![](/screenshots/45aaa359-d7e2-4d2b-9201-14f8562eb437.png)
notify-qa.citibot.net
Open in
urlscan Pro
13.32.99.99
Public Scan
Submission: On June 13 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on June 12th 2024. Valid for: a year.
This is the only time notify-qa.citibot.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 13.32.99.99 13.32.99.99 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:4700::68... 2606:4700::6811:feb6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-99.fra60.r.cloudfront.net
notify-qa.citibot.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
citibot.net
notify-qa.citibot.net |
928 KB |
3 |
auth0.com
citibot.auth0.com |
|
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77 |
1 KB |
18 | 4 |
Domain | Requested by | |
---|---|---|
12 | notify-qa.citibot.net |
notify-qa.citibot.net
|
3 | citibot.auth0.com |
notify-qa.citibot.net
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
notify-qa.citibot.net
|
18 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
notify-qa.citibot.net Amazon RSA 2048 M03 |
2024-06-12 - 2025-07-11 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
auth0.com E1 |
2024-05-28 - 2024-08-26 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://notify-qa.citibot.net/
Frame ID: D58843930E19D5BE89E66675A6356ED8
Requests: 16 HTTP requests in this frame
Frame:
https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=zHa0UzwVpq9cp2c_dJZLzZ4q0Jr~14hK&nonce=XRBIhxkKCToPhNktBxLKM8hekvtOqBG.&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: CD46887A32C72E4C8F1EEB30D1799AD0
Requests: 1 HTTP requests in this frame
Frame:
https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=tMujAXJ0FKOHsx~9Aac~Q2Xi7QLHpPxI&nonce=05pOFbIgCAeOmkSD6j9FVAO7884h_LD9&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: 71FC2B9C1026E6C25E13B8FBB2314C12
Requests: 1 HTTP requests in this frame
Frame:
https://citibot.auth0.com/authorize?client_id=aqXRSSWoX6mjq0GiPCXSNW3QagujTFD7&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fnotify-qa.citibot.net%2Fcallback&scope=openid%20profile%20admin%3Aon%20read%3Ausers%20create%3Ausers%20update%3Ausers&audience=https%3A%2F%2Fnotify-dev.citibot.net&mode=login&state=7eH~LmtL6vKDumqNUovw3TZyQkp-6_e6&nonce=GwUcvFDRDNOusvyllQXhj~NgyY7m_G~7&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4wIn0%3D
Frame ID: 9CC8107FAC9DEAE7865A6BCCE09443BB
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/45aaa359-d7e2-4d2b-9201-14f8562eb437.png)
Page Title
Citibot NotifyDetected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
notify-qa.citibot.net/ |
877 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f8bcba37.js
notify-qa.citibot.net/static/js/ |
620 KB 621 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.15f566fd.css
notify-qa.citibot.net/static/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
notify-qa.citibot.net/ |
522 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
623.57f16b99.chunk.js
notify-qa.citibot.net/static/js/ |
25 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
703.8c7c3958.chunk.js
notify-qa.citibot.net/static/js/ |
104 KB 105 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
438.12e6e1a4.chunk.js
notify-qa.citibot.net/static/js/ |
68 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
161.24b03377.chunk.js
notify-qa.citibot.net/static/js/ |
50 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
702.0c0a01cc.chunk.js
notify-qa.citibot.net/static/js/ |
4 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citibot-icon.png
notify-qa.citibot.net/ |
679 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citibot-icon.png
notify-qa.citibot.net/ |
679 B 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
citibot.auth0.com/ Frame CD46 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
citibot.auth0.com/ Frame 71FC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
citibot.auth0.com/ Frame 9CC8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.9265588ba28accfab908.png
notify-qa.citibot.net/static/media/ |
45 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| webpackChunk_citibot_notify1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
citibot.auth0.com/ | Name: did Value: s%3Av0%3A52bd732f-d79e-4dcf-9935-ad7c5aa0b8fb.WY51GpnlBoL7eg%2FbJYHYlX2UwbZkwdfMf02u1OBuWDw |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
citibot.auth0.com
fonts.googleapis.com
fonts.gstatic.com
notify-qa.citibot.net
13.32.99.99
2606:4700::6811:feb6
2a00:1450:4001:81d::2003
2a00:1450:4001:827::200a
088be8be21a72139e92cb28a475dac2a77fc97002048b7b65d7c5f537a0f5c93
100d947743fa80ea383afafcd13a735d10ed3afd0ae6c7accddfcb35a934a9e7
1ce3730e18e569feccc29547a100eddb169aa67a70d4e945760fbf9381adde7c
75863f2d41bef18a607c693498c4a5ad9ce7bcbe74f94f6553c3490d401963f0
8aa570ba19cdba359137f3877f8c5559fdcd5c9ce842fe9c31b54c8d5c0bb1e3
93aac5dc26e7432e221038edb18599928d3055c03785d2ebb4b8950c51258cf9
ab92dcc3798dc8bf0d4642436c37bffb32872f6b1b304953f211d2d3b0718d22
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
dc8f5f6c0bc1dc61e1a2221abb8b788b50ce54921dfb50aa3dadf9774a76dd92
e1dde0f0fe55fc5fab3ff5bc002d217932d4515f7924b413c85a58dd94f80426
e36a79007a9d7be92d2f393827efdcafbc323f2be6f337e5dc98494a86d8cbef
e6a01038d4a05f4d66e2f51644b0093102ea41a4b3ff599dffd4d256c6ddb1c7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69c55f4050c0a1819ff2f959c5576f2c552a949c483baa679e5b459414490ac