www.citi.com
Open in
urlscan Pro
95.101.160.129
Public Scan
Effective URL: https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Submission Tags: falconsandbox
Submission: On March 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert EV RSA CA G2 on November 7th 2023. Valid for: a year.
This is the only time www.citi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 173.213.4.17 173.213.4.17 | 53316 (ASN-CHEET...) (ASN-CHEETA-MAIL) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 63.148.46.76 63.148.46.76 | 53316 (ASN-CHEET...) (ASN-CHEETA-MAIL) | |
1 1 | 23.44.247.124 23.44.247.124 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
19 | 95.101.160.129 95.101.160.129 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
4 | 2a02:26f0:310... 2a02:26f0:3100::1735:2a82 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
30 | 6 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-44-247-124.deploy.static.akamaitechnologies.com
online.citi.com |
ASN16625 (AKAMAI-AS, US)
PTR: a95-101-160-129.deploy.static.akamaitechnologies.com
www.citi.com |
ASN20940 (AKAMAI-ASN1, NL)
p11.techlab-cdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
citi.com
1 redirects
fm.info6.citi.com — Cisco Umbrella Rank: 338213 l.info6.citi.com — Cisco Umbrella Rank: 104818 online.citi.com — Cisco Umbrella Rank: 23657 www.citi.com — Cisco Umbrella Rank: 29463 |
866 KB |
4 |
techlab-cdn.com
p11.techlab-cdn.com — Cisco Umbrella Rank: 5067 |
59 KB |
3 |
eccmp.com
sts.eccmp.com — Cisco Umbrella Rank: 31946 |
9 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 716 |
83 KB |
30 | 4 |
Domain | Requested by | |
---|---|---|
19 | www.citi.com |
fm.info6.citi.com
www.citi.com |
4 | p11.techlab-cdn.com |
www.citi.com
|
3 | sts.eccmp.com |
fm.info6.citi.com
sts.eccmp.com |
1 | online.citi.com | 1 redirects |
1 | l.info6.citi.com |
fm.info6.citi.com
|
1 | ajax.googleapis.com |
fm.info6.citi.com
|
1 | fm.info6.citi.com | |
30 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
info6.citi.com DigiCert EV RSA CA G2 |
2023-11-29 - 2024-12-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.eccmp.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-05-24 - 2024-06-09 |
a year | crt.sh |
www.citi.com DigiCert EV RSA CA G2 |
2023-11-07 - 2024-12-05 |
a year | crt.sh |
p11.techlab-cdn.com R3 |
2024-01-18 - 2024-04-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters
Frame ID: BBDE91FEEED0A95E3E14267A0CD4C2B2
Requests: 30 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%... Page URL
-
https://online.citi.com/US/JRS/infrastructure/target.do?next_page=jfp|jEDelivery_DocCenterLetters
HTTP 301
https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=23&we=8&url=https%3A%2F%2Fonline.citi.com%2FUS%2FJRS%2Finfrastructure%2Ftarget.do%3Fnext_page%3Djfp%7CjEDelivery_DocCenterLetters%26enid%3DAFA7DF3A4278A26460D50C0103D9BCA4CCDF&linkName=CN_ECOMM_CENTER_URL&transId=I2022100280008566 Page URL
-
https://online.citi.com/US/JRS/infrastructure/target.do?next_page=jfp|jEDelivery_DocCenterLetters
HTTP 301
https://www.citi.com/login?next_page=jfp|jEDelivery_DocCenterLetters Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
url.aspx
fm.info6.citi.com/ats/ |
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ |
82 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
open.aspx
l.info6.citi.com/rts/ |
43 B 432 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversen-SDK.js
