urlscan.io logo urlscan.io
SecurityTrails logo

citizensfb.uat.pos.firstclose.com Open in urlscan Pro
2606:4700:20::681a:d7a  Public Scan

Go To Rescan Add Verdict Report
URL: https://citizensfb.uat.pos.firstclose.com/
Submission: On August 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2606:4700:20::681a:d7a, located in United States and belongs to CLOUDFLARENET, US. The main domain is citizensfb.uat.pos.firstclose.com.
TLS certificate: Issued by E6 on August 14th 2024. Valid for: 3 months.
This is the only time citizensfb.uat.pos.firstclose.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
12 3
Apex Domain
Subdomains		 Transfer
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
maps.googleapis.com — Cisco Umbrella Rank: 567
107 KB
4 firstclose.com
citizensfb.uat.pos.firstclose.com
733 KB
0 dvnfo.com Failed
js.dvnfo.com Failed
0 finicity.com Failed
connect2.finicity.com Failed
12 4
Domain Requested by
4 citizensfb.uat.pos.firstclose.com citizensfb.uat.pos.firstclose.com
2 maps.googleapis.com citizensfb.uat.pos.firstclose.com
2 fonts.googleapis.com citizensfb.uat.pos.firstclose.com
0 js.dvnfo.com Failed citizensfb.uat.pos.firstclose.com
0 connect2.finicity.com Failed citizensfb.uat.pos.firstclose.com
12 5

This site contains no links.

Subject Issuer Validity Valid
citizensfb.uat.pos.firstclose.com
E6		 2024-08-14 -
2024-11-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://citizensfb.uat.pos.firstclose.com/
Frame ID: E0F1884255EB027EB4A97A2D5EBF4DC5
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

12
Requests

67 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

839 kB
Transfer

3698 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citizensfb.uat.pos.firstclose.com/ 		60 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citizensfb.uat.pos.firstclose.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f72f8df9e3b8276f3ce9745f1890309fb4fd32ea1e1493210913e0084db2c570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8b32b7cfbb3035e2-FRA
content-encoding
br
content-type
text/html
date
Wed, 14 Aug 2024 17:38:21 GMT
last-modified
Fri, 26 Jul 2024 15:40:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WRL20SldSXS%2BmDCjlK%2F8TkT0v%2BRxNunbEJeXmGLDRdjVuR1g52L0MHB86Q2ucJu1ceP9m%2BrQnSm1niY7xAHDsnn3Hc%2B6fCWnNgxQ1PAASGQd9QjFZ2n1ogmR5rVOhclOYWnXbp2n1mT%2FCQi9%2BsLtw6ufXVhHmpSMEp9WSsOQOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
css2
fonts.googleapis.com/ 		30 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: citizensfb.uat.pos.firstclose.com
URL: https://citizensfb.uat.pos.firstclose.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13471b4283cd0eef752d70c2994923d831d67a5a1c840f2a76a9c05e23f9f72f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizensfb.uat.pos.firstclose.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Aug 2024 17:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Aug 2024 16:05:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Aug 2024 17:38:21 GMT
css2
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: citizensfb.uat.pos.firstclose.com
URL: https://citizensfb.uat.pos.firstclose.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fac3126785fe484d84d628fe63d59a0b580371b3099363b11964c3836346ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizensfb.uat.pos.firstclose.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Aug 2024 17:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Aug 2024 17:38:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Aug 2024 17:38:21 GMT
all.css
citizensfb.uat.pos.firstclose.com/fontawesome/css/ 		626 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizensfb.uat.pos.firstclose.com/fontawesome/css/all.css
Requested by
Host: citizensfb.uat.pos.firstclose.com
URL: https://citizensfb.uat.pos.firstclose.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c9161358870a1cd264ba665853765bd0da6adb7cd0d4e404e92ae69f8ea253e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://citizensfb.uat.pos.firstclose.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:38:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 15:40:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a3c368-9c65d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtXbKTBFbTtrRfz92hSCl030wknu6surnKPLOqKiA9Zrgt6sLxdMj4L2WJZJMpcYo8Yr%2BV9kJVBfmTdaxufSl0yXiIj57z1VBc4wial89Bqbqk6skoe7yyWeDr5Blof3WT56%2FRLfL2JbLvLsDPZQXf1rPxiGbi9Wmn%2FA5EKYfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b32b7d1ce7035e2-FRA
js
maps.googleapis.com/maps/api/ 		317 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBeTzEn5UMsdjeNozf_0GaLiJYgxavIXQU&libraries=places
Requested by
Host: citizensfb.uat.pos.firstclose.com
URL: https://citizensfb.uat.pos.firstclose.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
fdf0959c80466522fc778581fa9ff73ab2662e4baacd2a52b3904ae4bf604d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizensfb.uat.pos.firstclose.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105972
x-xss-protection
0
finicity-connect.min.js
connect2.finicity.com/assets/sdk/ 		0
0
devicer.min.js
js.dvnfo.com/ 		0
0
index.48a30164.js
citizensfb.uat.pos.firstclose.com/assets/ 		2 MB
533 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizensfb.uat.pos.firstclose.com/assets/index.48a30164.js
Requested by
Host: citizensfb.uat.pos.firstclose.com
URL: https://citizensfb.uat.pos.firstclose.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe63822d5f00502ac6d717474368ff9e214df44efbd7e1663eb588f8d49ee84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://citizensfb.uat.pos.firstclose.com/
Origin
https://citizensfb.uat.pos.firstclose.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:38:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 15:40:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a3c36d-209500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yq2t3tQ7Xc5gFXPpPpEFpmUWaQK4AtjlJI2w%2FGTuM5c53AypK7Lma3TCbg%2BCypBny7ZK1OVyT%2BA1pyW1Y8Ywy%2B79SD57dw4iI4VQ1DXDm8N6p9q%2B5oBECJPn5jHPaW98Zya1N%2FLVTSmfcCnH0mHCyunwRQk6GOh6cwOF9SoZVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b32b7d2c84a35e2-FRA
index.ce49008c.css
citizensfb.uat.pos.firstclose.com/assets/ 		556 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizensfb.uat.pos.firstclose.com/assets/index.ce49008c.css
Requested by
Host: citizensfb.uat.pos.firstclose.com
URL: https://citizensfb.uat.pos.firstclose.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49fc75c3b5808a1cb6edf70aff05473bc3e47401d78ba867d635b275a0a09c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://citizensfb.uat.pos.firstclose.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:38:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 15:40:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a3c36d-8b1fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7PutfOjCoVrip8rw%2FgFsF%2FtrEf9V5AdJhqCBzQOgxh9oXz0GkYici%2FONBhynwXGqomFfFJVgQx8UUJ8llEtZs2jSLKD7ltTNmxG9CZXk7jwiT0C42HySzEFpb3oQlVP8oGcv68RHnhFXQYvIR53BU%2FjbF%2B2uiOl52afbhc89A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b32b7d2d84f35e2-FRA
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: citizensfb.uat.pos.firstclose.com
URL: https://citizensfb.uat.pos.firstclose.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizensfb.uat.pos.firstclose.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://citizensfb.uat.pos.firstclose.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/ 		0
0
util.js
maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connect2.finicity.com
URL
https://connect2.finicity.com/assets/sdk/finicity-connect.min.js
Domain
js.dvnfo.com
URL
https://js.dvnfo.com/devicer.min.js
Domain
maps.googleapis.com
URL
https://maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/common.js
Domain
maps.googleapis.com
URL
https://maps.googleapis.com/maps-api-v3/api/js/57/13/intl/de_ALL/util.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains