notify.citibot.net Open in urlscan Pro
18.172.112.93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://notify.citibot.net/
Submission: On May 21 via automatic, source certstream-suspicious (May 21st 2025, 2:24:00 am UTC) — Scanned from SE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 18.172.112.93, located in United States and belongs to AMAZON-02, US. The main domain is notify.citibot.net.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 19th 2024. Valid for: a year.

This is the only time notify.citibot.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	18.172.112.93 18.172.112.93	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
4	104.17.255.182 104.17.255.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

12 18.172.112.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-93.fra60.r.cloudfront.net

notify.citibot.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 104.17.255.182 (None, )

ASN13335 (CLOUDFLARENET, US)

citibot.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
12	citibot.net notify.citibot.net	1 MB
4	auth0.com citibot.auth0.com	4 KB
1	gstatic.com fonts.gstatic.com	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 123	2 KB
18	4

	Domain	Requested by
12	notify.citibot.net	notify.citibot.net
4	citibot.auth0.com	notify.citibot.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	notify.citibot.net
18	4

This site contains no links.

Subject Issuer	Validity	Valid
notify.citibot.net Amazon RSA 2048 M03	`2024-06-19` - `2025-07-19`	a year	crt.sh
upload.video.google.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.gstatic.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
auth0.com E6	`2025-05-07` - `2025-08-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://notify.citibot.net/
Frame ID: 355ED9EB4DAEE44ED82389B794505FED
Requests: 15 HTTP requests in this frame

Frame: https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=uhOPN7~5gTGYA4Nb-KefFBC7Bty0r1E5&nonce=N5IT.B5UYGxjpj9_dz3Sf0.YXDix38EI&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: 2531FBBB1E2E8A5E7B3EE5F8050AA8C3
Requests: 1 HTTP requests in this frame

Frame: https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=o_4nIa.sIwY9vyyVQwAwBMc1n56FMe5G&nonce=KdMBrHSxLkM0eTG4c_e29PUFdQxRkwzJ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: 58B790B5DC6DBCC431C1F725449C47A7
Requests: 1 HTTP requests in this frame

Frame: https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=OIf5lY3lY6I4Xl4RH24B.XxFICZ2fnZh&nonce=cRIquTT0XAx.OJ6zRJSMMFxB5kCXQRjz&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: C52B44E224AE4CE63FEC9F73F5A07622
Requests: 1 HTTP requests in this frame

Frame: https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=Utcm2FLEpAiDBj1yQ-yii4ujlBB6jP~X&nonce=J_cywN1Opa4OiaK20G8BGlAkjSZNCP0v&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: FAB0901CA9E87C53A8A9183C11A4D42A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citibot Notify

Detected technologies

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1149 kB
Transfer

1170 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
notify.citibot.net/ 877 B
1 KB 102ms
10ms Document
text/html 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3e7710ff04626a08f999f436b088bdcfa733f9aa2ca5569d48a6cef17f79693f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 16
content-length: 877
content-type: text/html
date: Wed, 21 May 2025 02:23:45 GMT
etag: "c631232652fde5bf230e1ac16d039fae"
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
x-amz-cf-id: HfOZtEE31MwYo9XIHgm3kYEqDmoFAF9MCXjem7goS_i9A6YOeVybsA==
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: qByqqmEgAYf5ErffMWzRlb8nBXl3engF
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 47ms
17ms Stylesheet
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700&display=swap

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

ESF /

Resource Hash

b03f6a7803f52f46cfdc584712779842084f81d3a76d87ad3700745ae11ccd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 21 May 2025 02:24:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 21 May 2025 02:24:00 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 21 May 2025 01:22:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 main.c7921c7b.js Show response
notify.citibot.net/static/js/ 621 KB
623 KB 435ms
435ms Script
text/javascript 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/static/js/main.c7921c7b.js

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

834bd6b656e4d3026c8d60db1a8e0e70edd9d7068ec6b4490f36d288a2e5d4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/

Response headers

x-amz-version-id: 3r9j94DjcmWh12BdByAqReLsdNLd2OVo
etag: "108fc0150cfa6aaa3fbf3b5a1b79020e"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: NiksXneOkQiIrlV9-MrCGC11Bs5i4eIpXd4lrMtCQeV4f1Y7gLu1_Q==
date: Wed, 21 May 2025 02:24:01 GMT
content-type: text/javascript
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 636202
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.15f566fd.css
notify.citibot.net/static/css/ 3 KB
3 KB 388ms
387ms Stylesheet
text/css 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/static/css/main.15f566fd.css

