urlscan.io logo urlscan.io
SecurityTrails logo

admin.citiz-on.com Open in urlscan Pro
82.223.10.86  Public Scan

Go To Rescan Add Verdict Report
URL: https://admin.citiz-on.com/
Submission: On March 26 via automatic, source certstream-suspicious — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 82.223.10.86, located in Navalvillar de Pela, Spain and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is admin.citiz-on.com.
TLS certificate: Issued by R3 on March 26th 2023. Valid for: 3 months.
This is the only time admin.citiz-on.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 82.223.10.86 8560 (IONOS-AS ...)
1 192.229.221.25 15133 (EDGECAST)
2 151.101.193.21 54113 (FASTLY)
6 3
Apex Domain
Subdomains		 Transfer
3 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2415
www.sandbox.paypal.com — Cisco Umbrella Rank: 35290
76 KB
3 citiz-on.com
admin.citiz-on.com
174 KB
6 2
Domain Requested by
3 admin.citiz-on.com admin.citiz-on.com
2 www.sandbox.paypal.com www.paypal.com
1 www.paypal.com admin.citiz-on.com
6 3

This site contains no links.

Subject Issuer Validity Valid
admin.citiz-on.com
R3		 2023-03-26 -
2023-06-24		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-09 -
2023-12-10		 a year crt.sh
www.sandbox.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-01-19 -
2024-02-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://admin.citiz-on.com/
Frame ID: 6677BE82638A619A642408E8BA52AA4B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

React App

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

251 kB
Transfer

442 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
admin.citiz-on.com/ 		913 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.citiz-on.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.223.10.86 Navalvillar de Pela, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c18102b178f20fe2ddf7578dbec2c16c0455c5f0e0c8289e92db2fb74872cab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Language
es
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Date
Sun, 26 Mar 2023 17:09:46 GMT
Referrer-Policy
same-origin
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Language, Origin
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
js
www.paypal.com/sdk/ 		267 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AZ8f8fSdIH1kgwp1hvVRoSehSWdtBLfeqd8ihHM1-0hkuCl2Lyc4eVNkcIosF8VWnkBzDO2nUTQ5Da_C&currency=EUR
Requested by
Host: admin.citiz-on.com
URL: https://admin.citiz-on.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35B4) /
Resource Hash
a379d1e728a4dff8363c3a3f1915d0c651d5f04974466ba49e0da232115b2697
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-SjmEK7tIIucRL3SKz4AHODvNlPwrbYzDRNmbRGdM9X4xYm6x' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-SjmEK7tIIucRL3SKz4AHODvNlPwrbYzDRNmbRGdM9X4xYm6x' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-SjmEK7tIIucRL3SKz4AHODvNlPwrbYzDRNmbRGdM9X4xYm6x' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-SjmEK7tIIucRL3SKz4AHODvNlPwrbYzDRNmbRGdM9X4xYm6x' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 26 Mar 2023 17:09:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
true
paypal-debug-id
07775ba7b3256
server-timing
traceparent;desc="00-000000000000000000007775ba7b3256-593fca3cd15e7d08-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
75160
x-xss-protection
1; mode=block
server
ECAcc (lhd/35B4)
traceparent
00-000000000000000000007775ba7b3256-ca24e48624384f8b-01
etag
W/"12598-vW0YMSzCw7ZMpDRpN3hNWHp95Fc"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
timing-allow-origin
*
main.5e3c65ad.js
admin.citiz-on.com/static/js/ 		165 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.citiz-on.com/static/js/main.5e3c65ad.js
Requested by
Host: admin.citiz-on.com
URL: https://admin.citiz-on.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.223.10.86 Navalvillar de Pela, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5e0ec6cdaa43b15dc8b788b9737c984b54fe6c09d23cbe73811f06b733f80cac

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://admin.citiz-on.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sun, 26 Mar 2023 17:09:46 GMT
Last-Modified
Sat, 25 Mar 2023 13:11:07 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"641ef2eb-293c2"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
168898
main.0d075500.css
admin.citiz-on.com/static/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.citiz-on.com/static/css/main.0d075500.css
Requested by
Host: admin.citiz-on.com
URL: https://admin.citiz-on.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.223.10.86 Navalvillar de Pela, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
37bd09634e49c1263e11880ba9c23fda118a4aae03aedb6c13c04e8d4b8644f9

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://admin.citiz-on.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sun, 26 Mar 2023 17:09:46 GMT
Last-Modified
Sat, 25 Mar 2023 13:11:07 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"641ef2eb-2056"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8278
logger
www.sandbox.paypal.com/xoplatform/logger/api/ 		1010 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AZ8f8fSdIH1kgwp1hvVRoSehSWdtBLfeqd8ihHM1-0hkuCl2Lyc4eVNkcIosF8VWnkBzDO2nUTQ5Da_C&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8f7d36b311d2386cff0722a26dc1eef17550d076d5a0a621a9b0c686a4a2fd59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/json

Response headers

date
Sun, 26 Mar 2023 17:09:48 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f186654225ea8
server-timing
content-encoding;desc=br
x-served-by
cache-lhr7331-LHR, cache-mad22027-MAD
accept-ch
Sec-CH-UA-Full
x-timer
S1679850588.425612,VS0,VE169
etag
W/"3f2-NmQBsSQGappK5RIZYi3Tr91OUn0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.citiz-on.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0, 0
logger
www.sandbox.paypal.com/xoplatform/logger/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.citiz-on.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Full
accept-ranges
none
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://admin.citiz-on.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
date
Sun, 26 Mar 2023 17:09:48 GMT
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f1866544db42a
server-timing
content-encoding;desc=br
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
accept-encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr7322-LHR, cache-mad22027-MAD
x-timer
S1679850588.179755,VS0,VE180

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| __post_robot_11_0_0___uid_nlrfqkrdjrrjdriisejljfrdcclpzf object| paypal object| __zoid_10_1_0___uid_nlrfqkrdjrrjdriisejljfrdcclpzf function| logr

4 Cookies

Domain/Path Name / Value
.paypal.com/ Name: tsrce
Value: clientsdknodeweb
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1774544986%26vteXpYrS%3D1679852386%26vr%3D1ee5c2551870a7a09a3aade7fb58cf72%26vt%3D1ee5c2551870a7a09a3aade7fb58cf71%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D1ee5c2551870a7a09a3aade7fb58cf72%26vt%3D1ee5c2551870a7a09a3aade7fb58cf71

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY