fm.info4.citi.com Open in urlscan Pro
63.148.46.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l.info12.citi.com/rts/go2.aspx?h=3446661&tp=i-H55-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q26U-2qSK4w-JDMy1&x=496eb43522527e0e9...
Effective URL:
https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7
Submission: On November 03 via api (November 3rd 2018, 9:06:22 pm UTC) from US

Summary HTTP 20 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 63.148.46.101, located in United States and belongs to ASN-CHEETA-MAIL - CHEETAHMAIL, US. The main domain is fm.info4.citi.com.
TLS certificate: Issued by DigiCert Global CA G2 on October 2nd 2018. Valid for: a year.

This is the only time fm.info4.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	173.213.4.76 173.213.4.76	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL - CHEETAHMAIL)
1 2	63.148.46.101 63.148.46.101	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL - CHEETAHMAIL)
9	172.227.14.237 172.227.14.237	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
8	2.16.186.83 2.16.186.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.186.106 2.16.186.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	5

2 173.213.4.76 (New York, United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL - CHEETAHMAIL, US)

l.info12.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.148.46.101 (United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL - CHEETAHMAIL, US)

fm.info4.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.227.14.237 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-14-237.deploy.static.akamaitechnologies.com

snamwpm.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.83 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-83.deploy.static.akamaitechnologies.com

i.info4.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.106 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-106.deploy.static.akamaitechnologies.com

namwpm.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	citi.com 2 redirects l.info12.citi.com fm.info4.citi.com i.info4.citi.com	121 KB
10	eccmp.com snamwpm.eccmp.com namwpm.eccmp.com	164 KB
20	2

	Domain	Requested by
9	snamwpm.eccmp.com	fm.info4.citi.com
8	i.info4.citi.com	fm.info4.citi.com
2	fm.info4.citi.com	1 redirects
2	l.info12.citi.com	1 redirects fm.info4.citi.com
1	namwpm.eccmp.com	fm.info4.citi.com
20	5

This site contains links to these domains. Also see Links.

Domain
l.info12.citi.com

Subject Issuer	Validity	Valid
info4.citi.com DigiCert Global CA G2	`2018-10-02` - `2019-09-02`	a year	crt.sh
info12.citi.com DigiCert SHA2 Extended Validation Server CA	`2018-08-27` - `2020-08-26`	2 years	crt.sh
wpm.ccmp.eu Let's Encrypt Authority X3	`2018-10-29` - `2019-01-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7
Frame ID: 0F0A6E2C374E2A67A071E8DEF539EA75
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://l.info12.citi.com/rts/go2.aspx?h=3446661&tp=i-H55-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q26U-2qSK4w-JDMy1... HTTP 302
http://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794... HTTP 302
https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx(?:$|\?)/i

Page Statistics

20
Requests

55 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

5
IPs

2
Countries

284 kB
Transfer

278 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://l.info12.citi.com/rts/go2.aspx?h=3446669&tp=i-H8B-Q3d-RXc-2t9x3h-25-wTJ0-1c-G-2qSK4w-fWu9&x=760185554
Title: Apply Now

Search URL Search Domain Scan URL

URL: http://l.info12.citi.com/rts/go2.aspx?h=3446665&tp=i-H9D-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q26j-G-2qSK4w-1Odqmg

Search URL Search Domain Scan URL

URL: http://l.info12.citi.com/rts/go2.aspx?h=3446666&tp=i-H9D-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q26j-G-2qSK4w-1Odqmg

Search URL Search Domain Scan URL

URL: http://l.info12.citi.com/rts/go2.aspx?h=3446667&tp=i-H9D-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q26j-G-2qSK4w-1Odqmg

Search URL Search Domain Scan URL

URL: http://l.info12.citi.com/rts/go2.aspx?h=3446668&tp=i-H9D-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q26j-G-2qSK4w-1Odqmg

