totalcomp.uat.citigroup.com
Open in
urlscan Pro
95.101.23.89
Public Scan
Effective URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&G...
Submission: On February 13 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 21st 2022. Valid for: a year.
This is the only time totalcomp.uat.citigroup.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 16 | 95.101.23.89 95.101.23.89 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a00:1450:400... 2a00:1450:400d:804::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:400d:806::200e | 15169 (GOOGLE) (GOOGLE) | |
19 | 4 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-89.deploy.static.akamaitechnologies.com
totalcomp.uat.citigroup.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
citigroup.com
1 redirects
totalcomp.uat.citigroup.com |
57 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93 |
20 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 109 |
81 KB |
19 | 3 |
Domain | Requested by | |
---|---|---|
16 | totalcomp.uat.citigroup.com |
1 redirects
totalcomp.uat.citigroup.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.googletagmanager.com |
totalcomp.uat.citigroup.com
www.googletagmanager.com |
19 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
onereset.citigroup.net |
www.citigroup.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
uat.citigroup.com DigiCert SHA2 Extended Validation Server CA |
2022-07-21 - 2023-08-21 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Frame ID: B56C6AAB75374F3B564A1BD30D1EA85A
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
My Total Compensation and Benefits LoginPage URL History Show full URLs
-
https://totalcomp.uat.citigroup.com/
HTTP 302
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62... Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Reset Password
Search URL Search Domain Scan URL
Title: Terms, conditions, caveats, and small print
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://totalcomp.uat.citigroup.com/
HTTP 302
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.fcc
totalcomp.uat.citigroup.com/siteminderagent/forms/ Redirect Chain
|
67 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
94 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cgp_cookie_funcs.js
totalcomp.uat.citigroup.com/siteminderagent/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fp_AA.js
totalcomp.uat.citigroup.com/siteminderagent/js/ |
32 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4306d020
totalcomp.uat.citigroup.com/akam/13/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global_header_logo.png
totalcomp.uat.citigroup.com/siteminderagent/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cgp_spacer.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ |
43 B 436 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_sso.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ |
524 B 918 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spacer.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ |
43 B 436 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
change.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ |
62 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ |
68 B 461 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
help_icon.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ |
76 B 469 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citi_logo_s.gif
totalcomp.uat.citigroup.com/siteminderagent/images/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bodybg.png
totalcomp.uat.citigroup.com/siteminderagent/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global_bgd_header.png
totalcomp.uat.citigroup.com/siteminderagent/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 214 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel_4306d020
totalcomp.uat.citigroup.com/akam/13/ |
0 534 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
82 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange string| GA_TRACKING_ID object| x function| gtag object| dataLayer function| CGP_setCookie function| CGP_readCookie function| CGP_killCookie function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint function| setDeviceCookie function| resetCredFields function| submitForm string| cgp_current_lang number| cgp_current_lang_code undefined| cgp_locale object| m001 object| m002 object| m003 object| m004 object| m005 object| m006 object| m007 object| m008 object| m009 object| m010 object| m011 object| m012 object| m013 object| m014 object| m015 object| m016 object| m017 object| m018 object| m019 object| m020 object| m021 object| m022 object| m023 object| m024 object| m025 function| CGP_updateLangCode function| CGP_translateText function| CGP_changeLang function| CGP_getCurrentLang string| bazadebezolkohpepadr function| openMFAPDF function| getLocale string| expatURL object| year object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| urhehlevkedkilrobacf string| language_parm object| plugin string| t8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.uat.citigroup.com/ | Name: bm_mi Value: F8D09078CA94A69135370EA6E84F3D03~YAAQVRdlX49VbTOGAQAA/bPmShJBhTuPxJH3ELG4tK6g92loCudNO4xu2n6ydt9o5Jr2XmAuZZjL8fl4aN3DafqBZe5yAAOqB7nxS69n0biIVy3tD8e8+TkB73GVcsnFOIEALKTfA0+X93106SVMH2MSpT1fQW+L++OA3lU4KXWuRbJVaXqPv4i/dDnKXe37iDnjSPqsQQCoR9WZQZXPyM6fH4B84rajpqYgUWOIYLvKG/9u4REEXWpQ4qeB0g9NnpBsDiIBodwQtY3BkEJKj5q29t20z3/gEvSwvsZWCkP2XVlwXi6PL1BM56fi1sEhtd8w0p4YTb7hTwM6P0r8DO+5Xga6PnBSozHBoI6axkrbJXMd~1 |
|
.uat.citigroup.com/ | Name: bm_sv Value: 2CF114D5DB8E2DDF2005D86424CD9CC0~YAAQVRdlX5BVbTOGAQAA/bPmShK7h4D6eHEd04hOL2stD0K6lngRiRJFUBd6yiRkNuznw/qT8Dj1dOKUDqsgjjmmnwPKKi40ivJVPoVSsI+EWxot6D2ebEss3o2BOMa0eslduaUPH+RQbxRnsAhSdy4kaHUNLcc6z1l+GOic28+PiCBtIes4UiUECKctEIU3ajZbHbaVsJB4uwvp4/PFVzcIelYwiUimWgZo/LlJ+w53jBzNfxcqB9Gi95IKrrtjgzSfZXnXzw==~1 |
|
.citigroup.com/ | Name: _ga Value: GA1.2.821646866.1676293879 |
|
.citigroup.com/ | Name: _gid Value: GA1.2.2059899376.1676293879 |
|
.citigroup.com/ | Name: _gat_gtag_UA_131126179_2 Value: 1 |
|
totalcomp.uat.citigroup.com/ | Name: CGPLNG Value: ENG |
|
totalcomp.uat.citigroup.com/ | Name: DeviceCookie Value: version%3D2%26pm%5Ffpua%3Dmozilla%2F5%2E0%20%28windows%20nt%2010%2E0%3B%20win64%3B%20x64%29%20applewebkit%2F537%2E36%20%28khtml%2C%20like%20gecko%29%20chrome%2F110%2E0%2E5481%2E77%20safari%2F537%2E36%7C5%2E0%20%28Windows%20NT%2010%2E0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537%2E36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F110%2E0%2E5481%2E77%20Safari%2F537%2E36%7CWin32%26pm%5Ffpsc%3D24%7C1600%7C1200%7C1200%26pm%5Ffpsw%3D%26pm%5Ffptz%3D0%26pm%5Ffpln%3Dlang%3Den%2DUS%7Csyslang%3D%7Cuserlang%3D%26pm%5Ffpjv%3D0%26pm%5Ffpco%3D1%26pm%5Ffpasw%3Dinternal%2Dpdf%2Dviewer%7Cmhjfbmdgcfjbbpaeojofohoefgiehjai%7Cinternal%2Dnacl%2Dplugin%26pm%5Ffpan%3DNetscape%26pm%5Ffpacn%3DMozilla%26pm%5Ffpol%3Dtrue%26pm%5Ffposp%3D%26pm%5Ffpup%3D%26pm%5Ffpsaw%3D1600%26pm%5Ffpspd%3D24%26pm%5Ffpsbd%3D%26pm%5Ffpsdx%3D%26pm%5Ffpsdy%3D%26pm%5Ffpslx%3D%26pm%5Ffpsly%3D%26pm%5Ffpsfse%3D%26pm%5Ffpsui%3Dexpires=Mon, 13 Feb 2023 17:30:31 GMT |
|
.uat.citigroup.com/ | Name: ak_bmsc Value: AFBD2D60C3F1A0A9651CB8FFC00C051E~000000000000000000000000000000~YAAQVRdlX/VXbTOGAQAA4bnmShIMgJlXM1r3E0Te+X90TsZ3ICVnsS41GNExGyWDZn/F1/UqmFRpzAXYUQ5CoZuHGY8h238vlrHvMg712fY6tENOV07ItJ7mTSUMST1Y3jlzY+Uh2NnZpCjjk4Vp7nvcmsp983YVbflSdEAifugP1jcCh9qUjp+jGGox8nrQSo3nTm9gmBpKeGtfH0wP9lE/fDi7fMOvG1FdFxRWC0cEkQ23k022gATidwhUTGwXVbLMhFTc6vQeJfB4k/7m8pdNy0nxP59pHznanRV14loK5enxD00O9f0ajfhMS7Ta5aIDBHzBQdCSmbvu72o5nq6RDkjiQcp4IzohtVrUKfuWZ0YoGWla7CcV46+XL9O8mbIh2zenw+5lDX6RAvLk15m/m4lD5/1wV2mLTJa50w== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
totalcomp.uat.citigroup.com
www.google-analytics.com
www.googletagmanager.com
2a00:1450:400d:804::2008
2a00:1450:400d:806::200e
95.101.23.89
1578fb88cfebb6b3530403992350a656314bf8a7ab02168468a644e7988ed9b3
1664d8fe707e56a5344099753dd1c96527fa5180cffd170a19c4074320c9eef4
1c7a3ac93a3a11f78fbe08cb78034a4d0d8908ad7104beebb90328b33f27420b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553bfcbd8d643f8808a069e632dbb33ca3b2fd6df8f57a191355dd9b1d49c862
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
93cea79a999be93fb44986e0c8f23577f1792eaf7537aa3d3ff2da2c748b5cfd
94c098f9044a5f780211af70343e7fe8dc571c46248ef599a7a61ef7275fcd5c
96cd943c39cd37b9d6518b6e347a2332763596db53f6ac864bb79d50074e7590
a38317a8a5d6adee2548f296f5c699d99622a0c7d54a56d0e50e5a77981aadf8
bfad487e03a3e7ed7cbd6617707a801ee1ba21bf443b681995c32e6e6c3feeae
c060cdd967c830760a50ee01bce2ced0bda5c9395a70a2590dc779ca884dedca
c973c7dba59f72cbe2bbc4fafb92140604de6ee7aa3d4b4c411c3b35e036838f
cb5643ffff191bf755e4b0812525d2db86931ea3f666bc8f0bf244f2da2042b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea187c46f781d62e4b3eb75356f91784fd316d8789994ea5621d8cf731060374
f8250dc360198ace9db8293bfa1f4921c14bea06c0e1586aa676d640f3d41b7c