admin.livewellatciti.com Open in urlscan Pro
13.32.27.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://admin.livewellatciti.com/
Submission: On October 23 via automatic, source certstream-suspicious (October 23rd 2023, 7:31:41 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 13.32.27.85, located in United States and belongs to AMAZON-02, US. The main domain is admin.livewellatciti.com.
TLS certificate: Issued by DigiCert EV RSA CA G2 on November 3rd 2022. Valid for: a year.

This is the only time admin.livewellatciti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	13.32.27.85 13.32.27.85	16509 (AMAZON-02) (AMAZON-02)
2	104.26.2.153 104.26.2.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
12	4

8 13.32.27.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-85.fra56.r.cloudfront.net

admin.livewellatciti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.153 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.quilljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	livewellatciti.com admin.livewellatciti.com	2 MB
2	quilljs.com cdn.quilljs.com — Cisco Umbrella Rank: 25910	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
0	citigroup.net Failed secureaccess.nam.citigroup.net Failed
12	4

	Domain	Requested by
8	admin.livewellatciti.com	admin.livewellatciti.com
2	cdn.quilljs.com	admin.livewellatciti.com
1	fonts.googleapis.com	admin.livewellatciti.com
0	secureaccess.nam.citigroup.net Failed	admin.livewellatciti.com
12	4

This site contains no links.

Subject Issuer	Validity	Valid
www.livewellatciti.com DigiCert EV RSA CA G2	`2022-11-03` - `2023-11-04`	a year	crt.sh
cdn.quilljs.com E1	`2023-09-08` - `2023-12-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 1 frames:

Frame: https://secureaccess.nam.citigroup.net/idp/startSSO.ping?PartnerSpId=GPA-166612-livewelladmin&TargetResource=http%3A%2F%2Fadmin.livewellatciti.com%2Fapi%2Fsso
Frame ID: 6EBA3FFBEEBB91262AB683882E282295
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2273 kB
Transfer

9627 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
admin.livewellatciti.com/ 11 KB
4 KB 734ms
315ms Document
text/html 13.32.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-85.fra56.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 821ebeec8fb960430e7b470e00f81d5eb5787285a0f1564a5c0309c87ec2b82e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Mon, 23 Oct 2023 19:31:31 GMT
etag: W/"649a04f3-2a4b"
last-modified: Mon, 26 Jun 2023 21:36:51 GMT
server: nginx/1.19.10
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-id: EBm4chdMVbXdEZAPafgn5dFR5mqQRVmWIxPUptudhwlBxd9D04zr7w==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront

GET
H2 200 quill.snow.css
cdn.quilljs.com/1.2.2/ 23 KB
4 KB 424ms
32ms Stylesheet
text/css 104.26.2.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.2.2/quill.snow.css

Requested by

Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c99a5c5600b39a3fc8a4b2a47bd9b8c6276f399284c1f32d893852979c5197da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 22:22:45 UTC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1283142
etag: W/"455913274305f030c2944f8de75a0996"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JXoGbvK8%2BMQAbVacuUMX4fabHD%2BpqATa%2Bpk9ZDpoLBskGowiGrgRGGkbrKInMg1XYWKcThKps1ApPLTouodOJdSRYj2fBRTeuIFvyRhhgZIWpkrv2%2B2x0vjhq%2FdVvljvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 81ac669fcd1530d0-FRA

GET
H2 200 quill.bubble.css
cdn.quilljs.com/1.2.2/ 23 KB
4 KB 714ms
322ms Stylesheet
text/css 104.26.2.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.2.2/quill.bubble.css

Requested by

Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

588fc4b888d104066129bb5db7a43b9a3518a80a79ff12055efbcde6fe212b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Mar 2021 22:22:45 UTC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bf72827f7b8ba905583bb96b3cbcecfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FwiIJ3y4sjGifHhqn%2BKj840o90e05I0jGbiU%2FjXrTNHD4XqVub%2BXYE6ILOiYhN2lI3AzNWRXPvVVqgkb04vGadorxhd1LZ4KGA%2FXU979D5IfZN4PjJvNn0S4ztrVl8mbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 81ac669fcd1230d0-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 422ms
33ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto

Requested by

Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

ESF /

Resource Hash

123077a254384fb64891c4849c0c98afcd0edbe913a2889118e25035cfa040b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 19:31:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 19:31:32 GMT

GET
H2 200 runtime.js Show response
admin.livewellatciti.com/ 8 KB
3 KB 123ms
122ms Script
application/javascript 13.32.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.livewellatciti.com/runtime.js
Requested by: Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-85.fra56.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: b03c7b342c2a10e279b01320315918df666fa38778c71be7b14709ec86fc1d7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 21:36:51 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA56-C2
etag: W/"649a04f3-1fbe"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Aoe9f7TbTGXffuJDFrs8vn2d6RtMokrky9DAST7dvQgACCHRIFx38w==

GET
H2 200 polyfills.js Show response
admin.livewellatciti.com/ 477 KB
107 KB 132ms
130ms Script
application/javascript 13.32.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.livewellatciti.com/polyfills.js
Requested by: Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-85.fra56.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 48ce59f3a0d47082059d5da8c3887c60fe0888d0124b3f444f3ebbfa0d68a71a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 21:36:51 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA56-C2
etag: W/"649a04f3-7741c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tOex9sfMCAHM0Wh1aYHpNG8Wjf3GU-iBG5DzhRYCZ_KtcKPF76e-ig==