Search URL Search Domain Scan URL

URL: http://l.info12.citi.com/rts/go2.aspx?h=3446670&tp=i-H8B-Q3d-RXc-2t9x3h-25-wTJ0-1c-G-2qSK4w-fWu9&x=i-H8B-Q3d-RXc-2t9x3h-25-wTJ0-1c-G-2qSK4w-fWu9
Title: click here

Search URL Search Domain Scan URL

URL: http://l.info12.citi.com/rts/go2.aspx?h=3446664&tp=i-H9D-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q275-G-2qSK4w-YZ9XX
Title: Privacy

Search URL Search Domain Scan URL

URL: http://l.info12.citi.com/rts/go2.aspx?h=3446663&tp=i-H9D-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q278-G-2qSK4w-AVRUb
Title: Security Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.info12.citi.com/rts/go2.aspx?h=3446661&tp=i-H55-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q26U-2qSK4w-JDMy1&x=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 HTTP 302
http://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 HTTP 302
https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request msg.aspx Show response fm.info4.citi.com/ats/ Redirect Chain http://l.info12.citi.com/rts/go2.aspx?h=3446661&tp=i-H55-Q3d-RXc-2t9x3h-25-wTJ0-1c-4q26U-2qSK4w-JDMy1&x=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 http://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7	78 KB 79 KB	1171ms 807ms	Document text/html	63.148.46.101 CHEETAHMAIL
General Check archive.org Show headers Download Go to Full URL https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.148.46.101 , United States, ASN53316 (ASN-CHEETA-MAIL - CHEETAHMAIL, US), Reverse DNS Software / ASP.NET Resource Hash `0b346f27d3c1930ecb3dfb0446e12d9ce05b2870a5289c2e040b09e35bee955f` Request headers Host fm.info4.citi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Cookie BIGipServercnv_ats_pool=1095178250.20480.0000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Cache-Control no-cache, no-store, must-revalidate Pragma no-cache Content-Type text/html; charset=utf-8 Expires 0 X-Powered-By ASP.NET Date Sat, 03 Nov 2018 21:06:11 GMT Content-Length 80373 Redirect headers Cache-Control no-cache, no-store, must-revalidate Pragma no-cache Content-Type text/html; charset=utf-8 Expires 0 Location https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 X-Powered-By ASP.NET Date Sat, 03 Nov 2018 21:06:10 GMT Content-Length 224 Set-Cookie BIGipServercnv_ats_pool=1095178250.20480.0000; path=/; Httponly
GET H/1.1	200 OK	open.aspx l.info12.citi.com/rts/	581 B 1 KB	370ms 92ms	Image image/gif	173.213.4.76 CHEETAHMAIL
General Check archive.org Show headers Download Go to Show image Full URL https://l.info12.citi.com/rts/open.aspx?tp=i-H8B-Q3d-RXc-2t9x3h-25-wTJ0-1c-G-2qSK4w-fWu9 Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.213.4.76 New York, United States, ASN53316 (ASN-CHEETA-MAIL - CHEETAHMAIL, US), Reverse DNS Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `9c4235ca80183ac2c63ac9f3163ee8d96218b463a325e1b4f02983ab51919a66` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host l.info12.citi.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Cookie ASP.NET_SessionId=ikhkh5yx1gpdj3plfytp534c Connection keep-alive Cache-Control no-cache Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Sat, 03 Nov 2018 21:06:11 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET Transfer-Encoding chunked Content-Type image/gif Cache-Control no-cache, max-age=0 Expires 0
GET H/1.1	200 OK	GBL_spacer.gif snamwpm.eccmp.com/wpm/503/Global/	49 B 318 B	50ms 6ms	Image image/gif	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/Global/GBL_spacer.gif Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `6fdf55780fc9e92c5234f96da7b1054ff6ceb78994f7f033abfe6d9527851c25` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Mon, 23 Oct 2017 21:40:21 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "aa3f386474cd31:0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 49
GET H/1.1	200 OK	GBL_Header_logo_Citi.jpg snamwpm.eccmp.com/wpm/503/Global/	5 KB 5 KB	49ms 6ms	Image image/jpeg	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/Global/GBL_Header_logo_Citi.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `f4d802ba7918a484c255df083a2219a162fdc3ae07f478df9eab8c6749d1d897` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Wed, 08 Nov 2017 20:20:53 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "b846da13cf58d31:0" Content-Type image/jpeg Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 4782
GET H/1.1	200 OK	GBL_Header_colorbar_Citi.jpg snamwpm.eccmp.com/wpm/503/Global/	4 KB 4 KB	49ms 6ms	Image image/jpeg	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/Global/GBL_Header_colorbar_Citi.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `cea6731b23a67b5719fe4cbd5f7cc3c3f5bd173dd2bcb9c382792e938a281ed9` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Mon, 22 Oct 2018 18:54:17 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "66cd92a2386ad41:0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 3993
GET H/1.1	200 OK	08172018_DC_Prospect_Arrow1.png i.info4.citi.com/wpm/100169/images/EE/	3 KB 4 KB	58ms 7ms	Image image/png	2.16.186.83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.info4.citi.com/wpm/100169/images/EE/08172018_DC_Prospect_Arrow1.png Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-83.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `4631c3d5d97fc2253969f970fe2b28507000eb5eeca633cb798a2a60233b8832` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Thu, 13 Sep 2018 23:16:05 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "e87edbbeb74bd41:0" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3512
GET H/1.1	200 OK	08172018_DC_Prospect_Arrow2.png i.info4.citi.com/wpm/100169/images/EE/	3 KB 4 KB	58ms 7ms	Image image/png	2.16.186.83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.info4.citi.com/wpm/100169/images/EE/08172018_DC_Prospect_Arrow2.png Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-83.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `c5e565975614607ce818d59f1717d29001862d413a27f1e7455881050bcf1fe8` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Thu, 13 Sep 2018 23:16:05 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "ee4af1beb74bd41:0" Content-Type image/png Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 3489
GET H/1.1	200 OK	08172018_DC_Prospect_Background_DSK.jpg i.info4.citi.com/wpm/100169/images/EE/	11 KB 11 KB	57ms 7ms	Image image/jpeg	2.16.186.83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.info4.citi.com/wpm/100169/images/EE/08172018_DC_Prospect_Background_DSK.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-83.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `a9506829c5988887b7c515ba058ac987d60120c3b66fc2016d2aa364de42da7f` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Thu, 13 Sep 2018 23:16:05 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "ec31fdbeb74bd41:0" Content-Type image/jpeg Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 10890
GET H/1.1	200 OK	Citi_Double_Cash_L_142.png snamwpm.eccmp.com/wpm/503/CardArt/	139 KB 139 KB	6ms 6ms	Image image/png	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/CardArt/Citi_Double_Cash_L_142.png Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `4f2b7fea0da562d4ee8a35a12b10c958b578125327c14562b19d260c9da0e06d` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Fri, 19 May 2017 19:21:00 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "3a4cdcd5d0d21:0" Content-Type image/png Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 142016
GET H/1.1	200 OK	spacer.gif i.info4.citi.com/wpm/100169/images/EE/	1 KB 1 KB	6ms 6ms	Image image/gif	2.16.186.83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.info4.citi.com/wpm/100169/images/EE/spacer.gif Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-83.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `34c22e7198050b174c6681b8d523411eef11ce54c5f06c219c21f3651cbba80d` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Fri, 22 Apr 2016 17:55:43 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "e443ba30c09cd11:0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1100
GET H/1.1	200 OK	08172018_DC_Prospect_Five_Stars.jpg i.info4.citi.com/wpm/100169/images/EE/	4 KB 4 KB	6ms 6ms	Image image/jpeg	2.16.186.83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.info4.citi.com/wpm/100169/images/EE/08172018_DC_Prospect_Five_Stars.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-83.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `3ef224056885483a0762957f1f34de7a5c8c53eb07657b830fb65634e3ff1e4e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Thu, 13 Sep 2018 23:16:06 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "758250bfb74bd41:0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 3740
GET H/1.1	200 OK	08172018_DC_Prospect_WWN_DSK.jpg i.info4.citi.com/wpm/100169/images/EE/	10 KB 10 KB	6ms 5ms	Image image/jpeg	2.16.186.83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.info4.citi.com/wpm/100169/images/EE/08172018_DC_Prospect_WWN_DSK.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-83.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `91bb033c49ff4ada1ebb9e97e14a5f9a864c1a950e2f45daa66120a0d79c7449` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Thu, 13 Sep 2018 23:16:06 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "ecae9cbfb74bd41:0" Content-Type image/jpeg Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 9859
