citibanksgdvpadminuat.investcloud.com
Open in
urlscan Pro
2606:4700::6811:b76b
Public Scan
Effective URL: https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f
Submission: On April 27 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.
This is the only time citibanksgdvpadminuat.investcloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 27 | 2606:4700::68... 2606:4700::6811:b76b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
33 | 5 |
ASN13335 (CLOUDFLARENET, US)
citibanksgdvpadminuat.investcloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
investcloud.com
2 redirects
citibanksgdvpadminuat.investcloud.com |
2 MB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 607 fonts.googleapis.com — Cisco Umbrella Rank: 119 |
7 KB |
1 |
gstatic.com
fonts.gstatic.com |
126 KB |
0 |
citigroup.net
Failed
secureaccessweb.uat.nam.citigroup.net Failed |
|
33 | 4 |
Domain | Requested by | |
---|---|---|
27 | citibanksgdvpadminuat.investcloud.com |
2 redirects
citibanksgdvpadminuat.investcloud.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
ajax.googleapis.com
|
1 | ajax.googleapis.com |
citibanksgdvpadminuat.investcloud.com
|
0 | secureaccessweb.uat.nam.citigroup.net Failed |
citibanksgdvpadminuat.investcloud.com
|
33 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-27 - 2024-04-25 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://secureaccessweb.uat.nam.citigroup.net/siteminderagent/forms/logout.html
Frame ID: 86FAB6866DD6255EC08F55BD21A2EE5D
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://citibanksgdvpadminuat.investcloud.com/
HTTP 302
https://citibanksgdvpadminuat.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- googleapis\.com/.+webfont
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://citibanksgdvpadminuat.investcloud.com/
HTTP 302
https://citibanksgdvpadminuat.investcloud.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
https://citibanksgdvpadminuat.investcloud.com/Membership/Apps/CitiAdminLogin_WF_App.aspx?ReturnURL=%2f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
CitiAdminLogin_WF_App.aspx
citibanksgdvpadminuat.investcloud.com/Membership/Apps/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HomePage_CitiAdminLogin.WF.App_IX777D35F547A3317F8964B3CE50A2E94C.css
citibanksgdvpadminuat.investcloud.com/styles/5D94B819B6447F5E052A1B49107F1AD4/ |
1 MB 154 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
V4_Startup_IXC67D19FC80A59DEE8910EB45BEC309F2.js
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ |
276 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
V4_Library_IXB2EE3C3BB8C4E7A406837021FAEA269A.js
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ |
3 MB 920 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HomePage_CitiAdminLogin_WF_App_Dependency_IXC8C510EBA828B6FC9A1572EEF2C92012.js
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ |
2 MB 425 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HomePage_CitiAdminLogin_WF_App_iXing_IXDFACFDCF09A7926365DCE8D0F3E21FB8.js
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ |
2 MB 338 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HomePage_CitiAdminLogin_WF_App_Generated_IX26792CF152A8532144184499E98D5749.js
citibanksgdvpadminuat.investcloud.com/scripts/jig/5D94B819B6447F5E052A1B49107F1AD4/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiAdminLogin_WF_App-ApplicationMapper_IXC5AA563EED9DC5FC04AE9317AEF850DC.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
3 KB 649 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiAdminLogin_WF_App-CommandListService_IX8E763BEBFAD91FCE8C16531ECFC90897.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
1009 B 505 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiAdminLogin_WF_App-LocaleFieldFormats_IX711C617C5D04E84646EF6DE04C072E35.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
60 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiAdminLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
116 B 185 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiAdminLogin_WF_App-WorkFlowApplicationTree_IX201016D156126F886E9D375D4DBA9407.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
269 B 223 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiAdminLogin_WF_App-WorkFlow_IX24F608EF4B7F4B0293858C8F909222A3.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
1 KB 504 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT_IX78F87337543FC7B936AF1AB0F7D21B34.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-ApplicationMapper_IX00BC54E946ED3A1AAEA0D20527F6B37D.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
3 KB 715 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-ApplicationMapper_IXC6E1CF84FD28B1BE38ACFCF8C8B6D791.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
8 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-CommandListService_IX6DA3110EA0347F14078E7DBDB16C09E1.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
93 B 827 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
116 B 195 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-WorkFlowApplicationTree_IX3AB8E9A2BB262E6202FADD8045214353.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