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

088be8be21a72139e92cb28a475dac2a77fc97002048b7b65d7c5f537a0f5c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/

Response headers

x-amz-version-id: GeRxXHGwiNpmYNZC8DvRPRWVln998vws
etag: "9665a24024eb37abf309a381a2b6b63d"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: QXPrERiTSASFZe77dbt2aUd0uh3QAF6-5eNlop5v8P1DwFIb53z84Q==
date: Wed, 21 May 2025 02:24:01 GMT
content-type: text/css
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2837
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 39 KB
39 KB 27ms
10ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://notify.citibot.net
Referer: https://fonts.googleapis.com/

Response headers

age: 66934
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 20 May 2026 07:48:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 20 May 2025 07:48:27 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H2 200 config.json Show response
notify.citibot.net/ 548 B
1 KB 372ms
372ms Fetch
application/json 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/config.json

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ce19305af9aee15a990ba177a8b2fa38abbf4085182e3e93bd51c79aa54ef089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/

Response headers

x-amz-version-id: D9R9R1lJ5MiYfXI.NYESwq5gEJmk59mD
etag: "abc87ec30baf8113a6064817406b6088"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: ms_VhA6yYXAb395IjcVLMQ7eQ2f5ameNgvIwSGucycjLPyYsMxTHWg==
date: Wed, 21 May 2025 02:24:02 GMT
content-type: application/json
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 548
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 citibot-icon.png
notify.citibot.net/ 679 B
1 KB 345ms
344ms Other
image/png 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/citibot-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

100d947743fa80ea383afafcd13a735d10ed3afd0ae6c7accddfcb35a934a9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/home

Response headers

x-amz-version-id: 2OqC5cKDgtAUqzIR8Vml4whKKqWKST9M
etag: "ecde5d6f396721423a03f9875b96b919"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: BZecKLBJ-xoJqULoDu4wL4jtyXImgdJC-lZXKcgOH2htzdsgCbWktw==
date: Wed, 21 May 2025 02:24:02 GMT
content-type: image/png
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 679
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 authorize Show response
citibot.auth0.com/ Frame 2531 1 KB
1 KB 293ms
263ms Document
text/html 104.17.255.182
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=uhOPN7~5gTGYA4Nb-KefFBC7Bty0r1E5&nonce=N5IT.B5UYGxjpj9_dz3Sf0.YXDix38EI&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.255.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b63b63b76e756b7caeb71e5226e2407a1d316c58e620dc3e5c64a4e67b9e0600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://notify.citibot.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 94309d7bedb2366d-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 21 May 2025 02:24:02 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-l: 0.020
x-auth0-requestid: dfc671895456042bc712
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 98
x-ratelimit-reset: 1747794244

GET
H2 200 authorize Show response
citibot.auth0.com/ Frame 58B7 1 KB
950 B 291ms
266ms Document
text/html 104.17.255.182
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=o_4nIa.sIwY9vyyVQwAwBMc1n56FMe5G&nonce=KdMBrHSxLkM0eTG4c_e29PUFdQxRkwzJ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.255.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed200e56e1125bd71a93f54ae78a49a1ec13d3b07686061728cdd51ea64aecc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://notify.citibot.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 94309d7bedb3366d-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 21 May 2025 02:24:02 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-l: 0.028
x-auth0-requestid: 68d5f0b59010ecc1ef90
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1747794244

GET
H2 200 623.57f16b99.chunk.js Show response
notify.citibot.net/static/js/ 25 KB
25 KB 362ms
361ms Script
text/javascript 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/static/js/623.57f16b99.chunk.js

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

93aac5dc26e7432e221038edb18599928d3055c03785d2ebb4b8950c51258cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/login

Response headers

x-amz-version-id: X42nnM.KqRMSCMIXqKCp8YIPdbZn20X_
etag: "e726cb847b14fe8a334277109844061a"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: XbFFzAynXmMeMPD_ELcn0aM4Em4MJYMCLDeWoOLO7cu1DSGOpgF7wA==
date: Wed, 21 May 2025 02:24:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 25114
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 703.8c7c3958.chunk.js Show response
notify.citibot.net/static/js/ 104 KB
105 KB 377ms
377ms Script
text/javascript 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/static/js/703.8c7c3958.chunk.js

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1ce3730e18e569feccc29547a100eddb169aa67a70d4e945760fbf9381adde7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/login

Response headers

x-amz-version-id: J8h9LRbVZ.0lsZWse0n8JxAgj9YIfPPq
etag: "ec81c4ddae0443530dbf7148188db7e4"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: JpmswrEXbJB2BvTgANCx7wwoRNG0wG6Ji_oV0adBsS5UEJprVruBDA==
date: Wed, 21 May 2025 02:24:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 106343
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 438.12e6e1a4.chunk.js Show response
notify.citibot.net/static/js/ 68 KB
69 KB 331ms
330ms Script
text/javascript 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/static/js/438.12e6e1a4.chunk.js

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ab92dcc3798dc8bf0d4642436c37bffb32872f6b1b304953f211d2d3b0718d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/login

Response headers

x-amz-version-id: 7kkZHL.TnPghtODHa6TLpcWHQ1nlzJMS
etag: "d73f2bf05d575a66e683575386db0db2"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: HftsVBIYc0LOnAhqJnlQPL64h4x7FgipLlIjU7ZTbp5TKpner2mcUg==
date: Wed, 21 May 2025 02:24:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 70046
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 161.eb42b68f.chunk.js Show response
notify.citibot.net/static/js/ 224 KB
224 KB 384ms
384ms Script
text/javascript 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/static/js/161.eb42b68f.chunk.js

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

47ab1661b4f7f90277ec9db09baf5d90f4c0e67ebac68c3d5209cf1906ddae82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/login

Response headers

x-amz-version-id: RHgF_O5Cj_CqAxLNPBHBbOMkMfGJiI0S
etag: "fdd010e1292a0bba5c296de2104d7e1e"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: uPG-Cq0NyZUw04_V7lSLe_A4d42dIWGDzxhmtUIaU7V5nsRftyS4GQ==
date: Wed, 21 May 2025 02:24:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 228959
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 702.51da20c8.chunk.js Show response
notify.citibot.net/static/js/ 6 KB
6 KB 424ms
424ms Script
text/javascript 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/static/js/702.51da20c8.chunk.js

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

16688491cc919c8e63be875dd394ead509eb107fba1a6f3a45e049126083d522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/login

Response headers

x-amz-version-id: ZiVET.UYj_P6.p.ILSAaR38Y9mUbXeIW
etag: "0908d7cc1d43145c61979577208f0bd9"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: cKhjBF7wn6ualsnDK1oI0Fmhgv7wLYTrHo71cZ2P0YdS8axvn1N80Q==
date: Wed, 21 May 2025 02:24:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5703
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 citibot-icon.png
notify.citibot.net/ 679 B
0 0ms
0ms Other
image/png 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://notify.citibot.net/citibot-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

100d947743fa80ea383afafcd13a735d10ed3afd0ae6c7accddfcb35a934a9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/login

Response headers

x-amz-version-id: 2OqC5cKDgtAUqzIR8Vml4whKKqWKST9M
etag: "ecde5d6f396721423a03f9875b96b919"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: BZecKLBJ-xoJqULoDu4wL4jtyXImgdJC-lZXKcgOH2htzdsgCbWktw==
date: Wed, 21 May 2025 02:24:02 GMT
content-type: image/png
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 679
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc8f5f6c0bc1dc61e1a2221abb8b788b50ce54921dfb50aa3dadf9774a76dd92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 hero.9265588ba28accfab908.png
notify.citibot.net/static/media/ 45 KB
46 KB 343ms
343ms Image
image/png 18.172.112.93
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://notify.citibot.net/static/media/hero.9265588ba28accfab908.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e36a79007a9d7be92d2f393827efdcafbc323f2be6f337e5dc98494a86d8cbef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://notify.citibot.net/login