GET H/1.1	200 OK	08172018_DC_Prospect_WWN_MOB.jpg i.info4.citi.com/wpm/100169/images/EE/	5 KB 5 KB	11ms 6ms	Image image/jpeg	2.16.186.83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.info4.citi.com/wpm/100169/images/EE/08172018_DC_Prospect_WWN_MOB.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-83.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `3ee868a28539fb14181f6783ce5fc7ce888f0e40e54f9ab9805127f2c8c56511` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Thu, 13 Sep 2018 23:16:05 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "d9ac6beb74bd41:0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 5159
GET H/1.1	200 OK	spacer.gif i.info4.citi.com/wpm/100164/ContentUploads/BAU/images/	1 KB 1 KB	19ms 15ms	Image image/gif	2.16.186.83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.info4.citi.com/wpm/100164/ContentUploads/BAU/images/spacer.gif Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-83.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `1aede147187d53f5714d415734053ef3a8bb6a2fe62cac6adedda1aef203d5eb` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Fri, 02 Nov 2018 22:47:51 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "f37aba15fe72d41:0" Content-Type image/gif Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 1101
GET H/1.1	200 OK	GBL_footer_social_Twitter.jpg snamwpm.eccmp.com/wpm/503/Global/	3 KB 3 KB	8ms 7ms	Image image/jpeg	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/Global/GBL_footer_social_Twitter.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `a43a15bc9b65397075ba4f9f2f1476ec06a46cd58ec5f3b48ad3e9f859b7094a` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Mon, 23 Oct 2017 21:40:20 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "4f1b8a86474cd31:0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2714
GET H/1.1	200 OK	GBL_footer_social_Facebook.jpg snamwpm.eccmp.com/wpm/503/Global/	3 KB 3 KB	7ms 6ms	Image image/jpeg	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/Global/GBL_footer_social_Facebook.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `35e84ba7771cc7936bc07f4d93cb344544d32cd60b3bef324c49f6dda9d98e35` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Mon, 23 Oct 2017 21:40:21 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "235d486474cd31:0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2977
GET H/1.1	200 OK	GBL_footer_social_Youtube.jpg snamwpm.eccmp.com/wpm/503/Global/	4 KB 4 KB	6ms 6ms	Image image/jpeg	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/Global/GBL_footer_social_Youtube.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `dfa4b025a33d010c9783f38010749c3c9fc4742ade96c88d61de1f50b0564ffa` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Mon, 23 Oct 2017 21:40:21 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "38b32287474cd31:0" Content-Type image/jpeg Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 3640
GET H/1.1	200 OK	GBL_footer_social_Instagram.jpg snamwpm.eccmp.com/wpm/503/Global/	4 KB 4 KB	12ms 6ms	Image image/jpeg	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/Global/GBL_footer_social_Instagram.jpg Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `8c0e65aa5af1fbc6ae576bddf3eabbc73fec517fb1f024c737b479e7bfe4d9d8` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Mon, 23 Oct 2017 21:40:22 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "befc087474cd31:0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 4007
GET H/1.1	200 OK	1x2.gif namwpm.eccmp.com/wpm/503/GlobalHeadersFooters/	1 KB 1 KB	69ms 17ms	Image image/gif	2.16.186.106 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://namwpm.eccmp.com/wpm/503/GlobalHeadersFooters/1x2.gif Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Server 2.16.186.106 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-106.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `b8d0e312d050ebc6ee7b071d77cb9ede500de8a20832fde75abfc8ac0d0ab4ab` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Wed, 06 May 2015 21:44:56 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "6341f7e44588d01:0" Content-Type image/gif Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 1097
GET H/1.1	200 OK	GBL_spacer1x20.gif snamwpm.eccmp.com/wpm/503/Global/	45 B 339 B	7ms 7ms	Image image/gif	172.227.14.237 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://snamwpm.eccmp.com/wpm/503/Global/GBL_spacer1x20.gif Requested by Host: fm.info4.citi.com URL: https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.14.237 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a172-227-14-237.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash `6367591ceb3311df06189904ae563c065357446dc1e95ddd8db287c632bb06d9` Request headers Referer https://fm.info4.citi.com/ats/msg.aspx?sg1=496eb43522527e0e93b701f5cf24025e00c880088a6f413b95ae32e3794055e7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 03 Nov 2018 21:06:12 GMT Last-Modified Mon, 23 Oct 2017 21:40:21 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "3bb4387474cd31:0" Content-Type image/gif Cache-Control no-cache Connection keep-alive Accept-Ranges bytes Content-Length 45

