B%2Fpvq%2BEBUszngJNvkfvW5ZhyDh4cwer9MbXkblVBK8Z85uJn62Rgc0eexQxVPR"}],"group":"cf-nel","max_age":604800} Content-Type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f3bdf6a9070-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	citilogoredesign.png 1axpsacct-vrfymail.com/citibank/citibank/login_files/	2 KB 2 KB	338ms 338ms	Image image/png	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/citilogoredesign.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:42 GMT CF-Cache-Status MISS Last-Modified Fri, 10 Sep 2021 18:49:06 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JCxK6Th0J0n0LKDJrWgYnx9w1Z7BferEmwDdRXi5Wknrr4a%2BlaMQoP6hHGd9KQhOtC6YS7bO7V9vACnlLgGaEKnk4EZNnReHuVFGmvpWh55DU%2FrK82yU35n9v6nOBdqwhZIsWAftfJ2A3JyI1UK3wbJOb%2BC"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f410a019006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1799
GET H/1.1	200 OK	050-location@2x.svg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	2 KB 1 KB	347ms 346ms	Image image/svg+xml	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/050-location@2x.svg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:42 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 10 Sep 2021 18:49:06 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2F3MCMt15pfeNwiOYXjA3lmqz0B7C%2BXOks%2BNhpDWBY7j2Fdoq%2FJ535XVVHmt4Uuuitvei21niAfMsHW4sjViPOtsncB2zswxkr1QLHsb5RcIpHH2JmyL9khfhoZH7pg1iqqd1nnyfYWrkttKL%2FpONe4UDsHt"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f410f3a9070-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	icon_globe_med-grey@2x.svg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	3 KB 2 KB	427ms 408ms	Image image/svg+xml	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/icon_globe_med-grey@2x.svg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:42 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 10 Sep 2021 18:49:06 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6n3YbjmHWSu9TnnIaga0dfetuIHE8aEBcX5P5BGX1f2eN6LKmV52O8YOZ7UssAOb%2Bl4sbbUzBFP1I6DSIZdaaWIZMrd5VoJSG74FqlNMyjj4KR4fMPb%2ByYyN%2BLRQsSn9qNlyVqebS7Dam70jELjdYMITO747"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f411fbe59c5-MXP NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	HP_1247_Premier_10_Background_Legacy.jpg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	71 KB 72 KB	3870ms 1510ms	Image image/jpeg	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/HP_1247_Premier_10_Background_Legacy.jpg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `06d733b09a9fccaa6b2c7ee0e8c9002f782366cbd16f1204e14c43e803d61051` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxJeK0naKsDxfZvv5eJvtS9T0hQurVObNRk7VTobNqmEK7KD3xbZZSLDtZ%2B9llYjlxMDqT%2BLHt%2FDVXDgMrdQ6KcQycDjkO8Q0B4KG9GmOa0%2BQvBfLd7T4yXte44NOCDz9Bbkq09LN6hDgEbGq2%2FF6kEGUr5V"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f4fb8075a2b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 72551
GET H/1.1	200 OK	HP_1247_Premier_CardArt_10_Legacy.png 1axpsacct-vrfymail.com/citibank/citibank/login_files/	92 KB 93 KB	3851ms 983ms	Image image/png	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/HP_1247_Premier_CardArt_10_Legacy.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `134f5b1fd8f0061b23d41c33c509f1a2b08dd607e43122ed380d0634798c3e4a` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EIv3V1Ypl5BHFAxHVIsSoSf5Y2ju4MoR4W86kM4AgAa0igBlBIQJt9X%2F8GCTsGCMw1j64RNF%2F7eWFuZ4ydCV6zwJXzF3oL6JZyzivX6tl32fceCshXE9qZQtD4G7ePGRu5vKNRFuWZJNJS%2FUGSwaD3OEP%2FY"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f52ec310f52-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 94005
GET H/1.1	200 OK	phone.png 1axpsacct-vrfymail.com/citibank/citibank/login_files/	10 KB 10 KB	3846ms 326ms	Image image/png	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/phone.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyUa85afmCcG4YB2TMnO58dOcXAm3k2m6XYc64mKAxNUaDRfR1Pg%2BsxbUHUV%2B0SIFy9umOqkSrC0Npts%2BONwFVb0CpbXAw%2FWzvjP16tyIjRnjAAotNYG2DbG8sdtCCWOIRN4ruAFK25O1Sa5NT0EkxOImP9E"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f570a7e9070-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 9873
GET H/1.1	200 OK	qrsignon.png 1axpsacct-vrfymail.com/citibank/citibank/login_files/	741 B 1 KB	661ms 661ms	Image image/png	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/qrsignon.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdywVxvKwogDVIAWIUrYLeak%2F8j%2FuAQPKVt%2FmRHJyJFnJZbXNZySW%2Bcw5TsUccYWD8gOffwhrKW5MPF1vkrb9CAw1zA6j4S2XMGPV%2F7S8TPdLrcs4hRPmcSrNXauxhQFZ4Qt7zSep1PPOR82HER7VvOWn4oV"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f5939390f52-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 741
GET H/1.1	200 OK	laptop-and-phone-pairing.png 1axpsacct-vrfymail.com/citibank/citibank/login_files/	17 KB 18 KB	831ms 831ms	Image image/png	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/laptop-and-phone-pairing.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ff5150ab5741a5c8345bc7861cb1cab8f574fe17f2cdb2fbc2058311f3d65817` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FWrYV1mAYivuPOtvjjvc3Q9ORVvyk9%2FP0ZaqAWFB7lXtxa2Uo%2Bl6RUvg3lIx9MzdCn5fVl%2FDeplCLE%2BYEQhC2iD0t%2F6SHxrvHjt%2FMHqnyor3x0Qhhw9SMfEWwwCguMYCyPiOBr4TYGnSb3a%2FFZZf3FF9CbU"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f594cb85a2b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 17241
GET H/1.1	200 OK	laptop-and-phone-success.png 1axpsacct-vrfymail.com/citibank/citibank/login_files/	13 KB 14 KB	637ms 636ms	Image image/png	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/laptop-and-phone-success.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bb1fdd5be17ce6cbeb21411a9ba10b99f11bbe232a93b34bec7c4722d763bf52` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXrrgZl1TYnJF%2FX7xyPvn8fedsm4XGvVBV%2FIOoxCXXqauxGLiFmCSviv3v%2BiY4%2F1Kc5G1x6aWF3dmPNQISYYi6g9lvt6Oz1ilKBDDWts6XOL9%2BF2x6IqWApb%2FSxvvWHwrC7F4tZxBS6EPHJAKfcGoWBQqsum"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f596ee19006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 13305
GET H/1.1	200 OK	Cards-tile-grey-1120.jpg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	100 KB 101 KB	3961ms 2310ms	Image image/jpeg	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/Cards-tile-grey-1120.jpg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c077e9e9bab05eb4533dad01e36a03c396ede41d4af7930948e571407cd15497` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cSzOkgJG2nvTPAPa4MqtqYuzxZlmCgJJnU4Zk%2BVatHMSqN6AT8cZ1NkbhqBNGfW7aY9Ryj3LXFLAbhfyPcp2j%2FM8j2oLyuFyqsx2JJhKcnzIRrmi350hJ7eUeMQ56VpCUF3D34ybkfRlD2m0XuU8ru6m8Z6"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f4b8acfe903-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 102849
GET H/1.1	200 OK	HP4382_DC_Module.jpg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	21 KB 22 KB	1651ms 1303ms	Image image/jpeg	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/HP4382_DC_Module.jpg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `097c713a5b78acb3ccf996c9e9d8331d52c856dc3bd15df64c5c53299cf6598e` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:43 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wtBA9%2B9vGA9SGweYTNJSVOcf%2Fs%2F5nBufm0R%2Fo9CevC41GMU8%2FtiulRA7s%2By%2FzJgVQZxeu2RLce0DNT5tALFduKok0WwKiDawsFwlNHDb9Sh2jiVSxfufkEp9MBzCjiBwtUoQFiHmQTPzj3hC28xLasJjLh4"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f437caae903-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 21837
GET H/1.1	200 OK	HP_1026_MultiTier_3-Up_M1_1120x630.jpg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	49 KB 49 KB	2800ms 1591ms	Image image/jpeg	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/HP_1026_MultiTier_3-Up_M1_1120x630.jpg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ef0adbd53cd1d35da12e4ba195bfb5aacd81ef44aaf9eacd9955cfd62a467bef` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:44 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOZHbrmeCZpSe%2FmwlPLYj33rwvovACLcl6bmaEzCwvIrcAjw2seqypFHxlccdfMke%2F9eHHPGk%2BBYh0%2FXkDg5RDv32gYozSqlD7HFYPdSxmIkoOqzbJHG7GsAY3Srj8vahorXTSvTIOcVlKBMV5DP9EoNFoRr"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f48cd149006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 49884
GET H/1.1	200 OK	HP_1262_CitiSelfInvest_Image.jpg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	46 KB 47 KB	2831ms 2382ms	Image image/jpeg	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/HP_1262_CitiSelfInvest_Image.jpg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `21ce9d5fb1b0c08a3983cabe314138b163341fea02a49962bdec84a5a13e02e0` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:44 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bkp2y6SmLpt94cc9USRdb%2B%2B2huyGH1p2TAN8AlDPf02sNyJ95k%2Ft5BihlLjR6m5QKHo8eMW3oJSwljYC1XnYdbYeVZ6ZAIAq4YMJyMvlr1WTEc%2FO3D9Qx5NYog54lp99WaXqyCNh6UnoCdsqG0kqIJwOKeMS"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f440f020f52-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 47164
GET H/1.1	200 OK	HP_1005_LifestyleBenefit_3Up_M1M7.jpg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	57 KB 58 KB	362ms 361ms	Image image/jpeg	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/HP_1005_LifestyleBenefit_3Up_M1M7.jpg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f0dbc6cfd4a4c729ae0ca2f1404efcdb3e61e4943032b1767a567b9fbce33a51` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT CF-Cache-Status REVALIDATED Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMgEqdpeavItiopnkJFAcDHOyEvbqyLcgb0TEc5b%2FSbmCyjla5KGcSqUT%2BahmMVWRhqL3KdGcaIMcd7uQ4EIxdzU66%2FUkFjUwAsrv3ow018Ex2Y4hVfsnwQvYxRCaTSe8ifDT6qbu6pJ9xrbyrq24EydB82W"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f5d5e669070-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 58806
GET H/1.1	200 OK	HP9368_M.jpg 1axpsacct-vrfymail.com/citibank/citibank/login_files/	67 KB 68 KB	750ms 750ms	Image image/jpeg	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/HP9368_M.jpg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f8d72428d9ad2a78762aaf3baf508892fac3dfa91ff222b6543b487df180b042` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:47 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Sep 2021 14:25:58 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5ZO2IWo6yZMETEIfvnJ%2FPYrL7CSuHznN3IkjINoD7fUW8u1WyjXh3bcq%2F6JEAdquc91W%2B3T9ItCV27oSN1ew5I7cytlAr7jfGE%2B5Z6RcVfnOOwgkwj5yt3zCEJ6B5T7aarm1vAcbuwPghZUAATQ61lvCVyC"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6e9c5f5d58ed0f52-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 68893
GET H/1.1	404 Not Found	search.svg 1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/	315 B 315 B	645ms 335ms	Image text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/search.svg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:42 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4xNBrZck%2F4PTD6Hb2KWL3kR2FMjUCbKKk3pvoyeLk0aECLvOoUE%2BpW2h6tYKGNqwdi4Mf2G7TFiT9eR90FF7SNK6qXkAM8mgv%2BxElCf2KCXQZH7LlyhPa2a%2FL%2F80aKyUiWS7R7zKgwVgqGEOZf7Im1BNxH9"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f432a399070-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	290 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f1d98175f649b08fbef5efab07a7cfab70691af20ece47ac6fc85652ea477e3c` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	361 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee15f2cf3ce0a11ea1474cd758eeab01d52e2d46a240b2c51e6a4ce592e1637d` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	HP_1247_Premier_10_Background_Legacy.jpg online.citi.com/JRS/banners/	0 0	473ms 376ms	Image text/html	104.111.238.178 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://online.citi.com/JRS/banners/HP_1247_Premier_10_Background_Legacy.jpg Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-238-178.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H/1.1	404 Not Found	qrsignon-b.png 1axpsacct-vrfymail.com/cbol-pre-login-static-assets/assets/qrcode/images/	315 B 315 B	1209ms 907ms	Image text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/assets/qrcode/images/qrsignon-b.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:42 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScQKe9qdJYtjnXCrM%2F5X3CMw5XTEPNdtQ4uJUUSwcZafpOm1mZwpvfV5DpfPkXHTvl%2BQoypuKMkh4jJUe0eIIdd%2BVuHzD%2BRdZv3NaAyMNjzr5ecxWpBaYXBKj1eOBYJ%2Fth5zSIhuhtFF0m%2B%2FtrKNr%2FN6AyRx"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f432d059006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	918 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml;charset=US-ASCII
GET H/1.1	404 Not Found	Citi-Branding-Sprite.png 1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/	315 B 315 B	407ms 406ms	Image text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/Citi-Branding-Sprite.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7IODFHVKY06sLt8nYquJMulVInqBNnl7fReDRQdbQvNonu5nIivpFpFpQKGao3zmU9Pzmv0HCKVRw%2BBTxJPENFXerN8pg%2FRL8GdALpAQEhASmb8nihuL%2BJGQEZ7CJQ%2FHAvaeadcvZolQ3zZjuR09H78Y3A5"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f5d6bff59c5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Appstore-Googleplay-JDPower-Sprite.png 1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/	315 B 315 B	353ms 352ms	Image text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/Appstore-Googleplay-JDPower-Sprite.png Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XHRGfWRHFBhQgQEidOooMBR7AU4Ml5vJRYd0cJYL9P6ojdMC70lUNPy9hu9NaeGq%2FVCmZghDBF8ZXFTbeYshnXJAnWxnzDJBpJi%2F28rL%2B4cAHd%2FcmPaDKRRs4rAidlBOUYnKZ4GLVoUzws0rlVjHgW80cvU"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f5f8fef9006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Regular.woff 1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	0 0	396ms 391ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:42 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzP%2BkStRbvgpJGo4M%2FnVG%2FG6HGmgv1sGRllE0nEguGgriMVtoCom0%2B1pI4HATeweW%2FoeiuochsFqkwJ05L%2FEiJ9%2FmzQdpge2c22bGfcU2AhuQHjmqqWZjrua9w46vz3I1uDbbWDABjtsRWfvKqBGmhCdvA%2F9"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f411c3d5a2b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Bold.woff 1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	0 0	474ms 470ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:42 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KI%2FObvipjCGk%2BoRfXavQj44sNn5ZyVTsIZfAuU6xbPcdtBs2b2yT7SKwrGk3VaCyF58WYgI8sc%2B5P51Z2XXubpzWrjh3%2BQBldqLrqf2M9GjcBg4EHPB7%2FQD6VhYwyU6eGbfuQYjjWx01tWE75Ax5SPOHJJQ"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f4119ef0f52-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Light.woff 1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	0 0	373ms 368ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:42 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmWrQvmX6zWk30nfReSfwEmvzumK4oGN6JQlaWzyt3x%2B%2FjTMJbJ6a9IUQ9%2FY%2BEaw%2F71Z5NSCwZ%2Fh3cF3Zzf6EW%2BWtxeEfzkDkvwx964AuJ3dOB2mR%2FajM6J%2BrLMSXXytRGeKRiG5hsaEUBbb4Gb7cpG0DCzf"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f4118dbe903-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Light.ttf 1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	0 0	1975ms 1953ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:44 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypBdkNpFibhuFnljtJYmxK7uLawlpBpC5hw3LxBwztGZBBOMca6EFEbUlqKeWRrr431S4QLCHTpjDvCw08tcdkSQvNvk6vE9UqOOgMW19Bzs037W9QRL%2FpsK8oyVcURlPnFo8Ozg73jEXJiqfJqRDTAP%2FHzB"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f438bb05a2b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Regular.ttf 1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	0 0	2120ms 2098ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:44 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOUWHEGWwWcwKFMmDDUW3WwhJC6oL1URNXUoPxztnwvtlFzer%2B5MzVGUIE9F0ti7GbA4rct82x6pa7%2FWFmXtECowBlxLYms3X5t%2BXVP1BZ3ACgKB7x8Q86rRrodb7ccfG2nR6GPUM%2B7vh39%2B6GcB6PE03qDq"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f43ae4c59c5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Bold.ttf 1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/	0 0	2034ms 1837ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login.php Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:44 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=992rDtyRrZ8SEHcEUKruqvbHlqoYXFyprfAE0OpLWVrcPsnv41I%2FONO7v6jUMSPaHyzujc8%2Ftz4%2FyGobQngVg%2B6%2FMAs4Xlq8vgFw4xGXUgctcaUsy6OF8doYsaQGV4kjIugxT4qM%2Fj62m5MPzsnWvz0IyANl"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f454d829070-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Light.woff 1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/	0 0	1158ms 999ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Light.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQBc2vdRcdzlUwar0afzeI7NtZVDLHuCz2ZMt95uBHxNFHhZmMbFYuVxfW0W9icBkeI91lGFpAfoYaE4mKeENeg72Um60J%2B%2BHCZZIooOOCAB%2FBsjsxQX33n7crUpmjVIeQElZbPMazrACjKkGPFxrCEPxBGw"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f50c87d9070-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Bold.woff 1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/	0 0	1015ms 1010ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Bold.