274 B 218 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-WorkFlowApplicationTree_IX9ACF8A467E76817F6078E92BED62DE5F.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
272 B 197 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-WorkFlow_IX376D32AD9481CA2811FA04521BF41B54.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
1 KB 653 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-WorkFlow_IXEC40074822FB96A2882493E570D21BCF.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
1 KB 520 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiSGAdminUAT-638114718209044915-locale-en-US.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
8 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiAdminLogin_WF_App-638114718209044915-locale-en-US.json
citibanksgdvpadminuat.investcloud.com/scripts/jig/ |
9 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ecd.ashx
citibanksgdvpadminuat.investcloud.com/iXingPages/ |
1 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ |
125 KB 126 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
Ecd.ashx
citibanksgdvpadminuat.investcloud.com/iXingPages/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ilg.ashx
citibanksgdvpadminuat.investcloud.com/Membership/ExtPages/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
citi_logo.png
citibanksgdvpadminuat.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logout.html
secureaccessweb.uat.nam.citigroup.net/siteminderagent/forms/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SignOut.aspx
citibanksgdvpadminuat.investcloud.com/Membership/ExtPages/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- citibanksgdvpadminuat.investcloud.com
- URL
- https://citibanksgdvpadminuat.investcloud.com/iXingPages/Ecd.ashx?IX_EXTAUTH=Y
- Domain
- citibanksgdvpadminuat.investcloud.com
- URL
- https://citibanksgdvpadminuat.investcloud.com/Membership/ExtPages/ilg.ashx?IX_MN=Y
- Domain
- citibanksgdvpadminuat.investcloud.com
- URL
- https://citibanksgdvpadminuat.investcloud.com/App_Themes/Default/images/ClientThemeImages/Citibank/citi_logo.png
- Domain
- secureaccessweb.uat.nam.citigroup.net
- URL
- https://secureaccessweb.uat.nam.citigroup.net/siteminderagent/forms/logout.html
- Domain
- citibanksgdvpadminuat.investcloud.com
- URL
- https://citibanksgdvpadminuat.investcloud.com/Membership/ExtPages/SignOut.aspx?_=1682607616499
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
citibanksgdvpadminuat.investcloud.com/ | Name: ASP.NET_SessionId Value: yjoaeo5zmkfwlxdvrxt2nirb |
|
citibanksgdvpadminuat.investcloud.com/ | Name: IXCulture Value: en-US |
|
citibanksgdvpadminuat.investcloud.com/ | Name: IXSBaseUtcOffset Value: 480 |
|
citibanksgdvpadminuat.investcloud.com/ | Name: XSRF-TOKEN Value: A1B0663426FFCD29719894A2099575D3 |
|
citibanksgdvpadminuat.investcloud.com/ | Name: IXTMO Value: 3600000 |
|
citibanksgdvpadminuat.investcloud.com/ | Name: IXTimezone Value: Etc/UTC |
|
citibanksgdvpadminuat.investcloud.com/ | Name: IXLastActivityTime Value: Thu Apr 27 2023 15:00:17 GMT+0000 (GMT) |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
citibanksgdvpadminuat.investcloud.com
fonts.googleapis.com
fonts.gstatic.com
secureaccessweb.uat.nam.citigroup.net
citibanksgdvpadminuat.investcloud.com
secureaccessweb.uat.nam.citigroup.net
2606:4700::6811:b76b
2a00:1450:4001:80e::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
020125e62d2535d557f80d6ae79a114681e6719dee56ddd334154215111bb68f
1a844a8ef61986f97fef9e17a010a979bfd05dfbd933ef3842e23b2ff517a158
22c0d6fe8d979586e4a41dc00815592b9a86b83a763106f879fafdbce924aa6c
29fa5e13c28d17141ab044ed8774fb5df126bab9d8158eef450ea00d07bb54a0
31483ab01852b928c64ba6d5c271e20159886f1f67a36d74e367c204dc633e0d
393a948ee177ef5e630447bdb642613e638123bf258b5c6353e9a9e9fe916682
46ea45e2d4a3a5bc6c1dbe0d5dc214abdafe999081c6425f51f57616b183399b
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
571ae25fbe855bb5633701c237368ed29ad88c1f8b6a032390b2879152bb88db
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59390fbe7ade8ab9e1ae43cec3670e13b9be3b85894aa5fedf263f0cc985ab4b
5a63456e99c610d60e58ffef322ea694af1a4b36ef841bdb2adb0a7032ed8098
62225ca7cda1212f981952069055c269a168b1adcb1c915bea1a9423c2d45e23
6553f386755643d74580f0fdd8ece0892a8c8db3c19e8061423ea32949dba3da
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
860763e84c5642fc90f393488bd7ff944758f0162b915254d4b3b69a49f6684e
971a06447a65f9ccea74dcb058c865b18a0418931eed1b3699f83071bf59cb0c
9b84ae1114d920820c657fc64d709454b01715dbb594293abdb9cf3a1967d0d9
a485480fdddf24c55d071a27fb7355c9ff9d8752408c2a8f80e08b7e7e3d8521
c590d31f65b7a5adb7fcdbf60feb1b360f06a93e90a533fd64a362a4083c8a3c
c88434fc8e0f3845e8544adb1329c737cc3253b5fa688d689c8d297f6cc34b7e
d79008e8eb48bd79578e49e6305a5f2e9af170cfdff67b1fd2b4135b3ec3a896
deceb806bb8080857c4e05f5813e8abcaf0098a4e92a580adbc244765adbf39b
df26bd46f2dc3d5734d4e8b9e137652dc484693cfc69cf8eebeb1f4ff4a78e74
eefd115e58f8910fd71b8cf599760f23a5d6fc85c807614f475f46119366ebd3
f19b820f6a2fe9522dcefa908c166d3bea90d4462a722ce68aa0612749e786e7