uat.admin.livewellatciti.com Open in urlscan Pro
2600:9000:2491:400:18:9172:a3c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uat.admin.livewellatciti.com/
Submission: On October 18 via automatic, source certstream-suspicious (October 18th 2023, 2:45:36 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2600:9000:2491:400:18:9172:a3c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is uat.admin.livewellatciti.com.
TLS certificate: Issued by DigiCert EV RSA CA G2 on October 31st 2022. Valid for: a year.

This is the only time uat.admin.livewellatciti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2600:9000:249... 2600:9000:2491:400:18:9172:a3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:310... 2606:4700:3108::ac42:2b57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
12	4

8 2600:9000:2491:400:18:9172:a3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

uat.admin.livewellatciti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2b57 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quilljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	livewellatciti.com uat.admin.livewellatciti.com	9 MB
2	quilljs.com cdn.quilljs.com — Cisco Umbrella Rank: 25910	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
0	citigroup.net Failed secureaccess.uat.nam.citigroup.net Failed
12	4

	Domain	Requested by
8	uat.admin.livewellatciti.com	uat.admin.livewellatciti.com
2	cdn.quilljs.com	uat.admin.livewellatciti.com
1	fonts.googleapis.com	uat.admin.livewellatciti.com
0	secureaccess.uat.nam.citigroup.net Failed	uat.admin.livewellatciti.com
12	4

This site contains no links.

Subject Issuer	Validity	Valid
uat.livewellatciti.com DigiCert EV RSA CA G2	`2022-10-31` - `2023-11-01`	a year	crt.sh
cdn.quilljs.com E1	`2023-09-08` - `2023-12-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 1 frames:

Frame: https://secureaccess.uat.nam.citigroup.net/idp/startSSO.ping?PartnerSpId=GPA-166612-livewelladmin&TargetResource=http%3A%2F%2Fuat.admin.livewellatciti.com%2Fapi%2Fsso
Frame ID: AFA6C73B4E40794B011BE34F83FC6B34
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

12
Requests

92 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

9611 kB
Transfer

9634 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uat.admin.livewellatciti.com/ 11 KB
11 KB 456ms
334ms Document
text/html 2600:9000:2491:400:18:9172:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:400:18:9172:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 821ebeec8fb960430e7b470e00f81d5eb5787285a0f1564a5c0309c87ec2b82e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 10827
content-type: text/html
date: Wed, 18 Oct 2023 02:45:30 GMT
etag: "6500bf05-2a4b"
last-modified: Tue, 12 Sep 2023 19:41:57 GMT
server: nginx/1.19.10
vary: Accept-Encoding
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-id: rgAAiRhWhuIaRXTxBZH6WPn4iNKOBFqSA2S4lw3rXRK8Iul89xSKJw==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront

GET
H2 200 quill.snow.css
cdn.quilljs.com/1.2.2/ 23 KB
4 KB 152ms
47ms Stylesheet
text/css 2606:4700:3108::ac42:2b57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.2.2/quill.snow.css

Requested by

Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c99a5c5600b39a3fc8a4b2a47bd9b8c6276f399284c1f32d893852979c5197da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 22:22:45 UTC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 790780
etag: W/"455913274305f030c2944f8de75a0996"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SVLiT4o2HjrxlCVFiCOQXdUL7Adk8Af0Vw9hRz6XNZDB9AZhrcWasF1cCjryZajiiulWucjyjhC7%2Fw16sWniD5XyrPmD8LLAZizwnhfWY6gn7ifReBATrrRY9v2sw93nB2gYNTqzTUCX6%2BrHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 817d7212abc3bb37-FRA

GET
H2 200 quill.bubble.css
cdn.quilljs.com/1.2.2/ 23 KB
4 KB 370ms
265ms Stylesheet
text/css 2606:4700:3108::ac42:2b57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.2.2/quill.bubble.css

Requested by

Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

588fc4b888d104066129bb5db7a43b9a3518a80a79ff12055efbcde6fe212b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Mar 2021 22:22:45 UTC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bf72827f7b8ba905583bb96b3cbcecfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw7TdgIKjopcdvQ7KlcvjEBuOhYySw6XvhAGxRKcABGSEIcBTlqEXPpM231%2FhZeAlZpv%2FIq1kvtHnhYIN844cr%2FdTWZ9AnQmTYkHA2EHDJQvLMxmOwGSaHzc%2Bmdeyzt%2BjksHbYCBuVkeeVfKnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 817d7212abc2bb37-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto

Requested by

Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

123077a254384fb64891c4849c0c98afcd0edbe913a2889118e25035cfa040b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Oct 2023 02:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 02:45:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Oct 2023 02:45:30 GMT

GET
H2 200 runtime.js Show response
uat.admin.livewellatciti.com/ 8 KB
9 KB 140ms
138ms Script
application/javascript 2600:9000:2491:400:18:9172:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.admin.livewellatciti.com/runtime.js
Requested by: Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:400:18:9172:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: b03c7b342c2a10e279b01320315918df666fa38778c71be7b14709ec86fc1d7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:30 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 8126
last-modified: Tue, 12 Sep 2023 19:41:57 GMT
server: nginx/1.19.10
etag: "6500bf05-1fbe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hpmcTIfMiEXcI7kfMSj0q8xUea3Z-fkVGc2yHHRzLaJ1DAxOTXmjOw==

GET
H2 200 polyfills.js Show response
uat.admin.livewellatciti.com/ 477 KB
479 KB 146ms
145ms Script
application/javascript 2600:9000:2491:400:18:9172:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.admin.livewellatciti.com/polyfills.js
Requested by: Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:400:18:9172:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 48ce59f3a0d47082059d5da8c3887c60fe0888d0124b3f444f3ebbfa0d68a71a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:30 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 488476
last-modified: Tue, 12 Sep 2023 19:41:57 GMT
server: nginx/1.19.10
etag: "6500bf05-7741c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 14hGlMTXfv8i5OnZx2elSbOX7zrqNAYMPGcGUXjXPOxsckQPN5eyTA==

GET
H2 200 styles.js Show response
uat.admin.livewellatciti.com/ 1012 KB
1014 KB 449ms
448ms Script
application/javascript 2600:9000:2491:400:18:9172:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.admin.livewellatciti.com/styles.js
Requested by: Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:400:18:9172:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: be336f2bc8205d38aa560d47030740fb544fb9885bc8e930bb405ea9e4489a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:30 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 1036292
last-modified: Tue, 12 Sep 2023 19:41:57 GMT
server: nginx/1.19.10
etag: "6500bf05-fd004"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KSP8YVZEaze6gQwYYLhEKrC-1aYNs5NFnFpgNp-52K_1coDd6ZuS6w==

GET
H2 200 scripts.js Show response
uat.admin.livewellatciti.com/ 1 MB
1 MB 464ms
463ms Script
application/javascript 2600:9000:2491:400:18:9172:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.admin.livewellatciti.com/scripts.js
Requested by: Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:400:18:9172:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2cef51eec73266c79c742f0e0ef74ae31f90b95a22fb60173df1c218d988c3ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:30 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 1366928
last-modified: Tue, 12 Sep 2023 19:41:57 GMT
server: nginx/1.19.10
etag: "6500bf05-14db90"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kcETaH4mPJbQa8qJcdmLWWkJk0wnJ6MQZvfHxBkuGoTcmYRE7BAa1A==

GET
H2 200 vendor.js Show response
uat.admin.livewellatciti.com/ 6 MB
6 MB 409ms
408ms Script
application/javascript 2600:9000:2491:400:18:9172:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.admin.livewellatciti.com/vendor.js
Requested by: Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:400:18:9172:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 1dbff3fedbce9310afda956e53bd555a27fe801adefcbc609b24173ddb9aa082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:30 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 6371432
last-modified: Tue, 12 Sep 2023 19:41:57 GMT
server: nginx/1.19.10
etag: "6500bf05-613868"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wdNt_NhLguuFw0y0o4mv2b_mtmU8O9eqNE8Lvd0TErVDgvmTNz6d-g==

GET
H2 200 main.js Show response
uat.admin.livewellatciti.com/ 519 KB
520 KB 468ms
467ms Script
application/javascript 2600:9000:2491:400:18:9172:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.admin.livewellatciti.com/main.js
Requested by: Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:400:18:9172:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 505b3621aed6d8bc676143ff980d665aeac1a1f0c78a4024a759647aa55d6f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.admin.livewellatciti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:30 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 531048
last-modified: Tue, 12 Sep 2023 19:41:57 GMT
server: nginx/1.19.10
etag: "6500bf05-81a68"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8loFQbFP7DRKFRzEzGGiraNCcxzpK_Klz3gq-YPnP3gcUu4dYRNJoQ==

GET
H2 200 appConfig.json
uat.admin.livewellatciti.com/assets/data/ 1 KB
2 KB 137ms
137ms XHR
application/json 2600:9000:2491:400:18:9172:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.admin.livewellatciti.com/assets/data/appConfig.json
Requested by: Host: uat.admin.livewellatciti.com
URL: https://uat.admin.livewellatciti.com/polyfills.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:400:18:9172:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://uat.admin.livewellatciti.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

date: Wed, 18 Oct 2023 02:45:32 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 1043
last-modified: Tue, 12 Sep 2023 19:41:57 GMT
server: nginx/1.19.10
etag: "6500bf05-413"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -6jiCzA7RB5QutP7lVjk2Yvf73Og8Pg0pq0oiKLyvlU5hLDzwrr8FQ==

GET startSSO.ping
secureaccess.uat.nam.citigroup.net/idp/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secureaccess.uat.nam.citigroup.net
URL: https://secureaccess.uat.nam.citigroup.net/idp/startSSO.ping?PartnerSpId=GPA-166612-livewelladmin&TargetResource=http%3A%2F%2Fuat.admin.livewellatciti.com%2Fapi%2Fsso

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			uat.admin.livewellatciti.com/	1970-01-20 15:43:21	Name: AWSALB Value: m4gyTLLRv7Vjk1F0iPtXQGvMLqBWdzg285/p7cJYRK1PkmgwWiFpse3CLfus1hgCfOqR2UEB5DhSL5h4qrwk2MvyS+JIOJr+awx4z61ktt1Q/plfYhPEJuzGljg9
			uat.admin.livewellatciti.com/	1970-01-20 15:43:21	Name: AWSALBCORS Value: m4gyTLLRv7Vjk1F0iPtXQGvMLqBWdzg285/p7cJYRK1PkmgwWiFpse3CLfus1hgCfOqR2UEB5DhSL5h4qrwk2MvyS+JIOJr+awx4z61ktt1Q/plfYhPEJuzGljg9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.quilljs.com
fonts.googleapis.com
secureaccess.uat.nam.citigroup.net
uat.admin.livewellatciti.com
secureaccess.uat.nam.citigroup.net
2600:9000:2491:400:18:9172:a3c0:93a1
2606:4700:3108::ac42:2b57
2a00:1450:4001:803::200a
123077a254384fb64891c4849c0c98afcd0edbe913a2889118e25035cfa040b8
1dbff3fedbce9310afda956e53bd555a27fe801adefcbc609b24173ddb9aa082
2cef51eec73266c79c742f0e0ef74ae31f90b95a22fb60173df1c218d988c3ed
48ce59f3a0d47082059d5da8c3887c60fe0888d0124b3f444f3ebbfa0d68a71a
505b3621aed6d8bc676143ff980d665aeac1a1f0c78a4024a759647aa55d6f8c
588fc4b888d104066129bb5db7a43b9a3518a80a79ff12055efbcde6fe212b56
821ebeec8fb960430e7b470e00f81d5eb5787285a0f1564a5c0309c87ec2b82e
b03c7b342c2a10e279b01320315918df666fa38778c71be7b14709ec86fc1d7d
be336f2bc8205d38aa560d47030740fb544fb9885bc8e930bb405ea9e4489a1f
c99a5c5600b39a3fc8a4b2a47bd9b8c6276f399284c1f32d893852979c5197da

uat.admin.livewellatciti.com Open in urlscan Pro 2600:9000:2491:400:18:9172:a3c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

12 Requests

92 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

9611 kBTransfer

9634 kBSize

2 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

uat.admin.livewellatciti.com Open in urlscan Pro
2600:9000:2491:400:18:9172:a3c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

9611 kB
Transfer

9634 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions