urlscan.io logo urlscan.io
SecurityTrails logo

secureaccessweb.nam.citigroup.com Open in urlscan Pro
199.67.137.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://citi-eem4.nicecloudsvc.com/
Effective URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb5799...
Submission: On July 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 199.67.137.28, located in New York, United States and belongs to CITI15, US. The main domain is secureaccessweb.nam.citigroup.com.
TLS certificate: Issued by DigiCert EV RSA CA G2 on March 6th 2024. Valid for: a year.
This is the only time secureaccessweb.nam.citigroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.213.171.62 14618 (AMAZON-AES)
1 1 192.193.8.23 25883 (CITIGROUP)
1 13 199.67.137.28 3081 (CITI15)
12 1
Apex Domain
Subdomains		 Transfer
14 citigroup.com
secureaccess.nam.citigroup.com — Cisco Umbrella Rank: 517252
secureaccessweb.nam.citigroup.com
475 KB
1 nicecloudsvc.com
citi-eem4.nicecloudsvc.com
1 KB
12 2
Domain Requested by
13 secureaccessweb.nam.citigroup.com 1 redirects secureaccessweb.nam.citigroup.com
1 secureaccess.nam.citigroup.com 1 redirects
1 citi-eem4.nicecloudsvc.com 1 redirects
12 3

This site contains links to these domains. Also see Links.

Domain
www.citigroup.com
Subject Issuer Validity Valid
secureaccessweb.nam.citigroup.com
DigiCert EV RSA CA G2		 2024-03-06 -
2025-03-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Frame ID: 783AFFA35F5B5BE63740BC9E1ADD38B7
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Single Sign-On

Page URL History Show full URLs

  1. https://citi-eem4.nicecloudsvc.com/ HTTP 302
    https://secureaccess.nam.citigroup.com/idp/SSO.saml2?SAMLRequest=nZJfT8IwFMXf/RRL39nGGAwaIEGJkURlYeiDb6W7kyZdO3tb1G... HTTP 302
    https://secureaccessweb.nam.citigroup.com/cfed/smidp/level5ud1/internal/redirect?resumePath=%2Fidp%2F8nC9kW7NDd%2Fresu... HTTP 302
    https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da5... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

473 kB
Transfer

729 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://citi-eem4.nicecloudsvc.com/ HTTP 302
    https://secureaccess.nam.citigroup.com/idp/SSO.saml2?SAMLRequest=nZJfT8IwFMXf/RRL39nGGAwaIEGJkURlYeiDb6W7kyZdO3tb1G9vN/BfTDTx9d72nN%2B5906R1bKhC2f3agNPDtAGwUstFdKuMyPOKKoZCqSK1YDUclosbq5pEsa0MdpqriU5Wy1nBBM%2B6o%2BGZZxk6ThLyyGv4mHGUmCDSTXIBlUFScnGOzYhwT0YFFrNiJchwQrRwUqhZcr6UpykvTjr9ZNtPKHDMR2MHkiw9GhCMdv92lvbII0iBO4MMM4BMfR8IRdWPBrtmpDrOhJlExXFOmyjJCS41IZDF3VGKiYRWuecIYoDfFTyU6ZzoUqhHn8fwO74COnVdpv38nWxJcECEUyLeaEVuhpMAeYgONxtrj/BW84eQJ2Gyre41K7EA%2B%2Bgi73Y7bQEuw8RddR6JVEnPT%2BbtkloNy7zZU2/Q7J3IDL/234afbE4GTb01ouulrmWgr/%2B5z6ChZT6%2BcKvyvpJW%2BOAzI9O37W9YfTzIudv&RelayState=s2c6165d0274874d5cf057a4ea39f373ffe2da8ba9&SigAlg=http://www.w3.org/2000/09/xmldsig%23rsa-sha1&Signature=OvxJ8A26c67J3Z3Y3nuZJIGExbUNCMa1I2smSAldLQZVhEqsEsi0hidomePJlmyUOHqBv07xfa5Lg1ZsE81n/JAqV2FVZ8TtmapohfPKfspd6IFbqVTETEBUxc8oLqeYbxNUooQGl0p3UpFVm2POjdxVqDHoIGc2v57MNWla8c403m8y%2BhxUWBuFsX5w9h1KAMzxV5HrqxYMAv0WlmzGPTmAZvRNrfBhm3MOCOTVB9xZWXXs%2B4VC0cmNIuMEYRDD9xI5sv/xej/s1vRrKjyZ/I7obUMVOW64qMQwvjFQwldEEa72DHrwpfG97xPJU8JXoO9wYBS3I/5%2B9117lYnacQ%3D%3D HTTP 302
    https://secureaccessweb.nam.citigroup.com/cfed/smidp/level5ud1/internal/redirect?resumePath=%2Fidp%2F8nC9kW7NDd%2FresumeSAML20%2Fidp%2FSSO.ping HTTP 302
    https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pfloginprod.fcc
secureaccessweb.nam.citigroup.com/siteminderagent/forms/
Redirect Chain
  • https://citi-eem4.nicecloudsvc.com/
  • https://secureaccess.nam.citigroup.com/idp/SSO.saml2?SAMLRequest=nZJfT8IwFMXf/RRL39nGGAwaIEGJkURlYeiDb6W7kyZdO3tb1G9vN/BfTDTx9d72nN%2B5906R1bKhC2f3agNPDtAGwUstFdKuMyPOKKoZCqSK1YDUclosbq5pEsa0Mdpqri...
  • https://secureaccessweb.nam.citigroup.com/cfed/smidp/level5ud1/internal/redirect?resumePath=%2Fidp%2F8nC9kW7NDd%2FresumeSAML20%2Fidp%2FSSO.ping
  • https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctb...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
f9e913141fec835148dbd1f6f00b72d41b9a9dedbaacf1630fea597805a23825
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 12 Jul 2024 09:58:41 GMT
Keep-Alive
timeout=15, max=99
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
634
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 12 Jul 2024 09:58:41 GMT
Keep-Alive
timeout=15, max=100
Location
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
common.css
secureaccessweb.nam.citigroup.com/siteminderagent/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/css/common.css
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
08283303ed714e7bb8b37c10b1b2517f2757e0733643eb1af3cc85b59e27a891
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2023 19:13:02 GMT
Server
Apache
ETag
"433d-5f3d078622b80-gzip"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
2571
X-XSS-Protection
1; mode=block
bootstrap.min.css
secureaccessweb.nam.citigroup.com/siteminderagent/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/css/bootstrap.min.css
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2023 18:10:22 GMT
Server
Apache
ETag
"2722e-608cab7f3a42b-gzip"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
23794
X-XSS-Protection
1; mode=block
citi_styles.css
secureaccessweb.nam.citigroup.com/siteminderagent/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/css/citi_styles.css
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
2935160bada614901fa66261beb295b4d482daeec4e0ab18e8488a9e6de90f97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2023 19:13:02 GMT
Server
Apache
ETag
"27bc-5f3d078622b80-gzip"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
2979
X-XSS-Protection
1; mode=block
form_citi.css
secureaccessweb.nam.citigroup.com/siteminderagent/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/css/form_citi.css
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
06ad94947237813a50a93d8543e1e9e392f5171daff2c08d476f0334f5f14dae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2023 19:13:02 GMT
Server
Apache
ETag
"4f9-5f3d078622b80-gzip"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
571
X-XSS-Protection
1; mode=block
modernizr.js
secureaccessweb.nam.citigroup.com/siteminderagent/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/js/modernizr.js
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
fe61eddfbaa8612d6003a4db00d323c90080e77a319e0c5ddc58a5e6199333c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2023 19:13:03 GMT
Server
Apache
ETag
"2313-5f3d078716dc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
3936
X-XSS-Protection
1; mode=block
global_header_logo_temp.png
secureaccessweb.nam.citigroup.com/siteminderagent/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/images/global_header_logo_temp.png
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
c5619bb5041d8fdf91cf2f759fe73c5e3bd7b9973d4fbb6396a462209ea9452d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Last-Modified
Fri, 03 Feb 2023 19:13:05 GMT
Server
Apache
ETag
"19f4-5f3d0788ff240"
X-Frame-Options
DENY
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
6644
X-XSS-Protection
1; mode=block
sso_logo.png
secureaccessweb.nam.citigroup.com/siteminderagent/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/images/sso_logo.png
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
c6c809191dde6c3b2d7d3055a4e429475618924615be6a06dc0348737bd4b89f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Last-Modified
Fri, 03 Feb 2023 19:13:06 GMT
Server
Apache
ETag
"106c-5f3d0789f3480"
X-Frame-Options
DENY
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
4204
X-XSS-Protection
1; mode=block
jquery-3.6.0.min.js
secureaccessweb.nam.citigroup.com/siteminderagent/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/js/jquery-3.6.0.min.js
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2023 19:13:03 GMT
Server
Apache
ETag
"15d9d-5f3d078716dc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
30830
X-XSS-Protection
1; mode=block
bootstrap.min.js
secureaccessweb.nam.citigroup.com/siteminderagent/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/js/bootstrap.min.js
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2023 19:13:03 GMT
Server
Apache
ETag
"e2de-5f3d078716dc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
15377
X-XSS-Protection
1; mode=block
body-blue.jpg
secureaccessweb.nam.citigroup.com/siteminderagent/images/ 		374 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureaccessweb.nam.citigroup.com/siteminderagent/images/body-blue.jpg
Requested by
Host: secureaccessweb.nam.citigroup.com
URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/css/citi_styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
d22ee8331756e48ecac636e0b4e39e1e0f1afa9e8c19f593e13359bf5bb9c611
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/css/citi_styles.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Last-Modified
Fri, 03 Feb 2023 19:13:04 GMT
Server
Apache
ETag
"5d9cf-5f3d07880b000"
X-Frame-Options
DENY
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
383439
X-XSS-Protection
1; mode=block
favicon.ico
secureaccessweb.nam.citigroup.com/ 		196 B
662 B 		Other
General
Check archive.org
Download Go to
Full URL
https://secureaccessweb.nam.citigroup.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.67.137.28 New York, United States, ASN3081 (CITI15, US),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-gzhctbB18oIBk2CCL2B1yk8m3akpD8Qc7AX7zL7vczv03eT%2fPScycQf1FS3t9f4FI6%2fzzScthnkt6GISRcaJS5HNQpXLLNYg&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2F8nC9kW7NDd-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 12 Jul 2024 09:58:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
Server
Apache
ntCoent-Length
196
Content-Type
text/html; charset=iso-8859-1
Cache-Control
private
Connection
Keep-Alive
Keep-Alive
timeout=15, max=98
Content-Length
173

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| resetCredFields function| submitForm object| html5 object| Modernizr function| yepnope string| pfurl string| pfnamdns string| pfglobaldns string| smtargeturl number| pathind function| $ function| jQuery object| bootstrap

7 Cookies

Domain/Path Name / Value
citi-eem4.nicecloudsvc.com/ Name: JSESSIONID
Value: 6CE9CC9F647279CBAFB4B4162F7C3533
secureaccess.nam.citigroup.com/ Name: ADRUM_BTa
Value: R:0|g:5e305e5e-f680-410f-bb04-dacb0cfa2f4d|n:customer1_69627296-39c9-4fdc-9f66-3d23f2dcb998
secureaccess.nam.citigroup.com/ Name: SameSite
Value: None
secureaccess.nam.citigroup.com/ Name: ADRUM_BT1
Value: R:0|i:126169|e:60
secureaccess.nam.citigroup.com/ Name: PF
Value: gbkCc1095h7YBctIsglohsn6YiLIWTDnEV7WaifMnLXO
secureaccess.nam.citigroup.com/ Name: B211068
Value: 7ce2a3d99925a539cb7084ea5a52c982b7a14399ced8695a119ac869f27cac7dc41f147b
secureaccessweb.nam.citigroup.com/ Name: B211071
Value: 1116a3dbb45beafb94e57f50fa0d164f051c45c2ae2d39f08aab18835022d2627967377f

1 Console Messages

Source Level URL
Text
network error URL: https://secureaccessweb.nam.citigroup.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block