Response headers

x-amz-version-id: JzvUFVHdZwCOuD4fx7xUJw9Qh9dvoMQ8
etag: "e5e83bd3d3d0c3c5846d159c4369fc60"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: VY7o1h55T61NnyJZZDOvoZVApSttdyS_XMtaEQBen_eimPjV2QD1xQ==
date: Wed, 21 May 2025 02:24:04 GMT
content-type: image/png
last-modified: Wed, 16 Apr 2025 09:26:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 46112
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 authorize Show response
citibot.auth0.com/ Frame C52B 1 KB
867 B 273ms
273ms Document
text/html 104.17.255.182
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=OIf5lY3lY6I4Xl4RH24B.XxFICZ2fnZh&nonce=cRIquTT0XAx.OJ6zRJSMMFxB5kCXQRjz&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.255.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17e46f2602771536f1249da4f6e657b39b48aff10d23c48ae759481def02d3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://notify.citibot.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 94309d82085a366d-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 21 May 2025 02:24:03 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-l: 0.051
x-auth0-requestid: d72817b908729188ce55
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 96
x-ratelimit-reset: 1747794244

GET
H2 200 authorize Show response
citibot.auth0.com/ Frame FAB0 1 KB
586 B 282ms
282ms Document
text/html 104.17.255.182
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=Utcm2FLEpAiDBj1yQ-yii4ujlBB6jP~X&nonce=J_cywN1Opa4OiaK20G8BGlAkjSZNCP0v&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D

Requested by

Host: notify.citibot.net
URL: https://notify.citibot.net/static/js/main.c7921c7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.255.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

275bb062a063525212e665ea7931b127509fe6b339150c47e946b3a5dcf30a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://notify.citibot.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 94309d82085e366d-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 21 May 2025 02:24:03 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-l: 0.059
x-auth0-requestid: b9c06126f8236fcad226
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 97
x-ratelimit-reset: 1747794244

Verdicts & Comments Add Verdict or Comment

1 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_citibot_notify

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			citibot.auth0.com/	1970-01-21 14:15:51	Name: did Value: s%3Av0%3A5e11b75a-efbb-4325-be5d-0e0e9b80764c.Ep9i5jeEQPoGe1crqwgwT26b30wCaJWyIiKO4XlOjUg
			.auth0.com/	1969-12-31 23:59:59	Name: _cfuvid Value: BXMgCelIKpsJH_idEsGvK1YV1dleQunXj1p3ssX_KFY-1747794242155-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citibot.auth0.com
fonts.googleapis.com
fonts.gstatic.com
notify.citibot.net
104.17.255.182
142.250.186.131
172.217.16.202
18.172.112.93
088be8be21a72139e92cb28a475dac2a77fc97002048b7b65d7c5f537a0f5c93
100d947743fa80ea383afafcd13a735d10ed3afd0ae6c7accddfcb35a934a9e7
16688491cc919c8e63be875dd394ead509eb107fba1a6f3a45e049126083d522
17e46f2602771536f1249da4f6e657b39b48aff10d23c48ae759481def02d3b4
1ce3730e18e569feccc29547a100eddb169aa67a70d4e945760fbf9381adde7c
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
275bb062a063525212e665ea7931b127509fe6b339150c47e946b3a5dcf30a1d
3e7710ff04626a08f999f436b088bdcfa733f9aa2ca5569d48a6cef17f79693f
47ab1661b4f7f90277ec9db09baf5d90f4c0e67ebac68c3d5209cf1906ddae82
834bd6b656e4d3026c8d60db1a8e0e70edd9d7068ec6b4490f36d288a2e5d4cb
93aac5dc26e7432e221038edb18599928d3055c03785d2ebb4b8950c51258cf9
ab92dcc3798dc8bf0d4642436c37bffb32872f6b1b304953f211d2d3b0718d22
b03f6a7803f52f46cfdc584712779842084f81d3a76d87ad3700745ae11ccd0e
b63b63b76e756b7caeb71e5226e2407a1d316c58e620dc3e5c64a4e67b9e0600
ce19305af9aee15a990ba177a8b2fa38abbf4085182e3e93bd51c79aa54ef089
dc8f5f6c0bc1dc61e1a2221abb8b788b50ce54921dfb50aa3dadf9774a76dd92
e36a79007a9d7be92d2f393827efdcafbc323f2be6f337e5dc98494a86d8cbef
ed200e56e1125bd71a93f54ae78a49a1ec13d3b07686061728cdd51ea64aecc5

notify.citibot.net Open in urlscan Pro 18.172.112.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

1149 kBTransfer

1170 kBSize

2 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Window variables

2 Cookies

Security Headers

Indicators

notify.citibot.net Open in urlscan Pro
18.172.112.93 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1149 kB
Transfer

1170 kB
Size

2
Cookies

18 HTTP transactions
1 data transactions