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fm.info4.citi.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_pool Value: 1095178250.20480.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fm.info4.citi.com
i.info4.citi.com
l.info12.citi.com
namwpm.eccmp.com
snamwpm.eccmp.com
172.227.14.237
173.213.4.76
2.16.186.106
2.16.186.83
63.148.46.101
0b346f27d3c1930ecb3dfb0446e12d9ce05b2870a5289c2e040b09e35bee955f
1aede147187d53f5714d415734053ef3a8bb6a2fe62cac6adedda1aef203d5eb
34c22e7198050b174c6681b8d523411eef11ce54c5f06c219c21f3651cbba80d
35e84ba7771cc7936bc07f4d93cb344544d32cd60b3bef324c49f6dda9d98e35
3ee868a28539fb14181f6783ce5fc7ce888f0e40e54f9ab9805127f2c8c56511
3ef224056885483a0762957f1f34de7a5c8c53eb07657b830fb65634e3ff1e4e
4631c3d5d97fc2253969f970fe2b28507000eb5eeca633cb798a2a60233b8832
4f2b7fea0da562d4ee8a35a12b10c958b578125327c14562b19d260c9da0e06d
6367591ceb3311df06189904ae563c065357446dc1e95ddd8db287c632bb06d9
6fdf55780fc9e92c5234f96da7b1054ff6ceb78994f7f033abfe6d9527851c25
8c0e65aa5af1fbc6ae576bddf3eabbc73fec517fb1f024c737b479e7bfe4d9d8
91bb033c49ff4ada1ebb9e97e14a5f9a864c1a950e2f45daa66120a0d79c7449
9c4235ca80183ac2c63ac9f3163ee8d96218b463a325e1b4f02983ab51919a66
a43a15bc9b65397075ba4f9f2f1476ec06a46cd58ec5f3b48ad3e9f859b7094a
a9506829c5988887b7c515ba058ac987d60120c3b66fc2016d2aa364de42da7f
b8d0e312d050ebc6ee7b071d77cb9ede500de8a20832fde75abfc8ac0d0ab4ab
c5e565975614607ce818d59f1717d29001862d413a27f1e7455881050bcf1fe8
cea6731b23a67b5719fe4cbd5f7cc3c3f5bd173dd2bcb9c382792e938a281ed9
dfa4b025a33d010c9783f38010749c3c9fc4742ade96c88d61de1f50b0564ffa
f4d802ba7918a484c255df083a2219a162fdc3ae07f478df9eab8c6749d1d897

fm.info4.citi.com Open in urlscan Pro 63.148.46.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

55 %HTTPS

0 %IPv6

2 Domains

5 Subdomains

5 IPs

2 Countries

284 kBTransfer

278 kBSize

1 Cookies

8 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

fm.info4.citi.com Open in urlscan Pro
63.148.46.101 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

55 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

5
IPs

2
Countries

284 kB
Transfer

278 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions