Homeβ€Ί Infrastructureβ€Ί cmprofile.cards.citidirect.com
Use Caution

Not sure β€” double-check cmprofile.cards.citidirect.com first

40/ 100 trust score
Industry: Infrastructure Checked Jul 10, 2026 Infrastructure average: 44 26 signals

In plain English

This subdomain appears tied to a major bank, but it's not functioning like a normal website β€” it returns an error and offers no content, contact, or information. Without evidence of what it's supposed to do or who runs it, it's best to avoid using it until it's operational and verified.

Cross-referenced 26 live signals from Google Safe Browsing, VirusTotal, WHOIS and more on Jul 10, 2026. How we score β†’

Where the score comes from

We look at six areas. Here's how cmprofile.cards.citidirect.com did in each.
85
Security

Strong encryption with a valid certificate from a well-known issuer, plus HSTS enforced. No security threats detected.

50
Identity

The subdomain is named after a major bank, but there's no direct WHOIS record for it. The SSL certificate adds credibility, but ownership remains unconfirmed.

70
Reputation

Clean on all blacklists and Google Web Risk. No history available due to archive restrictions, which is not unusual for a subdomain.

50
Transparency

No contact, about page, or social media β€” expected for an internal or technical subdomain, but the complete lack of content is a red flag.

50
Compliance

Legal pages are missing, but this is not a consumer-facing site, so the requirement is minimal. Still, a privacy policy would be reassuring.

70
Infrastructure

Quick load times and proper SSL setup. Missing some advanced DNS protections, but nothing alarming for this type of subdomain.

What we checked

The 26 signals behind this report.
Security & Transport
Certificate Issuer
DigiCert Inc
Google Web Risk
Clean
HSTS Header
Present
SSL Certificate
Valid
Security Headers
1 of 6
Server
Apache
TLS Version
TLS 1.3
Identity & WHOIS
About Page
Not found
Branding
Missing
Business Disclosure
Not found
Contact Info
Not found
Legal Pages
Missing
Infrastructure & DNS
DNS Blacklists
Clean
DNS Resolution
1 IP(s)
DNSSEC
Not enabled
Email (MX Records)
None
Hosting Network (ASN)
AS30286 THM
Page Load Time
53ms
Reputation & Reach
Sitemap
Not found
Social Media Presence
None found
Structured Data
None found
Tranco Rank
Not ranked
Trustpilot
No Trustpilot profile
Web Archive History
Unable to check
Website Status
HTTP 400
robots.txt
Present

Run this site? Show your score.

Add a trust badge so visitors can see your live score for themselves.

Get your badge β†’
verified.fyi
cmprofile.cards.citidirect.com
40
N Partner pick
Better safe than sorry. Stay covered everywhere: NordVPN's Threat Protection blocks known scam sites before they load.
Try NordVPN β†’

When you land on a subdomain like cmprofile.cards.citidirect.com, the name suggests a connection to Citibank's card profile system. But the site itself is a blank wall: it returns a 'Bad Request' error, with no homepage, no login page, and no clues about its purpose. For a backend system, that might be normal, but for anyone who stumbled here by accident, there's nothing to trust or use.

Legitimate bank subdomains usually have working pages, proper security headers, and at least some indication of who operates them. While the SSL certificate is valid and no malware warnings appear, the lack of any visible content or way to contact someone makes this a dead end. The WHOIS record for this subdomain doesn't exist, which is common for subdomains, but it also means we can't verify ownership from that angle.

If you're asking 'is cmprofile.cards.citidirect.com a scam' β€” there's no evidence of malicious intent, but there's also no evidence this is a functioning site you should interact with. Don't submit any personal information or attempt to log in. The safest move is to treat it as a misconfigured or abandoned endpoint until there's proof it's meant for public use.

More Infrastructure sites

How similar sites score. See all β†’