sts.eccmp.com/sts/scripts/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
617
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ |
35 B 426 B |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.gif
sts.eccmp.com/wts/WebEvent/ |
807 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login
www.citi.com/ Redirect Chain
|
211 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2be5433306a1555bf6f96086ea852669dd0011213c3f
www.citi.com/public/ |
158 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6c8322c7341eac98645c10e3d1d3c7ae.js
www.citi.com/assets/scripts/global/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tagging.min.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ |
42 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner.min.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ |
74 KB 75 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Bold.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ |
70 KB 71 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Regular.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ |
77 KB 78 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.958e0aa55e23c233.css
www.citi.com/cbol-pre-login-static-assets/ |
2 MB 163 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fp-clientlib-v5.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fp.js
www.citi.com/cbol-pre-login-static-assets/assets/js/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.04e838de78ece0ff.js
www.citi.com/cbol-pre-login-static-assets/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.adb80ee790195eb1.js
www.citi.com/cbol-pre-login-static-assets/ |
48 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.9655e22a1093af91.js
www.citi.com/cbol-pre-login-static-assets/ |
52 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.58dfbe0c43e97e35.js
www.citi.com/cbol-pre-login-static-assets/ |
2 MB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RwImc
www.citi.com/f6oua685q6/KVBd/4wRagm/3if9cpSJNG1QO7/BxRDUWU/JTpDJT/ |
210 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65319_1825202430.js
p11.techlab-cdn.com/e/ |
54 KB 18 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65257_1825232097.js
p11.techlab-cdn.com/e/ |
14 KB 6 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64885_1825202523.js
p11.techlab-cdn.com/e/ |
3 KB 2 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65226_747628217.js
p11.techlab-cdn.com/e/ |
70 KB 33 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6c8322c7341eac98645c10e3d1d3c7ae.js
www.citi.com/assets/scripts/global/ |
313 KB 180 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2be5433306a1555bf6f96086ea852669dd0011213c3f
www.citi.com/public/ |
158 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
RwImc
www.citi.com/f6oua685q6/KVBd/4wRagm/3if9cpSJNG1QO7/BxRDUWU/JTpDJT/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Light.woff
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/ |
50 KB 0 |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.citi.com
- URL
- https://www.citi.com/f6oua685q6/KVBd/4wRagm/3if9cpSJNG1QO7/BxRDUWU/JTpDJT/RwImc
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| $$__b2/cilbup/ undefined| jQuery number| ___dm function| ___dto9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
fm.info6.citi.com/ | Name: BIGipServercnv_ats_ssl_pool Value: 1128732682.47873.0000 |
|
l.info6.citi.com/ | Name: ASP.NET_SessionId Value: 2qwredtmcmxbawd1l3we501h |
|
l.info6.citi.com/ | Name: BIGipServercnv_ats_ssl_pool Value: 1061623818.47873.0000 |
|
.citi.com/ | Name: xyz_cr_617_et_100 Value: cr=617&wegc=&et=100&ap=&we=8 |
|
.citi.com/ | Name: AKMTLTSID Value: 3B3CFF9E1186609F3095B6EB8ED11CC7 |
|
.citi.com/ | Name: bm_sz Value: CBE77F649E3BF202692687F50470D462~YAAQiE3bF7pq2EqOAQAAziQaWxewbvmSp/TOEwgZnuWfvd9LrXDhx+C46dI6Jx87K3KdkpvHLp/JiFiwNG0dBUhVSHvdLQfvxPIaFJBVNQIMhWiMuDIyrRM0FPmobJgMR63WWZH4IuV17qdyCQy/Ye2Hyzaoain1QaPsO+HgC3mypdSblJZ8Fb7mIiZkUtgkcoJrxLiEek7eVz2HbawiLcAmrzGB2I8P2hl+5seUqdDkt+zlPd8c5BRSxULeBPva1UNn5hcuxTTK9pnDj/seCC+4nq/Rt/g20LkyV0Cp8/H38K/71kF2BmyRw8/C/TtMIdFk4iF/McxvOiD7WRHIqtK6n4Ly5GbdJG3fUV77GWpXvMRfyg==~3551539~3424563 |
|
.citi.com/ | Name: ak_bmsc Value: D5113E5E74DDB3606D71B08634856542~000000000000000000000000000000~YAAQiE3bF/Jq2EqOAQAAoicaWxcVzzVLbwrfI1XO8yUctMG7/uA7DdBFPj6bNfp9eVLRRBNsOE4Rs+K81uEniLOKksVMHf9p3B2jenhiik2a/f85CS5BJYLeHbsQKVivMtLNeLkkTNyOoyDKJlIUuBYyvrNQa4vzcCuxy8XEk3H97yCRnll/AVMKLTpHdGy+WdLQNNn+ZkRCA1avHrfhMKGpkOJcsYAj+sDhrylUsUFaoPPmVBU5L67UhwiRT+UjqD5Ck/mx8nU7tderlzS1VtL4epTB3i/CcKG1SrB+WyffL6RCxvnZoCqy/dgDFoqOnP0h9HyZYTIJPxWXCgIVhsJy4duEjQzgqkMLo0bxvU0XcRfOaBheThw5t7gd9Kg= |
|
.citi.com/ | Name: NMO5iv8Z Value: AwEqGluOAQAAttssb3IhW1TacyOKkelC2k8IlxD5Fng6xcyqHxFIk_G2pHGSAdly2huucrZKwH8AAEB3AAAAAA|1|0|07f7523ee5d8a6a8aa7fc3ffb534fee6cdd23276 |
|
.citi.com/ | Name: _abck Value: BE8193B9861EE3D93A452751D6EE4BA0~-1~YAAQiE3bF1lr2EqOAQAA6SsaWws3IIsXuCXek/VwBvo1iRJo860Qw9i7rDL0WBVA+8xNb25r1LTUYFx8wfOyZQMSRnfFcg80mUIJweOdHdW4gM4KWPF0dx4+MpBgA6wnYDyq32LI0R/iw/QgACr6e5Jq6LsrrIlSfMS+qgr/5XbwvXgfsRnxhZBCMGcG1IxW9SFy3P1chwDB/M4sHu2CH5Q+VNfpeIz+aZrim8zdZc8JtsICt2D7FzirfL6/EMQsX1Zz5QlshX7Y8NO5ld4mSQ1Vz7LpgoCbaVkBhGeAsCobWTL/0uPKxAIYbuBnSrO21zWslk76b3vjd/IwAGyHNW+MxgucOSIY23nd8CYp1+pYXNiTi0BrlgOhwCAWw2jxqs/rhM77tT8=~-1~-1~-1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fm.info6.citi.com
l.info6.citi.com
online.citi.com
p11.techlab-cdn.com
sts.eccmp.com
www.citi.com
www.citi.com
173.213.4.17
23.44.247.124
2a00:1450:4001:80f::200a
2a02:26f0:3100::1735:2a82
63.148.46.76
95.101.160.129
01be85a6d596b0b84d59f2b4de7285d41272d6a0c2d97a897a428bbfb140370e
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
1762a6d546dfc49a32e2e4b2caefb01368b948b0d137b4e03447e18e3119c65a
1e6350d625fa8dfb8570f6e44683c22532cec183d8c2996db78b74d87d578396
3bcf19ce679acd27c2218eeb943c2d8611265d526df55518b416e43f151b4c6c
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca
50e318ba3791efc745ee17d8754332c0f0993f18b59f6fe97b5437fa18c84c13
5ca352fa4464f68d236ae0a8b8946f3a5c1107112a14dd8eb96b2e6e4be6a0c7
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
6fac9e333a345d008b027e55517ba0a7b37f4cf5e2218b01ba9855c7614ec47e
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
7ee631ff5513ea1a236f455459687f7ba034f2ca6bca26ca3bb439ced608a46f
800b1e1c1ae4398778aba23368c9d3ecb82cc011f70605127e0d657153b10ead
86b3480f7032d69d3002a071be3bd3febbed5a7b3f59be135292e5c70e475aac
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
aa2d9e17f98e261ee737a48868ad52fa1dbdf31f675c1fc3b837c2732c480a8f
b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf87f53255267d9d4498b937ff708e301b08c25fdc8bd65d6c260ade97844411
dcbf4a3e6aa481ac519a2a03794d4bcf4fe740f47ec5e82a70f4ba80cee8a709
dd65a674c821f6a0e0ec4b181532b00c0cc5d5bde623ea98affcb9f383139b57
e864d99a8d998cba8772938c0fc9785007685f0d43fe7c532a8c8e4b8dae4c1a
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296