secureaccessweb.nam.citigroup.com
Open in
urlscan Pro
192.193.8.43
Public Scan
Effective URL: https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb5799...
Submission: On February 21 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 22nd 2022. Valid for: a year.
This is the only time secureaccessweb.nam.citigroup.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2600:9000:214... 2600:9000:214f:3000:d:bf50:3c40:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 3 | 52.200.93.49 52.200.93.49 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 192.193.8.23 192.193.8.23 | 25883 (CITIGROUP) (CITIGROUP) | |
1 12 | 192.193.8.43 192.193.8.43 | 25883 (CITIGROUP) (CITIGROUP) | |
25 | 4 |
ASN16509 (AMAZON-02, US)
portal.citi-eem4.nicecloudsvc.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-93-49.compute-1.amazonaws.com
api.portal.citi-eem4.nicecloudsvc.com | |
citi-eem4.nicecloudsvc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
nicecloudsvc.com
1 redirects
portal.citi-eem4.nicecloudsvc.com api.portal.citi-eem4.nicecloudsvc.com citi-eem4.nicecloudsvc.com Failed |
4 MB |
13 |
citigroup.com
2 redirects
secureaccess.nam.citigroup.com — Cisco Umbrella Rank: 953338 secureaccessweb.nam.citigroup.com |
92 KB |
25 | 2 |
Domain | Requested by | |
---|---|---|
12 | secureaccessweb.nam.citigroup.com |
1 redirects
portal.citi-eem4.nicecloudsvc.com
secureaccessweb.nam.citigroup.com |
11 | portal.citi-eem4.nicecloudsvc.com |
portal.citi-eem4.nicecloudsvc.com
|
2 | api.portal.citi-eem4.nicecloudsvc.com |
portal.citi-eem4.nicecloudsvc.com
|
1 | secureaccess.nam.citigroup.com | 1 redirects |
1 | citi-eem4.nicecloudsvc.com |
portal.citi-eem4.nicecloudsvc.com
|
25 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.citigroup.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
citi-eem4.nicecloudsvc.com Amazon |
2022-09-10 - 2023-10-09 |
a year | crt.sh |
secureaccessweb.nam.citigroup.com DigiCert SHA2 Extended Validation Server CA |
2022-06-22 - 2023-07-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=P2dBloMFdUuAMpB9mzhH3xNxCEJB3aq5s2Z77FyKnFv9XiptVFx5NyBfKyEzzF871XmxgrqDQZFcoL3ca9fb7Cwg7wxUosn3&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2FjKO7Q-%2FresumeSAML20-%2Fidp-%2FSSO%2eping
Frame ID: 0A9039ED4F291157CEC1DAD70302F125
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Single Sign-OnPage URL History Show full URLs
- https://portal.citi-eem4.nicecloudsvc.com/ Page URL
-
https://citi-eem4.nicecloudsvc.com/
HTTP 302
https://secureaccess.nam.citigroup.com/idp/SSO.saml2?SAMLRequest=hZJPT4MwGMa%2FCul9FApT0gySuR1cMt0y0IMXU8q7rQm02LdM... HTTP 302
https://secureaccessweb.nam.citigroup.com/cfed/smidp/level5ud1/internal/redirect?resumePath=%2Fidp%2FjKO7Q%2FresumeSAM... HTTP 302
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da5... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://portal.citi-eem4.nicecloudsvc.com/ Page URL
-
https://citi-eem4.nicecloudsvc.com/
HTTP 302
https://secureaccess.nam.citigroup.com/idp/SSO.saml2?SAMLRequest=hZJPT4MwGMa%2FCul9FApT0gySuR1cMt0y0IMXU8q7rQm02LdM%2FfbC0Dgv8%2Fw%2B%2FT1%2F0hmKpm75vHNHvYO3DtB5H02tkZ8PKems5kagQq5FA8id5Pn8Yc2ZH%2FDWGmekqYk3RwTrlNELo7FrwOZgT0rC026dkqNzLXJKpXJqAtDEvu5PsjZdhSfpS9PQ%2FKjK0tTgjj6ioYMDo9tNXhBv2UdSWgzwXxSC7CwIKQHR74P5A%2FtgTdeecapqaZ5v%2FKEDI95qmZLXOErCuIripLqNArHfV1ECMgz3ibhh4bQcZIgdrDQ6oV1KWMCiScAmLCyCmEdTztgL8bbfle%2BUrpQ%2BXN%2BnHEXI74tiOxnrPIPFc5VeQLLZkJCfje3F7tex4mdskv0%2F7YxeWIx%2BLX%2Fsmavl1tRKfnrzujbvi35NBykJCc3GJ38%2FRfYF&RelayState=ss%3Amem%3Ab4864cbb2f82ed6c76ae42e7c003db9bf45b088ab9ed7bd49f2727ebc50915a8&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=n3YHqk8nCVFB738u6m6wLgZtP1Kxh77tHeG5sAOar9tC5CgP1EleTuz9tpJI6spul91QwcpKM5bwpK8giEiEWXZ%2FOO5ads%2B51H3EcILDbzxsQyP2n%2FkEu1jUCedo26P9ok2D9ELPEwx63Gvob9op%2FoLkoXHXT%2Fu75ShpUcRVup5OXHEI5Q%2BfWthnuEGt62TN2BDeuBkc00v5cZZAHk3Slq2O9LBHNttoHprtz7y4Ti5DaOnexXGVmMfFqCzgYTVhJ8pMpYdbC7SHuaOwXKK4A0wJtYpYiEoYxFnD%2F0RaRWRXx79U5sLssS9uT0npFzzMGpD8qXD0VVotDNrq2F3rnQ%3D%3D HTTP 302
https://secureaccessweb.nam.citigroup.com/cfed/smidp/level5ud1/internal/redirect?resumePath=%2Fidp%2FjKO7Q%2FresumeSAML20%2Fidp%2FSSO.ping HTTP 302
https://secureaccessweb.nam.citigroup.com/siteminderagent/forms/pfloginprod.fcc?TYPE=33554433&REALMOID=06-79664f72-da53-10de-87fc-84fb57990000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=P2dBloMFdUuAMpB9mzhH3xNxCEJB3aq5s2Z77FyKnFv9XiptVFx5NyBfKyEzzF871XmxgrqDQZFcoL3ca9fb7Cwg7wxUosn3&TARGET=-SM-%2fcfed%2fsmidp%2flevel5ud1%2finternal%2fredirect%3fresumePath%3d-%2Fidp-%2FjKO7Q-%2FresumeSAML20-%2Fidp-%2FSSO%2eping Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
portal.citi-eem4.nicecloudsvc.com/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-es2015.ba292eb46bf8b1a69444.js
portal.citi-eem4.nicecloudsvc.com/ |
4 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills-es2015.3151374b1c89e0872161.js
portal.citi-eem4.nicecloudsvc.com/ |
37 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.3911a68e60eabf49861e.js
portal.citi-eem4.nicecloudsvc.com/ |
476 KB 477 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-es2015.70c860e7bd936d922b3b.js
portal.citi-eem4.nicecloudsvc.com/ |
3 MB 3 MB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.7065a3822fe9a814875e.css
portal.citi-eem4.nicecloudsvc.com/ |
247 KB 248 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v14-latin-300.c3ed3fda27a72025512d.woff2
portal.citi-eem4.nicecloudsvc.com/ |
14 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
portal.citi-eem4.nicecloudsvc.com/app-shell/src/assets/i18n/ |
4 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
423-es2015.87e275f2f81d3369bf37.js
portal.citi-eem4.nicecloudsvc.com/ |
59 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
50-es2015.9b4623b6462162a01d74.js
portal.citi-eem4.nicecloudsvc.com/ |
78 KB 79 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
279-es2015.7f03ad1999bb65c8de63.js
portal.citi-eem4.nicecloudsvc.com/ |
20 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meta-data
api.portal.citi-eem4.nicecloudsvc.com/web-back-end/v1/ |
325 B 902 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
meta-data
api.portal.citi-eem4.nicecloudsvc.com/web-back-end/v1/ |
0 0 |
Preflight
application/vnd.sun.wadl+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
citi-eem4.nicecloudsvc.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
pfloginprod.fcc
secureaccessweb.nam.citigroup.com/siteminderagent/forms/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
secureaccessweb.nam.citigroup.com/siteminderagent/css/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
secureaccessweb.nam.citigroup.com/siteminderagent/css/ |
102 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi_styles.css
secureaccessweb.nam.citigroup.com/siteminderagent/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form_citi.css
secureaccessweb.nam.citigroup.com/siteminderagent/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.js
secureaccessweb.nam.citigroup.com/siteminderagent/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global_header_logo_temp.png
secureaccessweb.nam.citigroup.com/siteminderagent/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso_logo.png
secureaccessweb.nam.citigroup.com/siteminderagent/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
secureaccessweb.nam.citigroup.com/siteminderagent/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
secureaccessweb.nam.citigroup.com/siteminderagent/js/ |
57 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body-blue.jpg
secureaccessweb.nam.citigroup.com/siteminderagent/images/ |
176 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- citi-eem4.nicecloudsvc.com
- URL
- https://citi-eem4.nicecloudsvc.com/
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| resetCredFields function| submitForm object| html5 object| Modernizr function| yepnope string| pfurl string| pfnamdns string| pfglobaldns string| smtargeturl string| postprsvdata number| pathind undefined| target undefined| ind undefined| pftarget undefined| flag undefined| validtargetcheckindex undefined| decodedURL3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secureaccess.nam.citigroup.com/ | Name: PF Value: sN18W5zslhHXQ9exJhlFjKTd8nFuRQeBBgKstGItMhZc |
|
secureaccess.nam.citigroup.com/ | Name: B211068 Value: 30dfa3dbab66bc153370605e6a199ecc4af2adf6b341f8a54eb5bb4872d8d1dd2d39bc0e |
|
secureaccessweb.nam.citigroup.com/ | Name: B211070 Value: 30dfa3db4c8d10d1b3f4ce07f4d7cab94e789914d5e896443a8551bdd3dda7577617321d |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | object-src 'none'; default-src 'self' *.nicecloudsvc.com *.niceondemand.com *.nicecloudsvc-stg1.com *.nicecloudsvc-tst.com; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' |
Strict-Transport-Security | max-age=31536000; includeSubdomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.portal.citi-eem4.nicecloudsvc.com
citi-eem4.nicecloudsvc.com
portal.citi-eem4.nicecloudsvc.com
secureaccess.nam.citigroup.com
secureaccessweb.nam.citigroup.com
citi-eem4.nicecloudsvc.com
192.193.8.23
192.193.8.43
2600:9000:214f:3000:d:bf50:3c40:93a1
52.200.93.49
06ad94947237813a50a93d8543e1e9e392f5171daff2c08d476f0334f5f14dae
08283303ed714e7bb8b37c10b1b2517f2757e0733643eb1af3cc85b59e27a891
175af22aa50cf8372a107bdfe7f9203ee127469b8724d799c7b0fafc28814e90
18535ba6a4138d277dd4cbcce4b7f815cf60804a414950cae9943d01d13da56c
21bcab1d4b74d8954800c73a112a8ccd0e5d40729a025fcd98150bdaa80c359a
2935160bada614901fa66261beb295b4d482daeec4e0ab18e8488a9e6de90f97
3605cc006cc1397a1357ae85efaa10b5f5b20f3009cd2cff310a65079c036de6
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
4ee50041020ee7e4d82136bc7553f85d1fb8bf2cb74bd09f443399dae261c483
5a04881e14b55b4a284c3b016b8cfb7ac94f714568d4476dc3bf71808bc0f92e
6d4e6411edf6dcbd63b28d709617d074f6673c959ad9fb040a6e523b64302367
79ee567ee4c1c754fcfc3704f3b5c572bca014c1e3539c3a1219eafc1ce77ba3
7dc5092ece8f155f1a2997b6770cd93d5d9974c8f6246011892bc46deaf32a5d
86c44cbbf18612a10fdfa14947c9e2ae33e2f3d695052576a8e06b27ca05695d
abe29634d5a2683e76e5010970de3993ea6f16ca380f2cd5f24ffe274384124f
b68039b4d7384722e9727ef1734554cb835c053504d06e3e023f03fb979aa85d
c5619bb5041d8fdf91cf2f759fe73c5e3bd7b9973d4fbb6396a462209ea9452d
c607d97d26c47c66aaffb9b004254f3b39f536a1a20cd07ddeb2fc5572b15ca1
c6c809191dde6c3b2d7d3055a4e429475618924615be6a06dc0348737bd4b89f
fe61eddfbaa8612d6003a4db00d323c90080e77a319e0c5ddc58a5e6199333c8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e