citi-reactivate.com
Open in
urlscan Pro
185.27.134.131
Public Scan
Effective URL: https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
Submission: On May 17 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 14th 2022. Valid for: 3 months.
This is the only time citi-reactivate.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.123.16 167.89.123.16 | 11377 (SENDGRID) (SENDGRID) | |
1 1 | 3.233.172.39 3.233.172.39 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 185.27.134.131 185.27.134.131 | 34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited) | |
3 | 1 |
ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net
u26022535.ct.sendgrid.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-172-39.compute-1.amazonaws.com
rebrand.ly |
ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
citi-reactivate.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
citi-reactivate.com
citi-reactivate.com |
31 KB |
1 |
rebrand.ly
1 redirects
rebrand.ly — Cisco Umbrella Rank: 76174 |
329 B |
1 |
sendgrid.net
1 redirects
u26022535.ct.sendgrid.net |
229 B |
3 | 3 |
Domain | Requested by | |
---|---|---|
3 | citi-reactivate.com |
citi-reactivate.com
|
1 | rebrand.ly | 1 redirects |
1 | u26022535.ct.sendgrid.net | 1 redirects |
3 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
citi-reactivate.com ZeroSSL RSA Domain Secure Site CA |
2022-05-14 - 2022-08-12 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online&i=1
Frame ID: 2BD8A9DDF56A558BBA71F09D0C85770E
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://u26022535.ct.sendgrid.net/ls/click?upn=WzZBdeB4t-2BA5vYYVf85F6pxWETuujHJkZLWT9sgbjlO4RlWx7hSd7VJpY-2By...
HTTP 302
https://rebrand.ly/tpa4irp HTTP 301
https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u26022535.ct.sendgrid.net/ls/click?upn=WzZBdeB4t-2BA5vYYVf85F6pxWETuujHJkZLWT9sgbjlO4RlWx7hSd7VJpY-2ByVi6cBWEty_D6EEwwgiBvnoi2eBK60n4YKdZ9FCTHzTVSYNMyZrYHtnbf1u1wQav1UeQstwoYITGJnKXN-2FmUzbZEQC12gaPWY5JWXoym4K8VWwwt-2Bl9hWVrPBycl1mtxylBr7BzhzmTvOI74bY5n-2B-2BOF-2FSIrjxirKAYosdTDCwLcsi47DJpvlhQwE6Ba2KBXUtoyXOo-2BuSij7718StP9Zh5q4YhVM9xBHucnaa79bGfTGdxePcFmbyQZXIlUc6IBTyaHOg2Gcs8IQy1QlEGgkgoKcESHFqr4Ra7iUGQH0cEYvp4LLTYJ0yU0GZLQ9rYaixvgSz5CVQjqT2y1ek7e-2FK9omk7oOk7VrArIJKK8gsvSQdvBcArPOwf3BceiuRBDsX4Fw3skquLXbcfFkDw6Or7sZ1wMmzgGvTUx7F7Ntqb-2B0Og6pXW8WJIzjshC9QcufuDN1iAQqEgSwZ99s3PCYC8nTuoV7PzJf80pYGi-2BW5lPV5gbi6lJiAhXD8vtwLEe87kk51MiH52YZaSg6rU5IO5Lz2MHGOK6LXXA5V6P9AajWRSUiAEpoIR-2Bd9h3-2F4PuLJFinbiPhDx-2FJlNoWCIVCyRltXpl1ew4ccKfAR-2BODNxvIv5ZF8GI0536iKAHlBDlE2XdbVoHxCJoaqNOtX0gw3B1kCTbX-2F2FSa2kKAPuNJK4YHotPeIHrroR1vPoAGWL-2F7VrSrdyvyvaydlve5-2FhONiS603rVgsvpI-2FW3fExQfXYNMtC5NCEYw0xXNY4kFMEaVtx1Ps-2FdNemhtCsyrx-2BcYSJm6L7am22eJ6D7xWqq0VxQQ0c6lRyj0UCH7aCZNbxJdslKE3qbU9UU3dddMXPnISsScaFEcoDvZxcxwHNVGAzbR-2F0MLhC34-3D
HTTP 302
https://rebrand.ly/tpa4irp HTTP 301
https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
citi.php
citi-reactivate.com/US/ag/parent-interstitial/ Redirect Chain
|
872 B 723 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aes.js
citi-reactivate.com/ |
30 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citi.php
citi-reactivate.com/US/ag/parent-interstitial/ |
0 63 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
citi-reactivate.com/ | Name: __test Value: 7b1a19a512a20323e8f0926ef61e8093 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
citi-reactivate.com
rebrand.ly
u26022535.ct.sendgrid.net
167.89.123.16
185.27.134.131
3.233.172.39
7352701caf79770a74b77a1778e930e05c668fa888fabc68fe93bc1a76270709
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855