GET
H2 200 styles.js Show response
admin.livewellatciti.com/ 1012 KB
158 KB 397ms
396ms Script
application/javascript 13.32.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.livewellatciti.com/styles.js
Requested by: Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-85.fra56.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: be336f2bc8205d38aa560d47030740fb544fb9885bc8e930bb405ea9e4489a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 21:36:51 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA56-C2
etag: W/"649a04f3-fd004"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 20Wu7ml2-m3LTqa0-kz5I-7c9qRgymj-r9gr9jJ3bMrAp4_4kEK9ig==

GET
H2 200 scripts.js Show response
admin.livewellatciti.com/ 1 MB
521 KB 411ms
409ms Script
application/javascript 13.32.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.livewellatciti.com/scripts.js
Requested by: Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-85.fra56.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 2cef51eec73266c79c742f0e0ef74ae31f90b95a22fb60173df1c218d988c3ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 21:36:51 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA56-C2
etag: W/"649a04f3-14db90"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bbBpbtEMeLXn4kGM4cDMhWA2GdM6CLJO3_8yfu9vCy9qbIKeMRvehA==

GET
H2 200 vendor.js Show response
admin.livewellatciti.com/ 6 MB
1 MB 440ms
439ms Script
application/javascript 13.32.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.livewellatciti.com/vendor.js
Requested by: Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-85.fra56.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 1dbff3fedbce9310afda956e53bd555a27fe801adefcbc609b24173ddb9aa082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 21:36:51 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA56-C2
etag: W/"649a04f3-613868"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tW6dTZDKwBYjEb6Iui4UJvHbVN8VRQe7HieU0FXVDC0486zf69XSHw==

GET
H2 200 main.js Show response
admin.livewellatciti.com/ 511 KB
79 KB 439ms
438ms Script
application/javascript 13.32.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.livewellatciti.com/main.js
Requested by: Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-85.fra56.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 4160bb777f5d762103ff98a4dfc371c4a18fdc606c34018c75f98cb7da90fc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:31:32 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 21:36:51 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA56-C2
etag: W/"649a04f3-7fb5e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nyUq2D6rbimBXYcP9Rkl-CcOcPREKWjiMv6Ur-8Ol3zDBBb3NaKg3Q==

GET
H2 200 appConfig.json
admin.livewellatciti.com/assets/data/ 1 KB
1 KB 130ms
129ms XHR
application/json 13.32.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.livewellatciti.com/assets/data/appConfig.json
Requested by: Host: admin.livewellatciti.com
URL: https://admin.livewellatciti.com/polyfills.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-85.fra56.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://admin.livewellatciti.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

date: Mon, 23 Oct 2023 19:31:34 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 21:36:51 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA56-C2
etag: W/"649a04f3-413"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -j9J0NCaGL4h6pbvkze5mfczcJLf0ZKVAiZmVxkjSjhbzB8vCxPZvQ==

GET startSSO.ping
secureaccess.nam.citigroup.net/idp/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secureaccess.nam.citigroup.net
URL: https://secureaccess.nam.citigroup.net/idp/startSSO.ping?PartnerSpId=GPA-166612-livewelladmin&TargetResource=http%3A%2F%2Fadmin.livewellatciti.com%2Fapi%2Fsso

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			admin.livewellatciti.com/	1970-01-20 15:51:34	Name: AWSALB Value: xyEdixBKEVn3LHEYoWMcHKWKrUh8o0xbnWEb9l+rGE7VwKww51GIFNt5QAZkpjapbN/wDQPrHVhTc51CYCelPAhhPV94z10vb/Xio+dBBFkk3k2B1/yJdZOXnipc
			admin.livewellatciti.com/	1970-01-20 15:51:34	Name: AWSALBCORS Value: xyEdixBKEVn3LHEYoWMcHKWKrUh8o0xbnWEb9l+rGE7VwKww51GIFNt5QAZkpjapbN/wDQPrHVhTc51CYCelPAhhPV94z10vb/Xio+dBBFkk3k2B1/yJdZOXnipc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.livewellatciti.com
cdn.quilljs.com
fonts.googleapis.com
secureaccess.nam.citigroup.net
secureaccess.nam.citigroup.net
104.26.2.153
13.32.27.85
172.217.18.10
123077a254384fb64891c4849c0c98afcd0edbe913a2889118e25035cfa040b8
1dbff3fedbce9310afda956e53bd555a27fe801adefcbc609b24173ddb9aa082
2cef51eec73266c79c742f0e0ef74ae31f90b95a22fb60173df1c218d988c3ed
4160bb777f5d762103ff98a4dfc371c4a18fdc606c34018c75f98cb7da90fc8b
48ce59f3a0d47082059d5da8c3887c60fe0888d0124b3f444f3ebbfa0d68a71a
588fc4b888d104066129bb5db7a43b9a3518a80a79ff12055efbcde6fe212b56
821ebeec8fb960430e7b470e00f81d5eb5787285a0f1564a5c0309c87ec2b82e
b03c7b342c2a10e279b01320315918df666fa38778c71be7b14709ec86fc1d7d
be336f2bc8205d38aa560d47030740fb544fb9885bc8e930bb405ea9e4489a1f
c99a5c5600b39a3fc8a4b2a47bd9b8c6276f399284c1f32d893852979c5197da

admin.livewellatciti.com Open in urlscan Pro 13.32.27.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

2273 kBTransfer

9627 kBSize

2 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

admin.livewellatciti.com Open in urlscan Pro
13.32.27.85 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2273 kB
Transfer

9627 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions