totalcomp.uat.citigroup.com
Open in
urlscan Pro
23.44.201.8
Public Scan
Effective URL: https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&G...
Submission: On September 05 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by DigiCert EV RSA CA G2 on July 29th 2024. Valid for: a year.
This is the only time totalcomp.uat.citigroup.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 23.44.201.8 23.44.201.8 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
17 | 2 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-8.deploy.static.akamaitechnologies.com
totalcomp.uat.citigroup.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
citigroup.com
1 redirects
totalcomp.uat.citigroup.com |
568 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
18 | totalcomp.uat.citigroup.com |
1 redirects
totalcomp.uat.citigroup.com
|
17 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.citigroup.com |
onereset.citigroup.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
uat.citigroup.com DigiCert EV RSA CA G2 |
2024-07-29 - 2025-08-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f
Frame ID: 9569F8DB1B231DDEAFC7A7D6CF1FB2A8
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Single Sign-OnPage URL History Show full URLs
-
https://totalcomp.uat.citigroup.com/
HTTP 302
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Akamai Bot Manager (Security) Expand
Detected patterns
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Reset Password
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://totalcomp.uat.citigroup.com/
HTTP 302
https://totalcomp.uat.citigroup.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-000f3295-6b9b-1a62-915b-df33b150f021&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-EX4a4eKuDPJH2mq2WkUQlSBIa3PzD4KkhKJHhZ5CmGmiL8dsC7SVaUxq%2bRs%2bNRffJBkyIERwEQOR4vDZLa9ZRsKVV8bbkeW4&TARGET=-SM-%2f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.fcc
totalcomp.uat.citigroup.com/siteminderagent/forms/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.css
totalcomp.uat.citigroup.com/siteminderagent/css/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
totalcomp.uat.citigroup.com/siteminderagent/css/ |
102 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citi_styles.css
totalcomp.uat.citigroup.com/siteminderagent/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form_citi.css
totalcomp.uat.citigroup.com/siteminderagent/css/ |
1 KB 968 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.js
totalcomp.uat.citigroup.com/siteminderagent/js/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4e0d7ca4
totalcomp.uat.citigroup.com/akam/13/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global_header_logo_temp.png
totalcomp.uat.citigroup.com/siteminderagent/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sso_logo.png
totalcomp.uat.citigroup.com/siteminderagent/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
totalcomp.uat.citigroup.com/siteminderagent/js/ |
87 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
totalcomp.uat.citigroup.com/siteminderagent/js/ |
57 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citi-fonts-totalcomp.css
totalcomp.uat.citigroup.com/siteminderagent/css/ |
6 KB 886 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
body-blue.jpg
totalcomp.uat.citigroup.com/siteminderagent/images/ |
374 KB 375 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Citi-Sans-Text-Regular.woff
totalcomp.uat.citigroup.com/siteminderagent/fonts/CitiSans/ |
48 KB 48 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Citi-Sans-Condensed-Regular.woff
totalcomp.uat.citigroup.com/siteminderagent/fonts/CitiSans/ |
43 KB 44 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
totalcomp.uat.citigroup.com/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel_4e0d7ca4
totalcomp.uat.citigroup.com/akam/13/ |
0 623 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| resetCredFields function| submitForm object| html5 object| Modernizr function| yepnope string| bazadebezolkohpepadr function| $ function| jQuery object| bootstrap string| urhehlevkedkilrobacf3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.uat.citigroup.com/ | Name: bm_mi Value: 042E508531A7788B5E7A627997337244~YAAQiMosF3fgY76RAQAAUfd/wxnWoiSK+kE1oIqSw04ZbFIQehVxhTfKCF699TmO+8C9W0WgjtR7YPKJ3g9nCFDtH+f3JnZnr/M3DH1rMi9bxB/W1RkAd+HEZ+WcTD5Ms0oCcq1mq3KgNaUlcyvOmBYtQLIlZfD4MYH5f9epXkIGzu7P6cW7G9tygcdCC/wnXQ8nD3DTIycaOZZfBgGoOMfNO1fJtp54wuMRAXsUaS9TmfhfkV2+Fl2Ld0q5UeE2vdvX+rLEz1vg8t0drKbjvV9X4mVVJH4uLJn1zkgRlBGVWKB7Ysd/uRiU1j7zpE4v0xVAjwz3MvhPYOnZr6JQcStuq0RvUiV6SuT3wY3vZLZqQjy+~1 |
|
.uat.citigroup.com/ | Name: bm_sv Value: 1F37FE608FFEADEFC99CAA840DEDF2C4~YAAQiMosF3jgY76RAQAAUfd/wxnoaZOpElYtBguzRxU6nkmqaS1Fik1D4Pp2cnuSHZDBDvvSfCTFbM7B/JhtbGPueXWQRgkq14Ftp1oZBNgGC2CHs9jVN5MwGPHdTlPdBQosSVl5+tKVzOOeMVjAGwLZcrPIffxOxbnVhZrIsoQcl3l/2zd5ALMX5D3wcrDgZwwIsCo95C57ZB0yR3Snxb9MXN+DANimk3Kj2jiA2vsjbtQcA/+XOTyAXZbqSQ1PWhVZ3OoZiQ==~1 |
|
.uat.citigroup.com/ | Name: ak_bmsc Value: 264CE72093D05F7A6E1FF7578B541583~000000000000000000000000000000~YAAQiMosF6bgY76RAQAAEfx/wxkUKgp8lJAYI4nTfTjkc0CplN9jkJiVYMthvl1RM/1ya8sIcLojA/1MFFFxutb/kIphP59q6PPI+7kNffd4rOG9BOr7+4uPMUut3Px38AnlEqvVkCTHKWajAn03Wp42X6tHQAIuYXqgJplUx7+3g54T87bM3I22L2c2fL+EK43yd4BcuFEd1i4G4Da6AwpTxh06E+LbfdDXVD3I/7xZNjdwwdHyDvPojIK0aaKhVWILoyes/fBlmqNNYKYLKAio0P6ZqUjr9ksXJn4Dxre8Fk6o1/iq0GP++yl5xY/1fLRBy4ZW1ajZK0KXFwh2fjuMhBm17V8ZLs8YalJpjvOkulyscaNQuTayTR6/JD7LPCMsUgIokfRMrOYY6DBhB0dsKKIi4uDvFXqiczKebhyYxvZbn1g7MrvsU/ScRDYKVS6/Oh76WGRuDl5lYqHT6Ow3g26KUvZBStdL+27kwweFsSgTCHM2Cd0MHUj7FVb5oQlfwx/sANMR/ouqVezgSqdZczjOTBA= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
totalcomp.uat.citigroup.com
23.44.201.8
08283303ed714e7bb8b37c10b1b2517f2757e0733643eb1af3cc85b59e27a891
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
1224dbf1a5786987c10e502444e9952de62e17794f91f8719d7f3e579599b5be
1b2023a684cd5eced3285fedb7d5dc9ac97c20c3c951898ce186876ec6b050b9
5cba3d59e5e6361b6a8a0aa3f66c3ef23de3d9cffb5eac05b46856f64a9fd7cb
6c1349b53dbe364f75bbe4ce6e82cca56b327ecf500b7fc31f5df0e95a224f88
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8d6e5ba6ef25ac83c4a4dd22ec7c350efe87c3e79141d055d4b33e7eacc2f9ba
9e19c89b4d3fc9b9c95057240559f798e64820de9d4aae03e581f24fcb618c79
b68039b4d7384722e9727ef1734554cb835c053504d06e3e023f03fb979aa85d
c040fd349f2f0976c871c5c165cd6e601f8cfe54c9bdad262ce4e44c5b817b98
c52e48eb0d54c04a0c3d7b374d2753b1f65b18337ec4f081912a261b0b4e5b0d
c6c809191dde6c3b2d7d3055a4e429475618924615be6a06dc0348737bd4b89f
d22ee8331756e48ecac636e0b4e39e1e0f1afa9e8c19f593e13359bf5bb9c611
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc0ed22370fe73609bda01a4560350053fdab1e843684e644b79e4b6fe2f75ab
fe61eddfbaa8612d6003a4db00d323c90080e77a319e0c5ddc58a5e6199333c8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e