![](/screenshots/cfc5affd-52ed-46da-8f82-9d5fafd4fec3.png)
uat.admin.livewellatciti.com
Open in
urlscan Pro
2600:9000:2491:400:18:9172:a3c0:93a1
Public Scan
Submission: On October 18 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by DigiCert EV RSA CA G2 on October 31st 2022. Valid for: a year.
This is the only time uat.admin.livewellatciti.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2600:9000:249... 2600:9000:2491:400:18:9172:a3c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700:310... 2606:4700:3108::ac42:2b57 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
12 | 4 |
ASN16509 (AMAZON-02, US)
uat.admin.livewellatciti.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
livewellatciti.com
uat.admin.livewellatciti.com |
9 MB |
2 |
quilljs.com
cdn.quilljs.com — Cisco Umbrella Rank: 25910 |
8 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49 |
1 KB |
0 |
citigroup.net
Failed
secureaccess.uat.nam.citigroup.net Failed |
|
12 | 4 |
Domain | Requested by | |
---|---|---|
8 | uat.admin.livewellatciti.com |
uat.admin.livewellatciti.com
|
2 | cdn.quilljs.com |
uat.admin.livewellatciti.com
|
1 | fonts.googleapis.com |
uat.admin.livewellatciti.com
|
0 | secureaccess.uat.nam.citigroup.net Failed |
uat.admin.livewellatciti.com
|
12 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
uat.livewellatciti.com DigiCert EV RSA CA G2 |
2022-10-31 - 2023-11-01 |
a year | crt.sh |
cdn.quilljs.com E1 |
2023-09-08 - 2023-12-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://secureaccess.uat.nam.citigroup.net/idp/startSSO.ping?PartnerSpId=GPA-166612-livewelladmin&TargetResource=http%3A%2F%2Fuat.admin.livewellatciti.com%2Fapi%2Fsso
Frame ID: AFA6C73B4E40794B011BE34F83FC6B34
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
uat.admin.livewellatciti.com/ |
11 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quill.snow.css
cdn.quilljs.com/1.2.2/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quill.bubble.css
cdn.quilljs.com/1.2.2/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.js
uat.admin.livewellatciti.com/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.js
uat.admin.livewellatciti.com/ |
477 KB 479 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.js
uat.admin.livewellatciti.com/ |
1012 KB 1014 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
uat.admin.livewellatciti.com/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
uat.admin.livewellatciti.com/ |
6 MB 6 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
uat.admin.livewellatciti.com/ |
519 KB 520 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appConfig.json
uat.admin.livewellatciti.com/assets/data/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
startSSO.ping
secureaccess.uat.nam.citigroup.net/idp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secureaccess.uat.nam.citigroup.net
- URL
- https://secureaccess.uat.nam.citigroup.net/idp/startSSO.ping?PartnerSpId=GPA-166612-livewelladmin&TargetResource=http%3A%2F%2Fuat.admin.livewellatciti.com%2Fapi%2Fsso
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
uat.admin.livewellatciti.com/ | Name: AWSALB Value: m4gyTLLRv7Vjk1F0iPtXQGvMLqBWdzg285/p7cJYRK1PkmgwWiFpse3CLfus1hgCfOqR2UEB5DhSL5h4qrwk2MvyS+JIOJr+awx4z61ktt1Q/plfYhPEJuzGljg9 |
|
uat.admin.livewellatciti.com/ | Name: AWSALBCORS Value: m4gyTLLRv7Vjk1F0iPtXQGvMLqBWdzg285/p7cJYRK1PkmgwWiFpse3CLfus1hgCfOqR2UEB5DhSL5h4qrwk2MvyS+JIOJr+awx4z61ktt1Q/plfYhPEJuzGljg9 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.quilljs.com
fonts.googleapis.com
secureaccess.uat.nam.citigroup.net
uat.admin.livewellatciti.com
secureaccess.uat.nam.citigroup.net
2600:9000:2491:400:18:9172:a3c0:93a1
2606:4700:3108::ac42:2b57
2a00:1450:4001:803::200a
123077a254384fb64891c4849c0c98afcd0edbe913a2889118e25035cfa040b8
1dbff3fedbce9310afda956e53bd555a27fe801adefcbc609b24173ddb9aa082
2cef51eec73266c79c742f0e0ef74ae31f90b95a22fb60173df1c218d988c3ed
48ce59f3a0d47082059d5da8c3887c60fe0888d0124b3f444f3ebbfa0d68a71a
505b3621aed6d8bc676143ff980d665aeac1a1f0c78a4024a759647aa55d6f8c
588fc4b888d104066129bb5db7a43b9a3518a80a79ff12055efbcde6fe212b56
821ebeec8fb960430e7b470e00f81d5eb5787285a0f1564a5c0309c87ec2b82e
b03c7b342c2a10e279b01320315918df666fa38778c71be7b14709ec86fc1d7d
be336f2bc8205d38aa560d47030740fb544fb9885bc8e930bb405ea9e4489a1f
c99a5c5600b39a3fc8a4b2a47bd9b8c6276f399284c1f32d893852979c5197da