www.citi.com
Open in
urlscan Pro
104.96.154.38
Public Scan
Effective URL: https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAcc...
Submission: On February 15 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 10th 2022. Valid for: a year.
This is the only time www.citi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 173.213.4.17 173.213.4.17 | 53316 (ASN-CHEET...) (ASN-CHEETA-MAIL) | |
1 | 2a00:1450:400... 2a00:1450:400d:808::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 63.148.46.76 63.148.46.76 | 53316 (ASN-CHEET...) (ASN-CHEETA-MAIL) | |
1 1 | 104.87.132.58 104.87.132.58 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
16 | 104.96.154.38 104.96.154.38 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
4 | 2a02:26f0:11a... 2a02:26f0:11a::5f65:1759 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
28 | 6 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-87-132-58.deploy.static.akamaitechnologies.com
online.citi.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-96-154-38.deploy.static.akamaitechnologies.com
www.citi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
citi.com
1 redirects
fm.info6.citi.com — Cisco Umbrella Rank: 227563 l.info6.citi.com — Cisco Umbrella Rank: 101402 online.citi.com — Cisco Umbrella Rank: 23966 www.citi.com — Cisco Umbrella Rank: 32496 |
2 MB |
4 |
techlab-cdn.com
p11.techlab-cdn.com — Cisco Umbrella Rank: 2995 |
59 KB |
3 |
eccmp.com
sts.eccmp.com — Cisco Umbrella Rank: 21313 |
9 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 345 |
30 KB |
0 |
iesnare.com
Failed
mpsnare.iesnare.com Failed |
|
28 | 5 |
Domain | Requested by | |
---|---|---|
16 | www.citi.com |
fm.info6.citi.com
www.citi.com |
4 | p11.techlab-cdn.com |
www.citi.com
|
3 | sts.eccmp.com |
fm.info6.citi.com
sts.eccmp.com |
1 | online.citi.com | 1 redirects |
1 | l.info6.citi.com |
fm.info6.citi.com
|
1 | ajax.googleapis.com |
fm.info6.citi.com
|
1 | fm.info6.citi.com | |
0 | mpsnare.iesnare.com Failed |
www.citi.com
|
28 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
info6.citi.com DigiCert EV RSA CA G2 |
2022-12-01 - 2024-01-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
*.eccmp.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-20 - 2023-06-20 |
a year | crt.sh |
www.citi.com DigiCert SHA2 Extended Validation Server CA |
2022-11-10 - 2023-12-04 |
a year | crt.sh |
p11.techlab-cdn.com R3 |
2023-02-02 - 2023-05-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
Frame ID: 0CC5818B4D96AC4EE4C2CC3DBA947A6E
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%... Page URL
-
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA...
HTTP 301
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING... Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=20&we=7&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FPromo_ID%3DSGN9%26next_page%3Djfp%7CjJPSINFRA_Home%26cmp%3DEMC%7E02%7E141124%7ESERVICING%7EBNKLOGIN%7ETabs%7EMyAccount%26enid%3DT213142914463739T0213140231429463743&linkName=CN_USCBOL_AccountHome&transId=C2023021410160137 Page URL
-
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount
HTTP 301
https://www.citi.com/login?Promo_ID=SGN9&next_page=jfp|jJPSINFRA_Home&cmp=EMC~02~141124~SERVICING~BNKLOGIN~Tabs~MyAccount Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
url.aspx
fm.info6.citi.com/ats/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ |
82 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
open.aspx
l.info6.citi.com/rts/ |
43 B 432 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversen-SDK.js
sts.eccmp.com/sts/scripts/ |
15 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
617
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ |
35 B 427 B |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.gif
sts.eccmp.com/wts/WebEvent/ |
807 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login
www.citi.com/ Redirect Chain
|
212 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
00815f5bb6a1555bf6f96086ea852669dd0011213c3f
www.citi.com/public/ |
150 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6c8322c7341eac98645c10e3d1d3c7ae.js
www.citi.com/assets/scripts/global/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tagging.min.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ |
44 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner.min.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ |
74 KB 75 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ |
70 KB 71 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ |
77 KB 78 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.f842a1a62f4695fa.css
www.citi.com/cbol-pre-login-static-assets/ |
2 MB 184 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tmxobfwc-clientlib-v4.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fp.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.5091531665a93ccb.js
www.citi.com/cbol-pre-login-static-assets/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.7cdb3502ca04e857.js
www.citi.com/cbol-pre-login-static-assets/ |
185 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.9ed76da88c8105f5.js
www.citi.com/cbol-pre-login-static-assets/ |
52 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.1ff63c9075a94108.js
www.citi.com/cbol-pre-login-static-assets/ |
3 MB 737 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65319_1825232221.js
p11.techlab-cdn.com/e/ |
56 KB 19 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65257_1825232190.js
p11.techlab-cdn.com/e/ |
14 KB 6 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64885_1825232283.js
p11.techlab-cdn.com/e/ |
4 KB 2 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65226_1825232221.js
p11.techlab-cdn.com/e/ |
69 KB 32 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6c8322c7341eac98645c10e3d1d3c7ae.js
www.citi.com/assets/scripts/global/ |
326 KB 191 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
snare.js
mpsnare.iesnare.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
citilogo-skelheader.png
www.citi.com/CBOL/IA/Angular/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mpsnare.iesnare.com
- URL
- https://mpsnare.iesnare.com/snare.js?_=1094677304049231
- Domain
- www.citi.com
- URL
- https://www.citi.com/CBOL/IA/Angular/assets/citilogo-skelheader.png
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange undefined| jQuery number| ___dm function| ___dto7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
fm.info6.citi.com/ | Name: BIGipServercnv_ats_ssl_pool Value: 1061623818.47873.0000 |
|
l.info6.citi.com/ | Name: ASP.NET_SessionId Value: ad5cr2cmxyilprolusjx3h0y |
|
l.info6.citi.com/ | Name: BIGipServercnv_ats_ssl_pool Value: 1095178250.47873.0000 |
|
.citi.com/ | Name: xyz_cr_617_et_100 Value: cr=617&wegc=&et=100&ap=&we=7 |
|
.citi.com/ | Name: AKMTLTSID Value: BBC44A757B0839CA951AE64822389103 |
|
.citi.com/ | Name: ak_bmsc Value: C5CC0307D655C08033D3A93D3D63EBF5~000000000000000000000000000000~YAAQVVtgaKiG2VGGAQAARy7LUhJwyfKZ7yJPpFEuZ/7R1yV17VnmRQMWpPMGj9uDYO1ocZxJTQc0/FC+jvKoFPQ6VydX7CmZv/CKK9S7tSIeCdXld4SEvAmPjtnfWR26PTW2w7T9kJZ8LSs955N9fKSF9v/jYVskymK8fUmrxnN1yhjsxvghulAgAhtghW04oEAywm1J/kKidIPCgpGt360Om4vLtu+2BqL6xRitjIW4B83/vHDGiGjTWEC4vadb/V4CThc3bVpVMupnGZlOulEHisEpuLlFxsMMwvLgQBCyUt8fMIFNHMKvEeh5QTALQoORAAL5iP6ayqxTiTrtNuIOK2WTtl9N6vIoPd93p6FwFfSLxsoKxJF56bQLdg== |
|
.citi.com/ | Name: NMO5iv8Z Value: A7cxy1KGAQAARqLJZxYLkuy3mMjvyOWaK_mvV6CRS5dBvEIA2TKRpmH_ZOWOAVQTr7iucuFZwH8AAEB3AAAAAA|1|0|c27c70ed053cca4434f806f52f01c89b4cb98100 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fm.info6.citi.com
l.info6.citi.com
mpsnare.iesnare.com
online.citi.com
p11.techlab-cdn.com
sts.eccmp.com
www.citi.com
mpsnare.iesnare.com
www.citi.com
104.87.132.58
104.96.154.38
173.213.4.17
2a00:1450:400d:808::200a
2a02:26f0:11a::5f65:1759
63.148.46.76
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
2281bceeaf3c81dc26731248960c8d210a0d461a02759c39b7a7b6c5ee1e06a0
272b99f5c68909c8ed846ce0373af2029550b4ad705a600b9e1ef2ddc579bb12
4523ce4e000b35633c5977862de5fc4073046cdbdbbebb4d891884e4c1cfe017
4c624507ba823ece819b8c62d229fa4fe62b1b0abadb8ecfb4534e5e7e17fe20
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
682375341274ba1532a6b3a51902b2df4d0a7e2ee132961b6bf8d716a7aef0a7
72667f8da6f63197e092832b2028a562ecfd78a599848ed873d3bd24dd3a7725
735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e667a2af15341b22e7b8864ed537085f68b2573c43c86d3a259f646da2460b
bf6b0ddbb32544fe9613e37923dbdffeb99c4349ce7f5d6c4799fde2f862bd37
c0ddb126f5e56526aeb58a7588b93a3d7424b1a31dad0e579c18fb0cd8ef7a3b
c590162d2ddae2a4028b391081a26e707670ff3c959e9d212135952d6177df64
d9bdc054301831bd590c618569f5e137668e89cf7c07985420600d5bd296c4f8
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
e0916afbe5f8291168214915bcea9bc411678257222ea7c7ea0d075fc9eb8c4b
e604966e2f075297dcabc3a3449f565245104a315fc8c2227c9a17e518e6abd5
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ec24afeaff06079a1e94b0108fac6ac290f36268b6681044ae9740f3f5a76784
f15d0efbde8255667f5a72b6d15514a07af8ed26fc0123dbecd7a57b8571f5f6
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f4b65bbef8844864d57c3e0ab33e9c488b072aefe2815b238398e762bb8715dc
f8709c02d335331e2befafef5fa16fb5b5a4272e1787c825619d7d37aca7fec5