urlscan.io logo urlscan.io
SecurityTrails logo

citi-reactivate.com Open in urlscan Pro
185.27.134.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u26022535.ct.sendgrid.net/ls/click?upn=WzZBdeB4t-2BA5vYYVf85F6pxWETuujHJkZLWT9sgbjlO4RlWx7hSd7VJpY-2ByVi6cBWEty_D6EEwwgiBv...
Effective URL: https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
Submission: On May 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 185.27.134.131, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is citi-reactivate.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 14th 2022. Valid for: 3 months.
This is the only time citi-reactivate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
1 1 3.233.172.39 14618 (AMAZON-AES)
3 185.27.134.131 34119 (WILDCARD-...)
3 1
Apex Domain
Subdomains		 Transfer
3 citi-reactivate.com
citi-reactivate.com
31 KB
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 76174
329 B
1 sendgrid.net
u26022535.ct.sendgrid.net
229 B
3 3
Domain Requested by
3 citi-reactivate.com citi-reactivate.com
1 rebrand.ly 1 redirects
1 u26022535.ct.sendgrid.net 1 redirects
3 3

This site contains no links.

Subject Issuer Validity Valid
citi-reactivate.com
ZeroSSL RSA Domain Secure Site CA		 2022-05-14 -
2022-08-12		 3 months crt.sh

This page contains 1 frames:

Frame: https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online&i=1
Frame ID: 2BD8A9DDF56A558BBA71F09D0C85770E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u26022535.ct.sendgrid.net/ls/click?upn=WzZBdeB4t-2BA5vYYVf85F6pxWETuujHJkZLWT9sgbjlO4RlWx7hSd7VJpY-2By... HTTP 302
    https://rebrand.ly/tpa4irp HTTP 301
    https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

31 kB
Transfer

31 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u26022535.ct.sendgrid.net/ls/click?upn=WzZBdeB4t-2BA5vYYVf85F6pxWETuujHJkZLWT9sgbjlO4RlWx7hSd7VJpY-2ByVi6cBWEty_D6EEwwgiBvnoi2eBK60n4YKdZ9FCTHzTVSYNMyZrYHtnbf1u1wQav1UeQstwoYITGJnKXN-2FmUzbZEQC12gaPWY5JWXoym4K8VWwwt-2Bl9hWVrPBycl1mtxylBr7BzhzmTvOI74bY5n-2B-2BOF-2FSIrjxirKAYosdTDCwLcsi47DJpvlhQwE6Ba2KBXUtoyXOo-2BuSij7718StP9Zh5q4YhVM9xBHucnaa79bGfTGdxePcFmbyQZXIlUc6IBTyaHOg2Gcs8IQy1QlEGgkgoKcESHFqr4Ra7iUGQH0cEYvp4LLTYJ0yU0GZLQ9rYaixvgSz5CVQjqT2y1ek7e-2FK9omk7oOk7VrArIJKK8gsvSQdvBcArPOwf3BceiuRBDsX4Fw3skquLXbcfFkDw6Or7sZ1wMmzgGvTUx7F7Ntqb-2B0Og6pXW8WJIzjshC9QcufuDN1iAQqEgSwZ99s3PCYC8nTuoV7PzJf80pYGi-2BW5lPV5gbi6lJiAhXD8vtwLEe87kk51MiH52YZaSg6rU5IO5Lz2MHGOK6LXXA5V6P9AajWRSUiAEpoIR-2Bd9h3-2F4PuLJFinbiPhDx-2FJlNoWCIVCyRltXpl1ew4ccKfAR-2BODNxvIv5ZF8GI0536iKAHlBDlE2XdbVoHxCJoaqNOtX0gw3B1kCTbX-2F2FSa2kKAPuNJK4YHotPeIHrroR1vPoAGWL-2F7VrSrdyvyvaydlve5-2FhONiS603rVgsvpI-2FW3fExQfXYNMtC5NCEYw0xXNY4kFMEaVtx1Ps-2FdNemhtCsyrx-2BcYSJm6L7am22eJ6D7xWqq0VxQQ0c6lRyj0UCH7aCZNbxJdslKE3qbU9UU3dddMXPnISsScaFEcoDvZxcxwHNVGAzbR-2F0MLhC34-3D HTTP 302
    https://rebrand.ly/tpa4irp HTTP 301
    https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request citi.php
citi-reactivate.com/US/ag/parent-interstitial/
Redirect Chain
  • https://u26022535.ct.sendgrid.net/ls/click?upn=WzZBdeB4t-2BA5vYYVf85F6pxWETuujHJkZLWT9sgbjlO4RlWx7hSd7VJpY-2ByVi6cBWEty_D6EEwwgiBvnoi2eBK60n4YKdZ9FCTHzTVSYNMyZrYHtnbf1u1wQav1UeQstwoYITGJnKXN-2FmUzb...
  • https://rebrand.ly/tpa4irp
  • https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
872 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.131 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
7352701caf79770a74b77a1778e930e05c668fa888fabc68fe93bc1a76270709

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 21:57:15 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 17 May 2022 21:57:14 GMT
Engine
Rebrandly.redirect, version 2.1
Expires
-1
Location
https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
Strict-Transport-Security
max-age=15552000
aes.js
citi-reactivate.com/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citi-reactivate.com/aes.js
Requested by
Host: citi-reactivate.com
URL: https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.131 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 21:57:15 GMT
last-modified
Sat, 08 Aug 2015 08:14:31 GMT
server
nginx
accept-ranges
bytes
etag
"55c5ba67-79e6"
content-length
31206
content-type
application/javascript
citi.php
citi-reactivate.com/US/ag/parent-interstitial/ 		0
63 B 		Document
General
Check archive.org
Download Go to
Full URL
https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online&i=1
Requested by
Host: citi-reactivate.com
URL: https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.131 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 21:57:16 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

1 Cookies

Domain/Path Name / Value
citi-reactivate.com/ Name: __test
Value: 7b1a19a512a20323e8f0926ef61e8093

1 Console Messages

Source Level URL
Text
network error URL: https://citi-reactivate.com/US/ag/parent-interstitial/citi.php?online&i=1
Message:
Failed to load resource: the server responded with a status of 404 ()