citibanksgdvpclientuat1qa.investcloud.com Open in urlscan Pro
104.17.184.107 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://citibanksgdvpclientuat1qa.investcloud.com/
Effective URL:
https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Submission: On October 12 via automatic, source certstream-urgent (October 12th 2021, 3:15:31 pm UTC) — Scanned from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 45 HTTP transactions. The main IP is 104.17.184.107, located in and belongs to CLOUDFLARENET, US. The main domain is citibanksgdvpclientuat1qa.investcloud.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 12th 2021. Valid for: a year.

This is the only time citibanksgdvpclientuat1qa.investcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 35	104.17.184.107 104.17.184.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
1	2.16.186.19 2.16.186.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1 1	68.67.153.53 68.67.153.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
1 2	108.174.11.69 108.174.11.69	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
45	12

35 104.17.184.107 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

citibanksgdvpclientuat1qa.investcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.53 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: one.progmxs.pxlsrv.net

one.progmxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f170.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.11.69 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	investcloud.com 2 redirects citibanksgdvpclientuat1qa.investcloud.com	3 MB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	facebook.net connect.facebook.net	94 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
1	facebook.com www.facebook.com	313 B
1	gstatic.com fonts.gstatic.com	112 KB
1	t.co t.co	454 B
1	twitter.com analytics.twitter.com	659 B
1	progmxs.com 1 redirects one.progmxs.com	220 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	licdn.com snap.licdn.com	2 KB
45	12

	Domain	Requested by
35	citibanksgdvpclientuat1qa.investcloud.com	2 redirects citibanksgdvpclientuat1qa.investcloud.com
2	px.ads.linkedin.com	1 redirects
2	secure.adnxs.com	1 redirects
2	connect.facebook.net	citibanksgdvpclientuat1qa.investcloud.com connect.facebook.net
1	www.facebook.com
1	fonts.gstatic.com	fonts.googleapis.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	fonts.googleapis.com	ajax.googleapis.com
1	one.progmxs.com	1 redirects
1	static.ads-twitter.com	citibanksgdvpclientuat1qa.investcloud.com
1	snap.licdn.com	citibanksgdvpclientuat1qa.investcloud.com
1	ajax.googleapis.com	citibanksgdvpclientuat1qa.investcloud.com
45	14

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-12` - `2022-10-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Frame ID: B13AC1E59210DA457ABF059FAB3ADD76
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

User Login

Page URL History Show full URLs

https://citibanksgdvpclientuat1qa.investcloud.com/ HTTP 302
https://citibanksgdvpclientuat1qa.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

45
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

12
IPs

3
Countries

2851 kB
Transfer

9328 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://citibanksgdvpclientuat1qa.investcloud.com/ HTTP 302
https://citibanksgdvpclientuat1qa.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://one.progmxs.com/seg?add=19651195&t=2 HTTP 302
https://secure.adnxs.com/seg?add=19651195&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19651195%26t%3D2

Request Chain 39

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1381738&time=1634051725286&url=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3D%252f%23!%2Fw%2Fcitihkloginwfapp HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1381738%26time%3D1634051725286%26url%3Dhttps%253A%252F%252Fcitibanksgdvpclientuat1qa.investcloud.com%252FMembership%252FApps%252FCitiHKLogin_WF_App.aspx%253FReturnURL%253D%25252f%2523%2521%252Fw%252Fcitihkloginwfapp%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1381738&time=1634051725286&url=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3D%252f%23%21%2Fw%2Fcitihkloginwfapp&liSync=true

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request CitiHKLogin_WF_App.aspx Show response
citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/
Redirect Chain

https://citibanksgdvpclientuat1qa.investcloud.com/
https://citibanksgdvpclientuat1qa.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f
https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f

9 KB
4 KB

1041ms
1040ms

Document
text/html

104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

407b3b0dd6198c4866cf5b622441ea344bde6f04dee8040c235a4be3770c897e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: citibanksgdvpclientuat1qa.investcloud.com
:scheme: https
:path: /Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: AWSALB=yClnTbLHQpL382DVN1Ou1/mUFHBPo7Fex1sRhd+oTcgX+1Q1TmTzsTDUWxSh0F2LFgxzYFFe7tci+tRG7jAongAmqMeBJUhVFMzgqi4Lu7rRjIod22P7DAlBhYnq; AWSALBCORS=yClnTbLHQpL382DVN1Ou1/mUFHBPo7Fex1sRhd+oTcgX+1Q1TmTzsTDUWxSh0F2LFgxzYFFe7tci+tRG7jAongAmqMeBJUhVFMzgqi4Lu7rRjIod22P7DAlBhYnq; ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 12 Oct 2021 15:15:20 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; Expires=Tue, 19 Oct 2021 15:15:20 GMT; Path=/ AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; Expires=Tue, 19 Oct 2021 15:15:20 GMT; Path=/; SameSite=None; Secure IXCulture=en-US; path=/; secure IXSBaseUtcOffset=480; path=/; secure XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; path=/; secure IXTMO=3600000; path=/; secure
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
x-ua-compatible: IE=Edge
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69d148718f384e7a-FRA
content-encoding: br

Redirect headers

date: Tue, 12 Oct 2021 15:15:19 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=yClnTbLHQpL382DVN1Ou1/mUFHBPo7Fex1sRhd+oTcgX+1Q1TmTzsTDUWxSh0F2LFgxzYFFe7tci+tRG7jAongAmqMeBJUhVFMzgqi4Lu7rRjIod22P7DAlBhYnq; Expires=Tue, 19 Oct 2021 15:15:19 GMT; Path=/ AWSALBCORS=yClnTbLHQpL382DVN1Ou1/mUFHBPo7Fex1sRhd+oTcgX+1Q1TmTzsTDUWxSh0F2LFgxzYFFe7tci+tRG7jAongAmqMeBJUhVFMzgqi4Lu7rRjIod22P7DAlBhYnq; Expires=Tue, 19 Oct 2021 15:15:19 GMT; Path=/; SameSite=None; Secure ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; path=/; secure; HttpOnly
cache-control: private
location: /Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
x-ua-compatible: IE=Edge
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69d1486b4b814e7a-FRA

GET
H2 200 HomePage_CitiHKLogin.WF.App_IXAD693513C0632FE53EC81B5DFE8F311A.css
citibanksgdvpclientuat1qa.investcloud.com/styles/BB2BA7C3EFB57CFE285E47193AB5092A/ 1 MB
166 KB 1758ms
1758ms Stylesheet
text/css 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/styles/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin.WF.App_IXAD693513C0632FE53EC81B5DFE8F311A.css

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06fa59982d72637aa6c723f4e189cea25d7669d328d81a3aff8509c3a1d476d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin.WF.App_IXAD693513C0632FE53EC81B5DFE8F311A.css
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Tue, 12 Oct 2021 09:41:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ffc3625b4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148784bdd4e7a-FRA
expires: Sun, 10 Apr 2022 15:15:22 GMT

GET
H2 200 rocket-loader.min.js Show response
citibanksgdvpclientuat1qa.investcloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
30ms Script
application/javascript 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 10:51:03 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"615c2e17-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800 public
strict-transport-security: max-age=31536000
cf-ray: 69d148784bde4e7a-FRA
expires: Thu, 14 Oct 2021 15:15:21 GMT

GET
H2 200 HomePage_CitiHKLogin_WF_App_Generated_IX18C60D7B29171474A3BED04DA7FA0849.js Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/ 36 KB
4 KB 1031ms
1030ms Script
application/javascript 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin_WF_App_Generated_IX18C60D7B29171474A3BED04DA7FA0849.js

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca2e38d9b81d709b212c7badcfa12b06cafd46a8b260b874123a5c39f1c223af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin_WF_App_Generated_IX18C60D7B29171474A3BED04DA7FA0849.js
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Tue, 12 Oct 2021 09:41:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fa28275b4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148786c304e7a-FRA
expires: Sun, 10 Apr 2022 15:15:22 GMT

GET
H2 200 HomePage_CitiHKLogin_WF_App_iXing_IX2DE4044030D7F4AACBF6F5BC66B5135F.js Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/ 1 MB
333 KB 1759ms
1758ms Script
application/javascript 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin_WF_App_iXing_IX2DE4044030D7F4AACBF6F5BC66B5135F.js

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e47ccdb9befa254bc883c893def06b33ac79914fab8fc82c2b90361080a68a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin_WF_App_iXing_IX2DE4044030D7F4AACBF6F5BC66B5135F.js
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Tue, 12 Oct 2021 09:41:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"429f1d5b4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148786c374e7a-FRA
expires: Sun, 10 Apr 2022 15:15:22 GMT

GET
H2 200 HomePage_CitiHKLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/ 2 MB
425 KB 2002ms
2001ms Script
application/javascript 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Tue, 12 Oct 2021 09:41:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"392dca5a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148786c394e7a-FRA
expires: Sun, 10 Apr 2022 15:15:22 GMT

GET
H2 200 V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/ 3 MB
920 KB 2073ms
2072ms Script
application/javascript 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Tue, 12 Oct 2021 09:41:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9b8b45a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148786c3a4e7a-FRA
expires: Sun, 10 Apr 2022 15:15:22 GMT

GET
H2 200 V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/ 276 KB
97 KB 1818ms
1817ms Script
application/javascript 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Tue, 12 Oct 2021 09:41:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a9429f5a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148786c3b4e7a-FRA
expires: Sun, 10 Apr 2022 15:15:22 GMT

GET
H2 200 CITI-Interstate-Regular.ttf
citibanksgdvpclientuat1qa.investcloud.com/Fonts/ 38 KB
38 KB 1269ms
1269ms Font
application/octet-stream 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/Fonts/CITI-Interstate-Regular.ttf

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/styles/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin.WF.App_IXAD693513C0632FE53EC81B5DFE8F311A.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce21af65069079d3e0ef033d37d4240876f927f461b98a0600f9f4153106e677

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://citibanksgdvpclientuat1qa.investcloud.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
:path: /Fonts/CITI-Interstate-Regular.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/styles/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin.WF.App_IXAD693513C0632FE53EC81B5DFE8F311A.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/styles/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin.WF.App_IXAD693513C0632FE53EC81B5DFE8F311A.css
Origin: https://citibanksgdvpclientuat1qa.investcloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 38672
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Sat, 09 Oct 2021 06:17:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5c2da357d5bcd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 69d1488ad86a4e7a-FRA
expires: Tue, 12 Oct 2021 19:15:25 GMT

GET
H2 200 CitiHKLogin_WF_App-ApplicationMapper_IX860EB2AE28B0BBEF9508B38F424C8502.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 5 KB
1 KB 1018ms
1016ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-ApplicationMapper_IX860EB2AE28B0BBEF9508B38F424C8502.json

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c8299b46c119c179b65abcefb528afb4194796039c2d425fc3d99a249bceee0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiHKLogin_WF_App-ApplicationMapper_IX860EB2AE28B0BBEF9508B38F424C8502.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a6d12c5a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=1B8ZN/4V4LhYA4loaf/zHXFy7ZtuiwDOh7hHRZkMmKHXm+Usm6uLUvhmtEHFutPp9rUJ/FMICpw2vImamOWSDxHpmvccInGLp/LJETR1sMafhI6GulxyMEPA69NR; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=1B8ZN/4V4LhYA4loaf/zHXFy7ZtuiwDOh7hHRZkMmKHXm+Usm6uLUvhmtEHFutPp9rUJ/FMICpw2vImamOWSDxHpmvccInGLp/LJETR1sMafhI6GulxyMEPA69NR; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b08c04e7a-FRA

GET
H2 200 CitiHKLogin_WF_App-CommandListService_IXA3F8A9A10071F174AAA1CB53A17626FD.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 502 B
714 B 1029ms
1025ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-CommandListService_IXA3F8A9A10071F174AAA1CB53A17626FD.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a93bc4ec08c5c3c4befcc455ac1c8eb6551e65c5079c634733eb427df75de3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiHKLogin_WF_App-CommandListService_IXA3F8A9A10071F174AAA1CB53A17626FD.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b7f8335a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=At0QwJUIzDljMG4Hz8HCZW2bQp0mNFEnRNEMV9u5371iLzhA2zGzM9qc84h2tIjrMS9quwyj2pjYqF2I+V4GRr7ErW+30kPDTD/mGELgqFGmX8AZsVqZaDT6ia4W; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=At0QwJUIzDljMG4Hz8HCZW2bQp0mNFEnRNEMV9u5371iLzhA2zGzM9qc84h2tIjrMS9quwyj2pjYqF2I+V4GRr7ErW+30kPDTD/mGELgqFGmX8AZsVqZaDT6ia4W; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b08c54e7a-FRA

GET
H2 200 CitiHKLogin_WF_App-LocaleFieldFormats_IX23AD2825990F688E747A913D86ABAE97.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 53 KB
4 KB 1019ms
1015ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-LocaleFieldFormats_IX23AD2825990F688E747A913D86ABAE97.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150e609d90bdf8f22327c618b86d5381105eef8fdf23574be4be348508a35565

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiHKLogin_WF_App-LocaleFieldFormats_IX23AD2825990F688E747A913D86ABAE97.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"23d04b5a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=24zAwNVpUQBEs1EemBNvpE9Q8Wi/MSzz8pQz8jw9CWLZOkgxLAARs5FYKCZWNV8S0T8R2zWiAusTFFtEX89Za4TC9lcw2vgAg0ETE7dD7wR2ECgs9tnCQoKZLXMk; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=24zAwNVpUQBEs1EemBNvpE9Q8Wi/MSzz8pQz8jw9CWLZOkgxLAARs5FYKCZWNV8S0T8R2zWiAusTFFtEX89Za4TC9lcw2vgAg0ETE7dD7wR2ECgs9tnCQoKZLXMk; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b08d14e7a-FRA

GET
H2 200 CitiHKLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 116 B
528 B 1019ms
1015ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiHKLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8bbd385a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=TVr20uer9wVUcvFf6GZ5V6/3OR/JzqE0EEq9Ci3s/PoJi2lARYHy7pEC7J89xO6mp+dbeoszsJALZ19f0i9JJMzWuoyqqR+QSsBQTDj1gfSkRiS3o/g98+Fwsalk; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=TVr20uer9wVUcvFf6GZ5V6/3OR/JzqE0EEq9Ci3s/PoJi2lARYHy7pEC7J89xO6mp+dbeoszsJALZ19f0i9JJMzWuoyqqR+QSsBQTDj1gfSkRiS3o/g98+Fwsalk; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b08d24e7a-FRA

GET
H2 200 CitiHKLogin_WF_App-WorkFlowApplicationTree_IXBC75394345D01AF0A572D9FFBEC80F6F.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 573 B
532 B 1016ms
1012ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-WorkFlowApplicationTree_IXBC75394345D01AF0A572D9FFBEC80F6F.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb86bdc1d6ea8f9eebaaa58ee2b65786077fc756489688c095b3be55c26cfa38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiHKLogin_WF_App-WorkFlowApplicationTree_IXBC75394345D01AF0A572D9FFBEC80F6F.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"eb201c5a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=hRXoWDwXjC8voY/qmFySSw1HNSntcYBkzI0ocgCFQ8u49NIYFsH/0IWxvPA8k+oKlfCRytKlrEZMQKGNEcZiB9Aqtcb6UuFZ508khQ1gpXS6ULSslbCioQW2jm6v; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=hRXoWDwXjC8voY/qmFySSw1HNSntcYBkzI0ocgCFQ8u49NIYFsH/0IWxvPA8k+oKlfCRytKlrEZMQKGNEcZiB9Aqtcb6UuFZ508khQ1gpXS6ULSslbCioQW2jm6v; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18d54e7a-FRA

GET
H2 200 CitiHKLogin_WF_App-WorkFlow_IX89DA61790CD3B6211276DA0C33ED4D59.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 2 KB
882 B 1026ms
1021ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-WorkFlow_IX89DA61790CD3B6211276DA0C33ED4D59.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65447a9169d0e8f76cb025aa380f371cf32d03f0e97a90b4f90daf6fd339ed45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiHKLogin_WF_App-WorkFlow_IX89DA61790CD3B6211276DA0C33ED4D59.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"45a555a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=8/Wm0DOU7I8udiOrla/kLo2jGV50KcvF3uEcwuQ4IvUHm+SUR/vpsoPw683ZiO9mYIUxrBN1z/FeHvj/Gp37CdMeTUW/tkf7EQzOaRsWYzXBcg44y26enf0DxT36; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=8/Wm0DOU7I8udiOrla/kLo2jGV50KcvF3uEcwuQ4IvUHm+SUR/vpsoPw683ZiO9mYIUxrBN1z/FeHvj/Gp37CdMeTUW/tkf7EQzOaRsWYzXBcg44y26enf0DxT36; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18d84e7a-FRA

GET
H2 200 CitiSGClientUAT_IXF91D98791FDB9F732746B6FEECD2D786.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 3 KB
2 KB 1036ms
1032ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT_IXF91D98791FDB9F732746B6FEECD2D786.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e40916a60e90bb418ea7916d55d686f27768e3b570926da4c0ece9ecf2a53e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT_IXF91D98791FDB9F732746B6FEECD2D786.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 15:15:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4cd4e7f87bbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=GvKhm2EtiQP+OiZ3JHitH6Dka3JiLUn2cZG8kxkzVy20wyeMAcyGzZIXKYOzmz2opsnVqlIeSpkN5bitVsEdy+20ONs+iInzEQ9fZ9B/+XhKsL2oMNfc0l20SIgv; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=GvKhm2EtiQP+OiZ3JHitH6Dka3JiLUn2cZG8kxkzVy20wyeMAcyGzZIXKYOzmz2opsnVqlIeSpkN5bitVsEdy+20ONs+iInzEQ9fZ9B/+XhKsL2oMNfc0l20SIgv; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18da4e7a-FRA

GET
H2 200 CitiSGClientUAT-ApplicationMapper_IX1E29BB9A7421C35C423B8D376E7A4798.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 5 KB
1 KB 1030ms
1026ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-ApplicationMapper_IX1E29BB9A7421C35C423B8D376E7A4798.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e1f70e4067edddf92298918eae51185dfdd0eddc6dd87f7287e39dad70d069d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-ApplicationMapper_IX1E29BB9A7421C35C423B8D376E7A4798.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a6d12c5a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=fNkd8NekXh59F+OuLjo20HK1wTTrwu7o6bJJB5sSQQZQx0ta0xEOo++GjYJPJWClXTI+KBIrmyyqUbMlvQLIpSufBI8TR/9y9lMTE613HOenINwyn6pZS5EGM+JF; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=fNkd8NekXh59F+OuLjo20HK1wTTrwu7o6bJJB5sSQQZQx0ta0xEOo++GjYJPJWClXTI+KBIrmyyqUbMlvQLIpSufBI8TR/9y9lMTE613HOenINwyn6pZS5EGM+JF; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18dc4e7a-FRA

GET
H2 200 CitiSGClientUAT-ApplicationMapper_IXD339EE9AB5617D19B195C6122742EB90.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 7 KB
2 KB 270ms
264ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-ApplicationMapper_IXD339EE9AB5617D19B195C6122742EB90.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa5c5a5b21dc50636eac345d995ad08dcee19a352bb63ebfa51e97168c1777a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-ApplicationMapper_IXD339EE9AB5617D19B195C6122742EB90.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:47:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6baeae2c4ebfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=WbWBdBLrAbC6T7YNgCfNj/8fMgVVLqal7cj52Uu/ICIO/r8kLscN8khwM/MwrIxG7paZHG1kYSYFr49hWcOPOmO4hIBYww6+IKXsmdHUDVjwwRJcnD2pjFgPwXHv; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=WbWBdBLrAbC6T7YNgCfNj/8fMgVVLqal7cj52Uu/ICIO/r8kLscN8khwM/MwrIxG7paZHG1kYSYFr49hWcOPOmO4hIBYww6+IKXsmdHUDVjwwRJcnD2pjFgPwXHv; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18de4e7a-FRA

GET
H2 200 CitiSGClientUAT-CommandListService_IXCFEF7FA61C3A794C0C3B29925FB32BC7.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 730 B
884 B 1007ms
1002ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-CommandListService_IXCFEF7FA61C3A794C0C3B29925FB32BC7.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c50fa0a3d333cec8ac2a48c43c2f2c5ab0b944a3d55a262dbcf01073a24be58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-CommandListService_IXCFEF7FA61C3A794C0C3B29925FB32BC7.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b7f8335a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=0KZeWuNus4ojhelbeecsk39Ovryhm92Yo9PADkMkyJpvg6qW8YCCR89jAz84K7iqWgTnxR8ik5bu6VMl/Qp4F6mzV/AjrlEHVoZoobeJl+w9J4NLz5Axl5Horu3W; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=0KZeWuNus4ojhelbeecsk39Ovryhm92Yo9PADkMkyJpvg6qW8YCCR89jAz84K7iqWgTnxR8ik5bu6VMl/Qp4F6mzV/AjrlEHVoZoobeJl+w9J4NLz5Axl5Horu3W; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18e14e7a-FRA

GET
H2 200 CitiSGClientUAT-CommandListService_IXEEDD708D2B61B089B840CA538A680AF6.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 759 B
710 B 275ms
270ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-CommandListService_IXEEDD708D2B61B089B840CA538A680AF6.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c36077bd0f5b60b2adb597e8f9221470fe2f1cca2d84f8d38e420cd7467b8eaf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-CommandListService_IXEEDD708D2B61B089B840CA538A680AF6.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:47:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"99e8c82c4ebfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=DR5/K8LwHriJNn2GRGLS7zd8+4vyfiD9ptkqQWgFrl7mvqKl986BQ+QK1zW9a+XMRs+dyYavr/D7nthkbgRCv33XuNPc3DRgmndQz8SqIX8ru5ypLnL4/sKRcDgt; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=DR5/K8LwHriJNn2GRGLS7zd8+4vyfiD9ptkqQWgFrl7mvqKl986BQ+QK1zW9a+XMRs+dyYavr/D7nthkbgRCv33XuNPc3DRgmndQz8SqIX8ru5ypLnL4/sKRcDgt; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18e54e7a-FRA

GET
H2 200 CitiSGClientUAT-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 116 B
504 B 1023ms
1019ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:47:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ba4acb2c4ebfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=ftBVZ44emRDgJ6n6fK8APz1vNlts2qeErcnImcoRkPoa/gqDQ+FKi68aTocl+v9O6y5gsCTU5Ax7NYnJHZeJHVY0rABD5FJB9pEXSADAg1wPLNJiEun8c/tH+mbH; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=ftBVZ44emRDgJ6n6fK8APz1vNlts2qeErcnImcoRkPoa/gqDQ+FKi68aTocl+v9O6y5gsCTU5Ax7NYnJHZeJHVY0rABD5FJB9pEXSADAg1wPLNJiEun8c/tH+mbH; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18e94e7a-FRA

GET
H2 200 CitiSGClientUAT-WorkFlowApplicationTree_IX66A53EBFF49B32645B28C2244D573886.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 456 B
576 B 1020ms
1015ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-WorkFlowApplicationTree_IX66A53EBFF49B32645B28C2244D573886.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

669f92efd41e690c8feb163706f9e5a497bdd30c15e80e4077a1d640f6e8a7bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-WorkFlowApplicationTree_IX66A53EBFF49B32645B28C2244D573886.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3ae7205a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=qngM+0Zez4EXzyGvrEj1rsAkmHEc/yWlInFlx+WbCkUfMqZ+Q4Y5/UBn+dbQXPh2SXO7EjlA3wafvbIK/nMPzr5DE5UIQpNiPY5MLLJWx/81gU9tUI3wtKxSXsPj; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=qngM+0Zez4EXzyGvrEj1rsAkmHEc/yWlInFlx+WbCkUfMqZ+Q4Y5/UBn+dbQXPh2SXO7EjlA3wafvbIK/nMPzr5DE5UIQpNiPY5MLLJWx/81gU9tUI3wtKxSXsPj; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18ea4e7a-FRA

GET
H2 200 CitiSGClientUAT-WorkFlowApplicationTree_IX8B0B50FE0EBE20F9C3421FC3F8090BDA.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 441 B
553 B 1015ms
1011ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-WorkFlowApplicationTree_IX8B0B50FE0EBE20F9C3421FC3F8090BDA.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6276a0f97bd3f0cefc3ad371e1349116316277e800dca4de680475944a348f92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-WorkFlowApplicationTree_IX8B0B50FE0EBE20F9C3421FC3F8090BDA.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:47:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2339992c4ebfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=PPdRhcCbKfmrarLa4scVqxFJW6n3TGBWBemThrDkISbqt3ZWRDPyojOkFvAM9Ei0U1tfP04Aez/Y1pcOA4DxTubnaBwakiwxBthD2AFiW0t7ZoirhSwBGzzX3fDc; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=PPdRhcCbKfmrarLa4scVqxFJW6n3TGBWBemThrDkISbqt3ZWRDPyojOkFvAM9Ei0U1tfP04Aez/Y1pcOA4DxTubnaBwakiwxBthD2AFiW0t7ZoirhSwBGzzX3fDc; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18ec4e7a-FRA

GET
H2 200 CitiSGClientUAT-WorkFlow_IX773F1CD3A7650404370329A3DB2E2631.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 1 KB
867 B 1002ms
998ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-WorkFlow_IX773F1CD3A7650404370329A3DB2E2631.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37914e2571232084374031bd0e8c4b9aea7af0861d69215c14e2e26022e5acf3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-WorkFlow_IX773F1CD3A7650404370329A3DB2E2631.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17f7525a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=eXrt2sY24OAkGz70S9hBZ1xezH+jx/p1z1cg7VdXNHJ4ZLB/cC8SCJgaFwfferu30iF8PCMl6nEeC8Mvwzm0a8Yb1aoWUcabu2v7G81xQx9QsIo63t8Aesi65skW; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=eXrt2sY24OAkGz70S9hBZ1xezH+jx/p1z1cg7VdXNHJ4ZLB/cC8SCJgaFwfferu30iF8PCMl6nEeC8Mvwzm0a8Yb1aoWUcabu2v7G81xQx9QsIo63t8Aesi65skW; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18ee4e7a-FRA

GET
H2 200 CitiSGClientUAT-WorkFlow_IX782D037141572FB7279A68912804D60E.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 1 KB
874 B 1015ms
1010ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-WorkFlow_IX782D037141572FB7279A68912804D60E.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a443d341b000fc89ef939691822ff73fa8eed3a5e92c94e4e618453e2add92aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-WorkFlow_IX782D037141572FB7279A68912804D60E.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:47:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4db6b92d4ebfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=8vO4F0jD/BkY/I0lBqMC8G11ip6kPUchZXWLZb20myD4iwgVSI5IPk/KXhQfiN/SLdZs1hFQdf93VaZ3UKLndZVSjPmv4VzLe5YI2IBA9h73iJacYo0DjZFccxNF; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=8vO4F0jD/BkY/I0lBqMC8G11ip6kPUchZXWLZb20myD4iwgVSI5IPk/KXhQfiN/SLdZs1hFQdf93VaZ3UKLndZVSjPmv4VzLe5YI2IBA9h73iJacYo0DjZFccxNF; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18f94e7a-FRA

GET
H2 200 CitiSGClientUAT-637696572975117709-locale-en-US.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 8 KB
3 KB 1018ms
1014ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiSGClientUAT-637696572975117709-locale-en-US.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62c76a09a2b00b0a6d3dda551a11a058bdc25aa750e5d231a901480b4d558af7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/jig/CitiSGClientUAT-637696572975117709-locale-en-US.json
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"486e495a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=mHYhQTUBzMPHWBRE/Ctg9QNAlehDfug2MSv9sv4pVY+LDk5xIvJEwoTJigB4tHji7nK1HBrOVVKPxY4Z0fCOI2J0rYQK0s7y73ZfC1KnixFtVUzozBdnXb6h0kUj; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=mHYhQTUBzMPHWBRE/Ctg9QNAlehDfug2MSv9sv4pVY+LDk5xIvJEwoTJigB4tHji7nK1HBrOVVKPxY4Z0fCOI2J0rYQK0s7y73ZfC1KnixFtVUzozBdnXb6h0kUj; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18fc4e7a-FRA

GET
H2 200 CitiHKLogin_WF_App-637696572975117709-locale-en-US.json Show response
citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/ 9 KB
3 KB 274ms
270ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/CitiHKLogin_WF_App-637696572975117709-locale-en-US.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e629273ae9b4f5b945e037ab906141f2373fe4c035c6fe50a42abb73bfca384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
x-xsrf-token: 4EA7DF73FC070C450F3978B3115F728F
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
:path: /scripts/jig/CitiHKLogin_WF_App-637696572975117709-locale-en-US.json
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
X-XSRF-TOKEN: 4EA7DF73FC070C450F3978B3115F728F
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
last-modified: Tue, 12 Oct 2021 09:41:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"70b475a4dbfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json
content-security-policy: frame-ancestors 'self'
set-cookie: AWSALB=vew9Opnewu9rJ5irRLnkZM/IYUT6UOrxS3jgvJ3v/MDSf5XU674MvoAg1ooY3JQBd1HMuyEY8RcFeyS7Ouxs+QG2nESSdbcPKxCfGVuRY9rE3woYFYljGD26dufA; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=vew9Opnewu9rJ5irRLnkZM/IYUT6UOrxS3jgvJ3v/MDSf5XU674MvoAg1ooY3JQBd1HMuyEY8RcFeyS7Ouxs+QG2nESSdbcPKxCfGVuRY9rE3woYFYljGD26dufA; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b18fe4e7a-FRA

POST
H2 401 ecd.ashx Show response
citibanksgdvpclientuat1qa.investcloud.com/iXingPages/ 1 KB
2 KB 1061ms
1060ms XHR
text/html 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46ea45e2d4a3a5bc6c1dbe0d5dc214abdafe999081c6425f51f57616b183399b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-fetch-mode: cors
origin: https://citibanksgdvpclientuat1qa.investcloud.com
x-xsrf-token: 4EA7DF73FC070C450F3978B3115F728F
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; AWSALB=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; AWSALBCORS=MOXYrRLg9rEdFKTi4fkp4CZOv1g3rBTp9/xgtqtGWst8T3KI0sBwEzgASemBkdd9mpiYeAZJjXkqfe/tIpc6y/gcU102BsfUi9Ksp7stpTEhc9aX3+fvv2fasIbb; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXLastActivityTime=Tue Oct 12 2021 15:15:23 GMT+0000 (GMT)
content-length: 203
:path: /iXingPages/ecd.ashx?requesttype=dataset&v=2
pragma: no-cache
ic-culture: en-US
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: POST
IC-Culture: en-US
X-XSRF-TOKEN: 4EA7DF73FC070C450F3978B3115F728F
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html
cache-control: private
set-cookie: AWSALB=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/ AWSALBCORS=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh; Expires=Tue, 19 Oct 2021 15:15:24 GMT; Path=/; SameSite=None; Secure
cf-ray: 69d1488b19014e7a-FRA
x-ua-compatible: IE=Edge

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 78ms
14ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 19:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Mon, 10 Oct 2022 19:13:46 GMT

POST
H2 200 Ecd.ashx Show response
citibanksgdvpclientuat1qa.investcloud.com/iXingPages/ 0
380 B 281ms
281ms XHR
text/plain 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/iXingPages/Ecd.ashx?IX_EXTAUTH=Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://citibanksgdvpclientuat1qa.investcloud.com
x-xsrf-token: 4EA7DF73FC070C450F3978B3115F728F
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXTimezone=Etc/UTC; IXLastActivityTime=Tue Oct 12 2021 15:15:24 GMT+0000 (GMT); AWSALB=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh; AWSALBCORS=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh
content-length: 110
:path: /iXingPages/Ecd.ashx?IX_EXTAUTH=Y
pragma: no-cache
ic-culture: en-US
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/xml, text/xml, */*; q=0.01
cache-control: no-cache
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: POST
IC-Culture: en-US
X-XSRF-TOKEN: 4EA7DF73FC070C450F3978B3115F728F
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
set-cookie: AWSALB=jLqJJ9MaRLgJG5hni5bpPu9cIGhdJH5pqr1vX7tYvGR/DALevF4b6X+3fxQDaWWmVEu4MN2LfRsLMyYKdEihx7R8Hy8QlJ5KILdAlIgWKQc6zq/9+WwXAnlSPr1Q; Expires=Tue, 19 Oct 2021 15:15:25 GMT; Path=/ AWSALBCORS=jLqJJ9MaRLgJG5hni5bpPu9cIGhdJH5pqr1vX7tYvGR/DALevF4b6X+3fxQDaWWmVEu4MN2LfRsLMyYKdEihx7R8Hy8QlJ5KILdAlIgWKQc6zq/9+WwXAnlSPr1Q; Expires=Tue, 19 Oct 2021 15:15:25 GMT; Path=/; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
cf-ray: 69d148920c1e4e7a-FRA
content-length: 0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 ilg.ashx Show response
citibanksgdvpclientuat1qa.investcloud.com/Membership/ExtPages/ 2 B
420 B 271ms
270ms XHR
application/json 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/Membership/ExtPages/ilg.ashx?IX_MN=Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
x-xsrf-token: 4EA7DF73FC070C450F3978B3115F728F
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXTimezone=Etc/UTC; IXLastActivityTime=Tue Oct 12 2021 15:15:24 GMT+0000 (GMT); AWSALB=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh; AWSALBCORS=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh
:path: /Membership/ExtPages/ilg.ashx?IX_MN=Y
pragma: no-cache
ic-culture: en-US
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
IC-Culture: en-US
X-XSRF-TOKEN: 4EA7DF73FC070C450F3978B3115F728F
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
set-cookie: AWSALB=N9+h9eVfuVNVPnXvMjkucxitOVmavgru7GaCesi7I4mJn88cElRYx42AjzZRQDQNJGB96Iod9+Ts4x7A/QhazRPaSLkB6X+JNrCuAoOt49uVDV3rQW76n3p+A1NY; Expires=Tue, 19 Oct 2021 15:15:25 GMT; Path=/ AWSALBCORS=N9+h9eVfuVNVPnXvMjkucxitOVmavgru7GaCesi7I4mJn88cElRYx42AjzZRQDQNJGB96Iod9+Ts4x7A/QhazRPaSLkB6X+JNrCuAoOt49uVDV3rQW76n3p+A1NY; Expires=Tue, 19 Oct 2021 15:15:25 GMT; Path=/; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
cf-ray: 69d148922c614e7a-FRA
content-length: 2
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 Citiback_logo.png
citibanksgdvpclientuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 5 KB
5 KB 999ms
999ms Image
image/png 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/Citiback_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

163ca8ec31d1ac7c8d7c1431f7449f38409e5f1bff272bb90485bdd59789e248

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /App_Themes/Default/images/ClientThemeImages/Citibank/Citiback_logo.png
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXTimezone=Etc/UTC; IXLastActivityTime=Tue Oct 12 2021 15:15:24 GMT+0000 (GMT); AWSALB=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh; AWSALBCORS=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:26 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sat, 09 Oct 2021 06:15:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e779501fd5bcd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148925cc74e7a-FRA
expires: Sun, 10 Apr 2022 15:15:26 GMT

GET
H2 200 citi-priority-horizontal@2x.png
citibanksgdvpclientuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 12 KB
12 KB 1037ms
1036ms Image
image/png 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/citi-priority-horizontal@2x.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58abdf232a9749d30deebb115ef0e84d3e269ee157d22fedb29e99142b070bd5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /App_Themes/Default/images/ClientThemeImages/Citibank/citi-priority-horizontal@2x.png
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXTimezone=Etc/UTC; IXLastActivityTime=Tue Oct 12 2021 15:15:24 GMT+0000 (GMT); AWSALB=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh; AWSALBCORS=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:26 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sat, 09 Oct 2021 06:15:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f8c83f1fd5bcd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148929d174e7a-FRA
expires: Sun, 10 Apr 2022 15:15:26 GMT

GET
H2 200 photo_hk_1@2x.png
citibanksgdvpclientuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ 594 KB
594 KB 1256ms
1256ms Image
image/png 104.17.184.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citibanksgdvpclientuat1qa.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/photo_hk_1@2x.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.184.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dfb1078db04390d417fad62c750a984077ac25c16717c07516b72dcc7105f60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /App_Themes/Default/images/ClientThemeImages/Citibank/photo_hk_1@2x.png
pragma: no-cache
cookie: ASP.NET_SessionId=jscabc54yini5qgbnoztrb2y; IXCulture=en-US; IXSBaseUtcOffset=480; XSRF-TOKEN=4EA7DF73FC070C450F3978B3115F728F; IXTMO=3600000; IXTimezone=Etc/UTC; IXLastActivityTime=Tue Oct 12 2021 15:15:24 GMT+0000 (GMT); AWSALB=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh; AWSALBCORS=iSLaMMuheBvF+jjj+NeZTGG0ZVC/Xqr4eNwgZbOtuabFVkjtf/6KoKeTpmgXgwrU2QfkrI5MrCOvwHFHxYveX7t/ZQsd2EJcPzgCVgyJfjCHnaLz61mDH556HkEh
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: citibanksgdvpclientuat1qa.investcloud.com
referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/Membership/Apps/CitiHKLogin_WF_App.aspx?ReturnURL=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:26 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: public
last-modified: Sat, 09 Oct 2021 06:15:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f8c83f1fd5bcd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=15552000
content-security-policy: frame-ancestors 'self'
cf-ray: 69d148929d194e7a-FRA
expires: Sun, 10 Apr 2022 15:15:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 31ms
8ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: 0QhmdfLqcIDqHcxEevfibhE8Chu0Vtjnw0ZidjBrj+XkO8gYr8yMXHzeCeC3ikBFa4uPz4+BuwieEFtMuogVow==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 12 Oct 2021 15:15:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 42ms
8ms Script
application/x-javascript 2.16.186.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin_WF_App_iXing_IX2DE4044030D7F4AACBF6F5BC66B5135F.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 15:15:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=57066
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 39ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: citibanksgdvpclientuat1qa.investcloud.com
URL: https://citibanksgdvpclientuat1qa.investcloud.com/scripts/jig/BB2BA7C3EFB57CFE285E47193AB5092A/HomePage_CitiHKLogin_WF_App_iXing_IX2DE4044030D7F4AACBF6F5BC66B5135F.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-RP
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200126-IAD, cache-hhn11547-HHN

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://one.progmxs.com/seg?add=19651195&t=2
https://secure.adnxs.com/seg?add=19651195&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19651195%26t%3D2

43 B
1023 B

7ms
7ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19651195%26t%3D2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Oct 2021 15:15:25 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 540c1982-889d-4f90-8201-4c935f1a21c9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Oct 2021 15:15:25 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ab81b917-8451-487f-8e0e-d3767ba9b2c9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19651195%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 569 B
1 KB 65ms
25ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 15:15:25 GMT
server: ESF
date: Tue, 12 Oct 2021 15:15:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 12 Oct 2021 15:15:25 GMT

GET
H2 200 469167063693820 Show response
connect.facebook.net/signals/config/ 223 KB
68 KB 53ms
52ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/469167063693820?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

f8a89674ee45e973b0d076685c3bd21e3232e75ce8292710292ff65b9548f547

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JAU6WPfsO4tQ0wlo/Qu02UaUKWQZfklXI69xhRLwo7eDvnNDGJfeeZkANBOirHjBqh6gmY9dsXfNNGA9WiBnGA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 12 Oct 2021 15:15:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1381738&time=1634051725286&url=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1381738%26time%3D1634051725286%26url%3Dhttps%253A%252F%252Fcitibanksgdvpclientuat...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1381738&time=1634051725286&url=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3...

0
58 B

136ms
136ms

Image
application/javascript

108.174.11.69
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1381738&time=1634051725286&url=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3D%252f%23%21%2Fw%2Fcitihkloginwfapp&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-69.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-eda6
content-type: application/javascript
content-length: 0
x-li-uuid: GMrQHWNRrRbAsMRvmCsAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXOKVCpFjWUl/VBmxzaNA==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CF307FD22A664E38B71FA8F83908669F Ref B: PRG01EDGE0715 Ref C: 2021-10-12T15:15:25Z
date: Tue, 12 Oct 2021 15:15:25 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1381738&time=1634051725286&url=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3D%252f%23%21%2Fw%2Fcitihkloginwfapp&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 134ms
119ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz9c7&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=536479cf-abdb-40a6-8e00-b1de1ae2772b&tw_document_href=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3D%252f%23!%2Fw%2Fcitihkloginwfapp%3Fs%3Dcitibankloginholderapp&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 12 Oct 2021 15:15:25 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8149784d4121f39a507d29b3ed40d6f5bb43053ce0b526f1497b4b3a43f405e1
x-transaction: 277cbd614f22f5f0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 135ms
121ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz9c7&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=536479cf-abdb-40a6-8e00-b1de1ae2772b&tw_document_href=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3D%252f%23!%2Fw%2Fcitihkloginwfapp%3Fs%3Dcitibankloginholderapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 12 Oct 2021 15:15:25 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f7da2ec32df6a2fc1413236b30aed277e661d5395cbb24d12e778a65f4753a9e
x-transaction: a85f16edbf9503da
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v109/ 111 KB
112 KB 28ms
7ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v109/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

ed6818649489f3c542a92f2e189696e69f304ca0f4e9a85dfa340e669c6f3304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://citibanksgdvpclientuat1qa.investcloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 00:14:39 GMT
x-content-type-options: nosniff
age: 54046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113660
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 00:04:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Oct 2022 00:14:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 23ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=469167063693820&ev=PageView&dl=https%3A%2F%2Fcitibanksgdvpclientuat1qa.investcloud.com%2FMembership%2FApps%2FCitiHKLogin_WF_App.aspx%3FReturnURL%3D%252f%23!%2Fw%2Fcitihkloginwfapp%3Fs%3Dcitibankloginholderapp&rl=&if=false&ts=1634051725372&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=28&fbp=fb.1.1634051725371.1007621871&it=1634051725280&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://citibanksgdvpclientuat1qa.investcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 15:15:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 12 Oct 2021 15:15:25 GMT

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citibanksgdvpclientuat1qa.investcloud.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: jscabc54yini5qgbnoztrb2y
citibanksgdvpclientuat1qa.investcloud.com/	1969-12-31 23:59:59	Name: IXCulture Value: en-US
citibanksgdvpclientuat1qa.investcloud.com/	1969-12-31 23:59:59	Name: IXSBaseUtcOffset Value: 480
citibanksgdvpclientuat1qa.investcloud.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 4EA7DF73FC070C450F3978B3115F728F
citibanksgdvpclientuat1qa.investcloud.com/	1969-12-31 23:59:59	Name: IXTMO Value: 3600000
citibanksgdvpclientuat1qa.investcloud.com/	1970-01-19 21:57:04	Name: IXTimezone Value: Etc/UTC
citibanksgdvpclientuat1qa.investcloud.com/	1969-12-31 23:59:59	Name: IXLastActivityTime Value: Tue Oct 12 2021 15:15:24 GMT+0000 (GMT)
citibanksgdvpclientuat1qa.investcloud.com/	1969-12-31 23:59:59	Name: IXAnalyticsConsent Value: allow
.investcloud.com/	1970-01-20 00:03:47	Name: _fbp Value: fb.1.1634051725371.1007621871
citibanksgdvpclientuat1qa.investcloud.com/	1970-01-19 22:04:16	Name: AWSALB Value: N9+h9eVfuVNVPnXvMjkucxitOVmavgru7GaCesi7I4mJn88cElRYx42AjzZRQDQNJGB96Iod9+Ts4x7A/QhazRPaSLkB6X+JNrCuAoOt49uVDV3rQW76n3p+A1NY
citibanksgdvpclientuat1qa.investcloud.com/	1970-01-19 22:04:16	Name: AWSALBCORS Value: N9+h9eVfuVNVPnXvMjkucxitOVmavgru7GaCesi7I4mJn88cElRYx42AjzZRQDQNJGB96Iod9+Ts4x7A/QhazRPaSLkB6X+JNrCuAoOt49uVDV3rQW76n3p+A1NY
.twitter.com/	1970-01-20 15:25:23	Name: personalization_id Value: "v1_njDNWYfNrcQommnOXlJTfw=="
.adnxs.com/	1970-01-20 00:03:47	Name: uuid2 Value: 6436242707502146668
.adnxs.com/	1970-01-20 00:03:47	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$Qk'Sm$!]tbP6j2F-XstGt!@D+V$M]Y7
.linkedin.com/	1970-01-19 22:37:23	Name: UserMatchHistory Value: AQJeZGsNK35VBgAAAXx1Epkq1EmgnlOalwuExCQW-gH-vmVf9OMp_cMqV0Jkqk5iq1mmKynXFOQsrA
.linkedin.com/	1970-01-19 22:37:23	Name: AnalyticsSyncHistory Value: AQJyVbnUN0NF-QAAAXx1Epkq_QHFL9c2zNydrUpIX47MWIc9Din5rssSwWFwpjdJXc6pebSHEic3gL3lTeBR1Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:26:05	Name: bcookie Value: "v=2&64f91ee7-49c8-40bf-8a68-f59ae3eaa6c5"
.linkedin.com/	1970-01-19 21:55:38	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2253:u=1:x=1:i=1634051725:t=1634138125:v=2:sig=AQHsNv8zzZjsecd1H2hM6HSqwMTcvStr"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:26:05	Name: bscookie Value: "v=1&20211012151525a16efcfd-160a-4136-8b69-ec5baf196d51AQFTmLYKLYqEy99-F90QvAOKQnhYZIKb"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://citibanksgdvpclientuat1qa.investcloud.com/iXingPages/ecd.ashx?requesttype=dataset&v=2 Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
citibanksgdvpclientuat1qa.investcloud.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
one.progmxs.com
px.ads.linkedin.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
t.co
www.facebook.com
www.linkedin.com
104.17.184.107
104.244.42.67
104.244.42.69
108.174.11.69
13.107.42.14
142.250.184.202
142.250.185.131
199.232.136.157
2.16.186.19
216.58.212.170
31.13.92.14
31.13.92.36
37.252.173.215
68.67.153.53
06fa59982d72637aa6c723f4e189cea25d7669d328d81a3aff8509c3a1d476d1
0c50fa0a3d333cec8ac2a48c43c2f2c5ab0b944a3d55a262dbcf01073a24be58
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
150e609d90bdf8f22327c618b86d5381105eef8fdf23574be4be348508a35565
163ca8ec31d1ac7c8d7c1431f7449f38409e5f1bff272bb90485bdd59789e248
1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158
22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c
26e40916a60e90bb418ea7916d55d686f27768e3b570926da4c0ece9ecf2a53e
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
37914e2571232084374031bd0e8c4b9aea7af0861d69215c14e2e26022e5acf3
407b3b0dd6198c4866cf5b622441ea344bde6f04dee8040c235a4be3770c897e
46ea45e2d4a3a5bc6c1dbe0d5dc214abdafe999081c6425f51f57616b183399b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
58abdf232a9749d30deebb115ef0e84d3e269ee157d22fedb29e99142b070bd5
5a93bc4ec08c5c3c4befcc455ac1c8eb6551e65c5079c634733eb427df75de3a
5c8299b46c119c179b65abcefb528afb4194796039c2d425fc3d99a249bceee0
5dfb1078db04390d417fad62c750a984077ac25c16717c07516b72dcc7105f60
6276a0f97bd3f0cefc3ad371e1349116316277e800dca4de680475944a348f92
62c76a09a2b00b0a6d3dda551a11a058bdc25aa750e5d231a901480b4d558af7
65447a9169d0e8f76cb025aa380f371cf32d03f0e97a90b4f90daf6fd339ed45
669f92efd41e690c8feb163706f9e5a497bdd30c15e80e4077a1d640f6e8a7bd
7e629273ae9b4f5b945e037ab906141f2373fe4c035c6fe50a42abb73bfca384
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8e1f70e4067edddf92298918eae51185dfdd0eddc6dd87f7287e39dad70d069d
98e47ccdb9befa254bc883c893def06b33ac79914fab8fc82c2b90361080a68a
a443d341b000fc89ef939691822ff73fa8eed3a5e92c94e4e618453e2add92aa
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c36077bd0f5b60b2adb597e8f9221470fe2f1cca2d84f8d38e420cd7467b8eaf
ca2e38d9b81d709b212c7badcfa12b06cafd46a8b260b874123a5c39f1c223af
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce21af65069079d3e0ef033d37d4240876f927f461b98a0600f9f4153106e677
df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6818649489f3c542a92f2e189696e69f304ca0f4e9a85dfa340e669c6f3304
f8a89674ee45e973b0d076685c3bd21e3232e75ce8292710292ff65b9548f547
fa5c5a5b21dc50636eac345d995ad08dcee19a352bb63ebfa51e97168c1777a5
fb86bdc1d6ea8f9eebaaa58ee2b65786077fc756489688c095b3be55c26cfa38
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

citibanksgdvpclientuat1qa.investcloud.com Open in urlscan Pro 104.17.184.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

0 %IPv6

12 Domains

14 Subdomains

12 IPs

3 Countries

2851 kBTransfer

9328 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

citibanksgdvpclientuat1qa.investcloud.com Open in urlscan Pro
104.17.184.107 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

12
IPs

3
Countries

2851 kB
Transfer

9328 kB
Size

21
Cookies

45 HTTP transactions
0 data transactions