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDyYU9miTmuOwznx9tbkBqQFycapD9ua7j1d1la65QtAfzm4l5YyTImFV%2B6ssA0XwhSDjk%2FaULJhH4RJFb6l7FV0x20j15%2FmlhSUr54tH2FETwsU%2BPKXbgYBdDMp9j%2FYDsjw4cuEbJ7J5qeVb4UFOf5D7a4G"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f50cd0559c5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Regular.woff 1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/	0 0	999ms 691ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Regular.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0LvgrwrOUSooD2pb6NIEaTmZC4HP1aRo5YuIhio1TYHXVkM7T5RSWPQxhv0%2BauFOOhdJ0c9vjybqsSXq1xcJJl4sAG%2F5M7G9VZdpQLGEXbxnIdhh8NLiCSsAeiYj3gOn8U9%2FhSy5gz0foNCWWofK1oBnfHz"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f52cde99006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Light.ttf 1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/	0 0	197ms 188ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Light.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B6G0PtEYrB3A1ISIfPt0SzG3Jyucdirh0wiwhuO9aG5xRfKXnpHRR%2F%2BI3XrnXgB2D4E7ExJUo83rWm2ni4g2k7f2mSEYkds4rPLzUvppzl%2F7mBnZU1%2BC4MFSkfVWmNApT3eaFXR8ez8gCjWhCbYR8jt3wxc"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f571bcd9006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Regular.ttf 1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/	0 0	394ms 386ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Regular.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pUKGj3CIDxq58pEHuq8cA2YuobOKRQwgnaAUTgkW8M7lSP1LsXr4DQ5VEMZZqHaRx9X4jxlhWPkDJEVkY3CG3EyuXe47%2Fxohz9CjBrZqxV4%2BWXHZVhzFGSy58xWPRjCz%2FLvU%2FvR3ZYDoUCoFnIWTv8hKGoK"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f571c5c59c5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Bold.ttf 1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/	0 0	358ms 179ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Bold.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:45 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BijDb6BxWJnCyyqkj%2BQw1KFuj6fZM1ufsNVhSrKWAiu%2BUILPTNXHItNJR%2F9kDQ5B2Om3L856dnB7JrUWBXGCP9Sw%2BJQW1DcHCZhydO62GZ7ez%2BgPIdMdMeVFwdTicRoy%2Fd3Y9wUH4JLn0c2ep2MlQLoTOl2e"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f584d6e9006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Light.woff 1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/	0 0	809ms 681ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Light.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nClsLsZQmfrSWEHS%2FotS1%2B4CZjwkcjKdYA0ovlhEo16MZYtjAupCerYOxCqv1%2FMHGt7lQQtUnDzATC%2BGIXekUtIPaI0q5R2cw9CxktzNFvvz9MLBktR%2BUOK38NGJxEBJjOiCLwAHscwuD94d3AbNklr0CJNO"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f590de39070-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Bold.woff 1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/	0 0	636ms 620ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Bold.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nFNdfYIadfwv8MJWWLK0k7uUYk48L45eZLMLaFvUZxESdTIQQ77O%2FN%2FIdTfuMbW1fSvYqy%2FqAlRQ9Db9XdKHpGvwBkElIZwUyaFvUj2CyziGVL40eFSjcY6AWnzvlsH6kbbTeBjPD%2B7Ojtw8Ckd32TaAxZl"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f598a6f59c5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Regular.woff 1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/	0 0	623ms 534ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Regular.woff Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UB40%2Bd3gzIffGO6aSCv35Gy3Pq62aZ%2BuxrQg5yrORI%2FLn3Yq2pc%2FL9sD7ldm78S1w%2FfCXyP5CuFWrjmbXqQO3eDrj5jkoGeDH9cm36QosUSDLdbs1c9UcU02wrOMpiuwTckj3zzHX58wFtyy%2FX7Fk8U1EDdK"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f5a1be6e903-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Light.ttf 1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/	0 0	348ms 342ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Light.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMPpp5Uz6jUPuHSGW3fWAOCxfcefiM8NKjuFzB8aFUThKkcGDumsNCw5MfeubXnZ0xOtlw9jNNSEKcgRFnll2AeMGulE%2BHkQiThW0X2Gkh9IW5yvkaXet7HSCW96xtTli2%2BW8Eq5IGFDskNUC%2Flw2kPFdVPc"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f5d5ce69006-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Bold.ttf 1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/	0 0	372ms 368ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Bold.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTKT0oqzq%2FHOufNpmPj5ZdCv%2FPXj90fnpbxoK4jmESxxYdRsXASox7lM76kslcFjfqVBh%2F%2B268%2Fm5dL4LMY3h3kIWHizEhUTFaJ%2BSCwEN3o8Va14bdpcMR6n6yS6OIDNK7%2BcX7fRSCAO2uMDzN4X1B3jUG8c"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f5d69d0e903-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	Interstate-Regular.ttf 1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/	0 0	530ms 361ms	Font text/html	2606:4700:3035::ac43:be15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Regular.ttf Requested by Host: 1axpsacct-vrfymail.com URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Protocol HTTP/1.1 Server 2606:4700:3035::ac43:be15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://1axpsacct-vrfymail.com/citibank/citibank/login_files/styles.96e48ab9a5610e0bcfb4.css Origin http://1axpsacct-vrfymail.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 10 Mar 2022 13:24:46 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XI015ZbhsV96jumDxM0aAdec1ljnYxEIIiv%2BigWh39xmIoPtnDwNyWSdYHA1Swpop5%2Fg7iYVpxgM%2FCwLIcOIXrHecMLViLut5R44clhZ4wzFb1tVHyLnS4OxDx1fqySnVrcL0NjmSCGAO9MFcaHuq4TqP%2BNK"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6e9c5f5e7bae5a2b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			1axpsacct-vrfymail.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: af0b58406cae34adbe114cb43e979821

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php(Line 66) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php(Line 67) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login.php(Line 68) Message: <link rel=preload> has an invalid `href` value
network	error	URL: http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/search.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/assets/qrcode/images/qrsignon-b.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/cds-assets/fonts/interstate/Interstate-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/Citi-Branding-Sprite.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/login_files/commonui-assets/fonts/interstate/Interstate-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1axpsacct-vrfymail.com/citibank/citibank/cbol-pre-login-static-assets/citi-branding-assets/images/Appstore-Googleplay-JDPower-Sprite.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1axpsacct-vrfymail.com
online.citi.com
104.111.238.178
2606:4700:3035::ac43:be15
06d733b09a9fccaa6b2c7ee0e8c9002f782366cbd16f1204e14c43e803d61051
097c713a5b78acb3ccf996c9e9d8331d52c856dc3bd15df64c5c53299cf6598e
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
134f5b1fd8f0061b23d41c33c509f1a2b08dd607e43122ed380d0634798c3e4a
21ce9d5fb1b0c08a3983cabe314138b163341fea02a49962bdec84a5a13e02e0
32d0db9d6e6832cd2accddfc539475579a68452a110408e177271589ebf95590
4c4bceaa67185ef298cd35996a41cb40513af27624efed661338f11e234f4955
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
bb1fdd5be17ce6cbeb21411a9ba10b99f11bbe232a93b34bec7c4722d763bf52
c077e9e9bab05eb4533dad01e36a03c396ede41d4af7930948e571407cd15497
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67
ee15f2cf3ce0a11ea1474cd758eeab01d52e2d46a240b2c51e6a4ce592e1637d
ef0adbd53cd1d35da12e4ba195bfb5aacd81ef44aaf9eacd9955cfd62a467bef
f0dbc6cfd4a4c729ae0ca2f1404efcdb3e61e4943032b1767a567b9fbce33a51
f1d98175f649b08fbef5efab07a7cfab70691af20ece47ac6fc85652ea477e3c
f8d72428d9ad2a78762aaf3baf508892fac3dfa91ff222b6543b487df180b042
ff5150ab5741a5c8345bc7861cb1cab8f574fe17f2cdb2fbc2058311f3d65817

1axpsacct-vrfymail.com Open in urlscan Pro 2606:4700:3035::ac43:be15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

2 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

785 kBTransfer

2473 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1axpsacct-vrfymail.com Open in urlscan Pro
2606:4700:3035::ac43:be15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

2 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

785 kB
Transfer

2473 kB
Size

1
Cookies

41 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!