x.info16.citi.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 63.148.46.109, located in United States and belongs to ASN-CHEETA-MAIL, US. The main domain is x.info16.citi.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 24th 2023. Valid for: a year.

This is the only time x.info16.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	63.148.46.109 63.148.46.109	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
2	23.209.237.163 23.209.237.163	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2

2 63.148.46.109 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)

x.info16.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.info16.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.209.237.163 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-237-163.deploy.static.akamaitechnologies.com

snamwpm.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	eccmp.com snamwpm.eccmp.com — Cisco Umbrella Rank: 57780	14 KB
2	citi.com x.info16.citi.com l.info16.citi.com — Cisco Umbrella Rank: 172882	13 KB
4	2

	Domain	Requested by
2	snamwpm.eccmp.com	x.info16.citi.com
1	l.info16.citi.com	x.info16.citi.com
1	x.info16.citi.com
4	3

This site contains links to these domains. Also see Links.

Domain
l.info16.citi.com

Subject Issuer	Validity	Valid
info16.citi.com DigiCert SHA2 Extended Validation Server CA	`2023-03-24` - `2024-04-23`	a year	crt.sh
wpm.ccmp.eu R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://x.info16.citi.com/ats/url.aspx?cr=100214&wu=1026&tp=i-1NHD-Q4M-mbg-CmHQiN-1w-1AsIVZ-1c-4HwBw-CPqxwJ-l9Jp3tYvB3-U24nC
Frame ID: F14EE5ADBF126BEBCDB5C4FF15A487F1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Home Depot Credit Card Preference Page

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

28 kB
Transfer

26 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://l.info16.citi.com/rts/go2.aspx?h=1050690&tp=i-1vRP-Q4M-bv-CmHQiN-1w-1AsIVZ-1c-4GQO1-G-CPqxwJ-mbg-l9Jp3tYvB3-1fqfea&x=%2fRSnextgen%2fsvc%2flaunch%2findex.action%3fsiteId%3dPLCN_HOMEDEPOT%23signon
Title: homedepot.com/Mycard

Search URL Search Domain Scan URL

URL: https://l.info16.citi.com/rts/go2.aspx?h=1050688&tp=i-1vRP-Q4M-bv-CmHQiN-1w-1AsIVZ-1c-4GQO5-G-CPqxwJ-mbg-l9Jp3tYvB3-ApvH3&x=
Title: The Home Depot

Search URL Search Domain Scan URL

URL: https://l.info16.citi.com/rts/go2.aspx?h=301952&tp=i-1vRP-Q4M-bv-CmHQiN-1w-1AsIVZ-1c-4GQOD-G-CPqxwJ-mbg-l9Jp3tYvB3-24sK7v&x=%2fUS%2fJRS%2fportal%2ftemplate.do%3fID%3dPrivacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://l.info16.citi.com/rts/go2.aspx?h=2005975&tp=i-1vRP-Q4M-bv-CmHQiN-1w-1AsIVZ-1c-4GQOE-G-CPqxwJ-mbg-l9Jp3tYvB3-1zh6iJ&x=%2fJRS%2fportal%2ftemplate.do%3fID%3dPrivacy%23notice-at-collection
Title: Notice at Collection

Search URL Search Domain Scan URL

URL: https://l.info16.citi.com/rts/go2.aspx?h=2005976&tp=i-1vRP-Q4M-bv-CmHQiN-1w-1AsIVZ-1c-4GQOF-G-CPqxwJ-mbg-l9Jp3tYvB3-11INSF&x=%2fUS%2fag%2fdataprivacyhub
Title: CA Privacy Hub

Search URL Search Domain Scan URL

URL: https://l.info16.citi.com/rts/go2.aspx?h=11329&tp=i-1vRP-Q4M-bv-CmHQiN-1w-1AsIVZ-1c-4HwBw-G-CPqxwJ-mbg-l9Jp3tYvB3-Rdafh
Title: Terms and Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request url.aspx Show response x.info16.citi.com/ats/	13 KB 13 KB	2939ms 2401ms	Document text/html	63.148.46.109 ASN-CHEETA-MAIL
General Check archive.org Show headers Download Go to Full URL https://x.info16.citi.com/ats/url.aspx?cr=100214&wu=1026&tp=i-1NHD-Q4M-mbg-CmHQiN-1w-1AsIVZ-1c-4HwBw-CPqxwJ-l9Jp3tYvB3-U24nC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.148.46.109 , United States, ASN53316 (ASN-CHEETA-MAIL, US), Reverse DNS Software / Resource Hash `76545b5413d6b1a69ba856beb15213589cc271f6a5b8df3e16170bbc9be2521f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Cache-Control no-cache, no-store, must-revalidate Content-Length 12817 Content-Type text/html; charset=utf-8 Date Wed, 16 Aug 2023 18:09:30 GMT Expires 0 Pragma no-cache SERVER X-Powered-By
GET H/1.1	200 OK	open.aspx l.info16.citi.com/rts/	43 B 432 B	634ms 120ms	Image image/gif	63.148.46.109 ASN-CHEETA-MAIL
General Check archive.org Show headers Download Go to Show image Full URL https://l.info16.citi.com/rts/open.aspx?tp=i-1vRP-Q4M-bv-CmHQiN-1w-1AsIVZ-1c-4HwBw-G-CPqxwJ-mbg-l9Jp3tYvB3-Rdafh Requested by Host: x.info16.citi.com URL: https://x.info16.citi.com/ats/url.aspx?cr=100214&wu=1026&tp=i-1NHD-Q4M-mbg-CmHQiN-1w-1AsIVZ-1c-4HwBw-CPqxwJ-l9Jp3tYvB3-U24nC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.148.46.109 , United States, ASN53316 (ASN-CHEETA-MAIL, US), Reverse DNS Software / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers accept-language de-DE,de;q=0.9 Referer https://x.info16.citi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Pragma no-cache Date Wed, 16 Aug 2023 18:09:31 GMT Server X-Powered-By Transfer-Encoding chunked Content-Type image/gif Cache-Control no-cache, max-age=0 Expires 0
GET H/1.1	200 OK	THD_logo_v2.png snamwpm.eccmp.com/wpm/552/ContentUploads/Logo/	14 KB 14 KB	247ms 49ms	Image image/png	23.209.237.163 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/552/ContentUploads/Logo/THD_logo_v2.png Requested by Host: x.info16.citi.com URL: https://x.info16.citi.com/ats/url.aspx?cr=100214&wu=1026&tp=i-1NHD-Q4M-mbg-CmHQiN-1w-1AsIVZ-1c-4HwBw-CPqxwJ-l9Jp3tYvB3-U24nC Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.209.237.163 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-237-163.deploy.static.akamaitechnologies.com Software / Resource Hash `7b0f59b70c41e7d959926ded9d670698fd2dc83d6e6d6c66a392cef9a150debe` Request headers accept-language de-DE,de;q=0.9 Referer https://x.info16.citi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Wed, 16 Aug 2023 18:09:31 GMT Last-Modified Tue, 14 Jan 2020 22:41:15 GMT Server ETag "75b1e3ba2bcbd51:0" X-Powered-By Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 13921
GET H/1.1	200 OK	red_arrow.gif snamwpm.eccmp.com/wpm/552/ContentUploads/CRS/	223 B 502 B	536ms 355ms	Image image/gif	23.209.237.163 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/552/ContentUploads/CRS/red_arrow.gif Requested by Host: x.info16.citi.com URL: https://x.info16.citi.com/ats/url.aspx?cr=100214&wu=1026&tp=i-1NHD-Q4M-mbg-CmHQiN-1w-1AsIVZ-1c-4HwBw-CPqxwJ-l9Jp3tYvB3-U24nC Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.209.237.163 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-237-163.deploy.static.akamaitechnologies.com Software / Resource Hash `18689a9e360d7e0e5a1fb4f03437829279b931200c6fe6fb010aa7ffc56f20fb` Request headers accept-language de-DE,de;q=0.9 Referer https://x.info16.citi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Wed, 16 Aug 2023 18:09:31 GMT Last-Modified Tue, 30 Jun 2015 14:48:10 GMT Server ETag "2c15d6c843b3d01:0" X-Powered-By Content-Type image/gif Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 223

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| validate

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
x.info16.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1145509898.47873.0000
l.info16.citi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: isgz350lqjfwfomy21tuufdp
l.info16.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: 1145509898.47873.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

l.info16.citi.com
snamwpm.eccmp.com
x.info16.citi.com
23.209.237.163
63.148.46.109
18689a9e360d7e0e5a1fb4f03437829279b931200c6fe6fb010aa7ffc56f20fb
76545b5413d6b1a69ba856beb15213589cc271f6a5b8df3e16170bbc9be2521f
7b0f59b70c41e7d959926ded9d670698fd2dc83d6e6d6c66a392cef9a150debe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

x.info16.citi.com Open in urlscan Pro 63.148.46.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

28 kBTransfer

26 kBSize

3 Cookies

6 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

x.info16.citi.com Open in urlscan Pro
63.148.46.109 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

28 kB
Transfer

26 kB
Size

3
Cookies

4 HTTP transactions
0 data transactions