citiexpresspayment.network Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citiexpresspayment.network/
Submission Tags: falconsandbox
Submission: On October 04 via api (October 4th 2024, 4:08:48 am UTC) from US — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is citiexpresspayment.network.
TLS certificate: Issued by WE1 on September 29th 2024. Valid for: 3 months.

This is the only time citiexpresspayment.network was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
11	3

8 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

citiexpresspayment.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	citiexpresspayment.network citiexpresspayment.network	421 KB
2	gstatic.com fonts.gstatic.com	81 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
11	3

	Domain	Requested by
8	citiexpresspayment.network	citiexpresspayment.network
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	citiexpresspayment.network
11	3

This site contains no links.

Subject Issuer	Validity	Valid
citiexpresspayment.network WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://citiexpresspayment.network/
Frame ID: 63D2264B9E07ED81E79EA3B8BC6F0E03
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citi Express Payment - Your fast, secure, and reliable remittance centers

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

504 kB
Transfer

786 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
citiexpresspayment.network/ 3 KB
2 KB 891ms
850ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citiexpresspayment.network/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b627db8730478284bee5e111278e77ca9bf37590b7bcd820de59b730dbc356fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cd24fe9ab891e85-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 04 Oct 2024 04:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e48CzAq5XDL%2FC174FyCINLSSiRBunK44AKrj6TeCroSnDreS%2BzfbHVFgk3tQnXIryAllScShCl1mjTy9XGGz0YDR22oo4WPsjjl%2FwDCZ9baJyMSM7iZFsmn4nz8YXZhPXm%2F5%2Bgm4ihTMwo01hg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding

GET
H3 200 speculation
citiexpresspayment.network/cdn-cgi/ 128 B
560 B 24ms
24ms Other
application/speculationrules+json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citiexpresspayment.network/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://citiexpresspayment.network
Referer: https://citiexpresspayment.network/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WxCQZKlv%2F6XTitPLzmxrq%2BIjcK4QrriG0X1eoIAcihKtXhaRxTXrHV3BdcS8RISuaOEzuHED%2BTqhMHe12abafkTZt9PEACvr8EPcApsXV4CyINMuSEr18jOhpXczq5Bd33VirHqcj3qc8GEK9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd24fef2cc51e85-AMS
access-control-allow-origin: https://citiexpresspayment.network
content-length: 128
date: Fri, 04 Oct 2024 04:08:42 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.min.css
citiexpresspayment.network/assets/front/plugins/bootstrap/ 138 KB
21 KB 1082ms
1081ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citiexpresspayment.network/assets/front/plugins/bootstrap/bootstrap.min.css
Requested by: Host: citiexpresspayment.network
URL: https://citiexpresspayment.network/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://citiexpresspayment.network/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: "22688-5bc7178d36700-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrY9X3giMYAJ6zlQlYz%2BPIPrsx0yv68lFEHt4%2FFmodV2yT1gcemdq%2FpKuoy0O8ImghTele%2B9dejfycw1WM0ES%2B9173JV0p3dYKD54R50Kifp8nqIqduZ%2FvNK1GxyzEtyWNAaKyJHpuBwI1AbfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd24fef2cc91e85-AMS
accept-ranges: bytes
content-length: 21091
date: Fri, 04 Oct 2024 04:08:43 GMT
content-type: text/css
last-modified: Mon, 01 Mar 2021 03:47:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 style.css
citiexpresspayment.network/assets/front/css/ 15 KB
3 KB 785ms
784ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citiexpresspayment.network/assets/front/css/style.css
Requested by: Host: citiexpresspayment.network
URL: https://citiexpresspayment.network/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 325c06e1de6f7368e75d7d9703675d3a14a54c6cce16cead3b4a0e867bd79cfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://citiexpresspayment.network/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: "3aa4-5fb7acfb6d140-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7H9Pv0wNsRlBn0wqcIC0D9CL3uf11vHSSJYFvIFYhRAzSAgzVTsrX5iSdTI2hG4nAxMyVVmT4CJN8v05ObueSi6Pvjs81873qnjq47HlnAddvsmr23CC0x5xOge%2BsPK%2FkiFjbmsX7jDFWMvzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd24fef2cca1e85-AMS
accept-ranges: bytes
content-length: 3086
date: Fri, 04 Oct 2024 04:08:42 GMT
content-type: text/css
last-modified: Fri, 12 May 2023 08:22:53 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 logo.png
citiexpresspayment.network/assets/front/images/ 123 KB
123 KB 829ms
828ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citiexpresspayment.network/assets/front/images/logo.png
Requested by: Host: citiexpresspayment.network
URL: https://citiexpresspayment.network/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8754cf9bbbdcfd852cfd9160006ae41ec738d2d298aa1a60d85d918883408347

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://citiexpresspayment.network/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "1ea4c-5c5cc9129f6c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGIa2JJQ73t4nwr9XVK%2BVGlz0jCHZ71IbzKq0mqHKMWPbcqd%2BJjeywzEb%2BdavQ16bXtaZDoEeVGoxq1p0dvC%2FAG1Xku%2FAirzeoLrzxL%2FYEU4AdHVmhW15ff3qA7%2FzY%2Fv4WJ3%2FnKHDWoApho3YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd24fef2ccb1e85-AMS
accept-ranges: bytes
content-length: 125516
date: Fri, 04 Oct 2024 04:08:42 GMT
content-type: image/png
last-modified: Mon, 28 Jun 2021 05:14:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 email-decode.min.js Show response
citiexpresspayment.network/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
20ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://citiexpresspayment.network/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: citiexpresspayment.network
URL: https://citiexpresspayment.network/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://citiexpresspayment.network/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"66fc0c28-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cy1VTupYoeqf%2FEjPHQR5h%2BOjqZMz1cNWCLQD4mAVTBadwmfyyXNyKTklPORNI8LJ9VBvMvUNJg8irF63SQG7MnmKQKU1U4BAnYVY9MADxd0D6ca16h%2B3x0%2FoLzOyapwxLsoXOa85OO1bdO2%2BVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8cd24fef2cce1e85-AMS
expires: Sun, 06 Oct 2024 04:08:42 GMT
date: Fri, 04 Oct 2024 04:08:42 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:50:16 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 35 KB
3 KB 244ms
129ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,600,700|Montserrat:400,700,800|Work+Sans:400,700,800|Oswald:400,700,800|Google+Sans:400,700,800

Requested by

Host: citiexpresspayment.network
URL: https://citiexpresspayment.network/assets/front/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19bba9805dd1c9768fdb154cd61f551bccd92b289c6503ea8a24d11273989c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://citiexpresspayment.network/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 04:08:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 04:08:43 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 04 Oct 2024 04:08:43 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 skyline-view-city-metropolis-civilization.jpg
citiexpresspayment.network/assets/front/images/ 269 KB
270 KB 1328ms
1327ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citiexpresspayment.network/assets/front/images/skyline-view-city-metropolis-civilization.jpg
Requested by: Host: citiexpresspayment.network
URL: https://citiexpresspayment.network/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f82f7d7d6267b725ac21e84135be4752834b8e9562ac514780420ecef4396ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://citiexpresspayment.network/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "434fc-5bc7178d36700"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l2QRpTMWaMr1E6hHWj0O3hg1rKtDijCJdewqHG6iUEpqe2p0jnrTOk%2FORi3Gom2musOGukBdPjBWgU9yWi6mZXy4GvB4TQnI6ZbXrb9JqLzzwDuyKLny4D8rIRebx3ZYDnUoJOu21HaZs4afeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd24ff60f1f1e85-AMS
accept-ranges: bytes
content-length: 275708
date: Fri, 04 Oct 2024 04:08:44 GMT
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 03:47:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
47 KB 91ms
28ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,600,700|Montserrat:400,700,800|Work+Sans:400,700,800|Oswald:400,700,800|Google+Sans:400,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://citiexpresspayment.network
Referer: https://fonts.googleapis.com/

Response headers

age: 244590
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 08:12:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:12:13 GMT
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48336
x-xss-protection: 0
server: sffe

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v61/ 33 KB
33 KB 86ms
24ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v61/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,600,700|Montserrat:400,700,800|Work+Sans:400,700,800|Oswald:400,700,800|Google+Sans:400,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://citiexpresspayment.network
Referer: https://fonts.googleapis.com/

Response headers

age: 244882
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 08:07:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:07:21 GMT
last-modified: Mon, 12 Aug 2024 17:14:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34184
x-xss-protection: 0
server: sffe

GET
H3 200 logo.png
citiexpresspayment.network/assets/front/images/ 123 KB
0 0ms
0ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citiexpresspayment.network/assets/front/images/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8754cf9bbbdcfd852cfd9160006ae41ec738d2d298aa1a60d85d918883408347

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://citiexpresspayment.network/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "1ea4c-5c5cc9129f6c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGIa2JJQ73t4nwr9XVK%2BVGlz0jCHZ71IbzKq0mqHKMWPbcqd%2BJjeywzEb%2BdavQ16bXtaZDoEeVGoxq1p0dvC%2FAG1Xku%2FAirzeoLrzxL%2FYEU4AdHVmhW15ff3qA7%2FzY%2Fv4WJ3%2FnKHDWoApho3YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd24fef2ccb1e85-AMS
accept-ranges: bytes
content-length: 125516
date: Fri, 04 Oct 2024 04:08:42 GMT
content-type: image/png
last-modified: Mon, 28 Jun 2021 05:14:43 GMT
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			citiexpresspayment.network/	1970-01-21 00:00:22	Name: XSRF-TOKEN Value: eyJpdiI6InZGdWhPT29XVWlhRlh5aWpGMCtKdGc9PSIsInZhbHVlIjoiZkZ1Snk4ZHVab1JNc080clMwZ1wvMkNidzYxRVo2NldoVWdFaEtkbVFybURyYVBhWDlYQUR5MFJPNFRVaDlRRSsiLCJtYWMiOiJlMzc1YmZiYzlkOWRjNzk1YTdkNGY5OWI0ZmQ1ZjE2NmU0YjEwYjU1NmQyNjQyNzdiOTkwYjAyYWJmZjE2Y2NjIn0%3D
			citiexpresspayment.network/	1970-01-21 00:00:22	Name: citiexpresspayment_session Value: eyJpdiI6IjZnRzZ0UEZNV1dobytqdVJxNFFnNWc9PSIsInZhbHVlIjoiK2hMOE44enhTTEliSGV1eklXWENCZUtDalwvQXZGV2JtXC96dG1pQjNjcE16bE5GODB3UHNHK290Wjlsa3NaTzZMIiwibWFjIjoiNzBlNmVjZDQyNjg2MzZhY2ViMjFlNDVmOTNkN2VlMjNhODM4YzYxZTAwNWNjOWFmY2U5YjE0YTJiNmE2NjkzMSJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citiexpresspayment.network
fonts.googleapis.com
fonts.gstatic.com
142.250.185.99
188.114.97.3
2a00:1450:4001:81c::200a
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
19bba9805dd1c9768fdb154cd61f551bccd92b289c6503ea8a24d11273989c9e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
325c06e1de6f7368e75d7d9703675d3a14a54c6cce16cead3b4a0e867bd79cfa
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
7f82f7d7d6267b725ac21e84135be4752834b8e9562ac514780420ecef4396ba
8754cf9bbbdcfd852cfd9160006ae41ec738d2d298aa1a60d85d918883408347
9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24
b627db8730478284bee5e111278e77ca9bf37590b7bcd820de59b730dbc356fd
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

citiexpresspayment.network Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

504 kBTransfer

786 kBSize

2 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

citiexpresspayment.network Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

504 kB
Transfer

786 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions