192.3.204.226301 Moved Permanently 229 B URL User Request GET HTTP/1.1 IP 192.3.204.226:80
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 55dfb203d3240025c9e46d8950ce028f
d61c7974741140e8f774f0e835da26b09f05750c
8bb7c31093f7ddcb977fbba7cdf1f8ff136e34feeda60ab3e86e391c570288fc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Mon, 01 May 2023 21:01:17 GMT
Server: Apache
Location: https://citi-now.com/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
192.3.204.226301 Moved Permanently 53 kB URL User Request GET HTTP/1.1 IP 192.3.204.226:80
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2395)
Hash 09d3bc0140f479b0abff9a38286e4b10
5e547a5efe7e8984ab3f8081ce5c12deef6e12d5
102448aa3d652e770be0e8e1463d37dac5cdeed5816d64afb37fe21629332607
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7; path=/
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6cbb9f15d1911c8b9960fa84cd46746a
5a818e7c516f66d74cc89cdc417740f76f19b325
d6f500b8a531532af0fafd55c442a163882a946d5f01c2ade121100c24e80b4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.170200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 11:26:16 GMT
expires: Sun, 28 Apr 2024 11:26:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 207302
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0
142.250.74.170200 OK 64 kB URL GET HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (2455)
Hash 84898c1e53fe717d86867abefccf489e
a5832d800fe90fb7d8da8243ff71e69037b5087c
c605998ce23b2e2a5f62fa02a4d01b9a7d1e31aed7e80f0f7d2b8fa41141038c
GET /maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Language, Origin, X-Origin, Referer
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=1800
timing-allow-origin: *
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
date: Mon, 01 May 2023 21:01:18 GMT
server: scaffolding on HTTPServer2
content-length: 63486
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
citi-now.com/css/bootstrap-4-navbar.css
192.3.204.226200 OK 2.6 kB URL GET HTTP/1.1 citi-now.com/css/bootstrap-4-navbar.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 3121aca3cb99cd03f95743a56b310f4c
deb82d89faae0f8b6bd1e20297c9d42dc788a08c
c894be19c38522da4f1984ed993c8238b1ab293311105611d96dc825c417a9ab
GET /css/bootstrap-4-navbar.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 2598
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/font-awesome.min.css
192.3.204.226200 OK 31 kB URL GET HTTP/1.1 citi-now.com/css/font-awesome.min.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (30858), with CRLF line terminators
Hash f4232088435e47914bbc280dbf56c8df
9e6aff916f2be32dbc9a053f83f906aab6527c7f
562bd1e9b6d71357cb209821a63ebb8324b5498fa8e144c48c9a9ec2b49e6d10
GET /css/font-awesome.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 31025
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/animate.css
192.3.204.226200 OK 25 kB URL GET HTTP/1.1 citi-now.com/css/animate.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 1c7ad0a97d2dc2da70b8d855ae946cae
7f3596852663437b7f89231cc750628a0d86e403
cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234
GET /css/animate.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 25427
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.170200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:23 GMT
expires: Sun, 28 Apr 2024 13:45:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 198956
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6cbb9f15d1911c8b9960fa84cd46746a
5a818e7c516f66d74cc89cdc417740f76f19b325
d6f500b8a531532af0fafd55c442a163882a946d5f01c2ade121100c24e80b4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
citi-now.com/etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css
192.3.204.226200 OK 563 kB URL GET HTTP/1.1 citi-now.com/etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 563 kB (562942 bytes)
Hash 11c2fedc258a33a78dbd89d85bda9562
66a93f44841b6666b748340f9580486b096c3fe7
ea0eed3ac657f69fab9be7ec82e84e54e8e26a1e6dd47b242600551766030d2f
GET /etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:22 GMT
Accept-Ranges: bytes
Content-Length: 562942
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/bootstrap.min.css
192.3.204.226200 OK 140 kB URL GET HTTP/1.1 citi-now.com/css/bootstrap.min.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (65319), with CRLF line terminators
Size 140 kB (140427 bytes)
Hash 9085ab0d9dc4f08b981ba6b6766fd2bb
a9dc0e1df4a8b9f852fe0a7197f179cd45f3e30a
1212f28ff9fe4b7829e31633b30c67bbb1209ecd1a7bb915f96b6e0eedaf02a4
GET /css/bootstrap.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 140427
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/site.min.css
192.3.204.226200 OK 484 kB URL GET HTTP/1.1 citi-now.com/site.min.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size 484 kB (483640 bytes)
Hash 5abb79f867020effd7ff146c326104f0
9ed1b35395ae8889b1ae8a08e4ef0aa964112caa
cafa5acc2910f631c03d41c2c7d1f521d23c69dd0b333a2991e11bd6974966f4
GET /site.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:32 GMT
Accept-Ranges: bytes
Content-Length: 483640
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/fakeLoader.css
192.3.204.226200 OK 9.1 kB URL GET HTTP/1.1 citi-now.com/css/fakeLoader.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 3373236010f4791905b4243523c852ae
f0518b67f831bf7ae4a8fae2873dda32cccee71e
dc917074047f65fb36f2683634b4df05900d1ce0c30102679e170419c2477339
GET /css/fakeLoader.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 9055
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/inc/lightbox/css/jquery.fancybox.css
192.3.204.226200 OK 5.3 kB URL GET HTTP/1.1 citi-now.com/inc/lightbox/css/jquery.fancybox.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash f7cc36f690e370ee8b85cbd5d1862d59
64f621553581eaaf5d56341ff138f9bcba6de562
8f29da77daf2aa97c4c482e0f5ae474154f6494e92bca50c8424815af2989883
GET /inc/lightbox/css/jquery.fancybox.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:26 GMT
Accept-Ranges: bytes
Content-Length: 5278
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/owl.theme.default.min.css
192.3.204.226200 OK 941 B URL GET HTTP/1.1 citi-now.com/css/owl.theme.default.min.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (846), with CRLF line terminators
Hash 58fa0eb0891a7bcb0f2ee822cce62ed4
34e714fc4d078105e9a7b1ababd192d6e544685a
fedfa62c29729ccdabb5e90b287385f13ef1c5c8b4e5efbc000702b110e40fdd
GET /css/owl.theme.default.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 941
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/filterizer.css
192.3.204.226200 OK 795 B URL GET HTTP/1.1 citi-now.com/css/filterizer.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 0c77b2adffa1884df02e4f956f01b470
bf192c93ba2e0ceefd02f6f072483e2be62438d8
89d3e611d3c764ff08d2510c4943c9e91e52edfcf78f28caade28821301831a1
GET /css/filterizer.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 795
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/sweetalert.css
192.3.204.226200 OK 24 kB URL GET HTTP/1.1 citi-now.com/css/sweetalert.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 9b8007e29ad2778d449264166a7892b7
47418efe84958fcf4a945cbf6c2f54d29967e79b
4513f34c44831aab38d5171e7d729e3fabeea39dfc7ffd06722b490d02f20a70
GET /css/sweetalert.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 23811
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/style.css
192.3.204.226200 OK 84 kB IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (491), with CRLF line terminators
Hash b8bcc550c17edd950f084ab15cf1a4d5
048c264b14895248ee583d507f1253c6a0e90664
2a04435c9150e2ccc8acf106f03892734664589d14f063c4290af4e0438eeed6
GET /style.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:32 GMT
Accept-Ranges: bytes
Content-Length: 84044
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/customcss.css
192.3.204.226200 OK 89 B URL GET HTTP/1.1 citi-now.com/css/customcss.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash e74cc393f0eb1c928a61f4a905587645
111baad88be18649c64139557f83fdb0053cc2dc
3905954654fa396aa0b64496f1394d11e2f932fcf7a2aecfc70d3cf0f6c58a93
GET /css/customcss.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 89
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/toastr.css
192.3.204.226200 OK 7.0 kB URL GET HTTP/1.1 citi-now.com/css/toastr.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type Unicode text, UTF-8 text, with very long lines (821), with CRLF line terminators
Hash 6f3bc1fed2acd85204fa04c82b6c872d
ee57a6e6fd2ee673e0f14d4647f92d4e8d1eab0b
bf3687811bb3e963a9fabd3d280d0c7f670257b151be140936dfc6c6cefa00dc
GET /css/toastr.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 6988
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/css/responsive.css
192.3.204.226200 OK 16 kB URL GET HTTP/1.1 citi-now.com/css/responsive.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash e256adcdbe2f9480a7dc6e5f0beb715b
135fbf0541692b363e7a81790a5bb130afecdc6e
95d10df44c77d308c6656eed015a103063ad0ca02362c51b9fdb93947c9a64da
GET /css/responsive.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 15829
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/color/color-switcher.css
192.3.204.226200 OK 11 kB URL GET HTTP/1.1 citi-now.com/color/color-switcher.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (4431), with CRLF line terminators
Hash 757718467df48369313fad0aad1500b8
a2820ace49fd22f3376873b90585cfed3edda776
46465dc28550e5e16a7200f217a63b6b7951c11ac3aa2f1b7ce00d4677be6f25
GET /color/color-switcher.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 10768
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/color/default.css
192.3.204.226200 OK 11 kB URL GET HTTP/1.1 citi-now.com/color/default.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 66e02114de8ae25ea34ea998184da67e
39cfbadb11695b98280deed67e3f060b4ba9c73c
d043c2cca265536ff5ecfd0c37b2f836708bd91cd1d76967187b9ec83a58d77d
GET /color/default.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 10842
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/cdn.weglot.com/weglot.min.js
192.3.204.226200 OK 48 kB URL GET HTTP/1.1 citi-now.com/cdn.weglot.com/weglot.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type Unicode text, UTF-8 text, with very long lines (48054), with no line terminators
Hash 4f2efd52c68e5a56f2317f9b5ed22704
25bfc4447fe2cd7da24f94195b8ac0ea0c5f067c
9d88bb54b2b3656afa6dcb8edca86757929e05d3faabe5c0c08a474750615ab9
Analyzer Verdict Alert fortinet Phishing
GET /cdn.weglot.com/weglot.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 48484
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
192.3.204.226404 Not Found 315 B URL GET HTTP/1.1 citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
citi-now.com/1.12.4/jquery.min.js
192.3.204.226200 OK 97 kB URL GET HTTP/1.1 citi-now.com/1.12.4/jquery.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (32077), with CRLF line terminators
Hash 618538b4ab9639d444e962729a927f15
dacc1f76630a9708add066819b1aabf8dce01056
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
Analyzer Verdict Alert fortinet Phishing
GET /1.12.4/jquery.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:34 GMT
Accept-Ranges: bytes
Content-Length: 97168
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/waypoints.min.js
192.3.204.226200 OK 8.1 kB URL GET HTTP/1.1 citi-now.com/js/waypoints.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash 4fe14337a62d710389f42e8a5d1043f7
5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5
069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf
Analyzer Verdict Alert fortinet Phishing
GET /js/waypoints.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 8051
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/jquery.filterizr.min.js
192.3.204.226200 OK 12 kB URL GET HTTP/1.1 citi-now.com/js/jquery.filterizr.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (12034), with no line terminators
Hash 5eb0077b399d38f31eef66c00d150980
014c05a2ca80b0066631dc8e48267ddb4bbfc057
03c9a5d09cf0714352a12a9233626ec69367822b520550955bd7bab074f11a09
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.filterizr.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:30 GMT
Accept-Ranges: bytes
Content-Length: 12034
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/wow.min.js
192.3.204.226200 OK 8.4 kB URL GET HTTP/1.1 citi-now.com/js/wow.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (8385), with CRLF line terminators
Hash e1f1ff6897992a9165e8ce009b4039e3
e297207404fea99863aea60a1dcd3770f8ecddee
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
Analyzer Verdict Alert fortinet Phishing
GET /js/wow.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:30 GMT
Accept-Ranges: bytes
Content-Length: 8416
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/filterizer-controls.js
192.3.204.226200 OK 593 B URL GET HTTP/1.1 citi-now.com/js/filterizer-controls.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 09092616c6c92eadf3ac73e85dbbcfb0
b7e28ee5a4cc047b4d5d196c22b24eedf5c58dc1
da484791ac65c3a3c67de883ccbc8b6a651ec08b85df451913a8870b0fe2facc
Analyzer Verdict Alert fortinet Phishing
GET /js/filterizer-controls.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 593
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/bootstrap.min.js
192.3.204.226200 OK 51 kB URL GET HTTP/1.1 citi-now.com/js/bootstrap.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (50395), with CRLF line terminators
Hash 95697eefe013ce1a1e69c14105d09696
7fcbfe254ff0b171b13c21c7a86d4db5a32fa676
44a7e1e6e7f4f6ad49f162ce33dfd72f05d3162e150415b7ac9cefba8d51acc1
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 50682
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/css/owl.carousel.min.css
192.3.204.226200 OK 2.9 kB URL GET HTTP/1.1 citi-now.com/css/owl.carousel.min.css
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (2846), with CRLF line terminators
Hash 11f8f55299612003d16158106d01f2f0
78bead4cb5ce15f16b6554065404a01df5f67325
8608c63311f463ed5cb19febda4aaedc756eba9516c345375e5a7e56ec67a46e
GET /css/owl.carousel.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 2941
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
citi-now.com/js/owl.carousel.min.js
192.3.204.226200 OK 43 kB URL GET HTTP/1.1 citi-now.com/js/owl.carousel.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (32000), with CRLF line terminators
Hash 56b28ad35f1816c6894b14190a0a006d
967ceaa9e6f67e636d818f42b4d5d15c7a4a254e
b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd
Analyzer Verdict Alert fortinet Phishing
GET /js/owl.carousel.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 42772
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ebcfe66cabee8d5ba507cb7b2321072c
aa5ab35362cb37530ee009bab1145e2c1f87ef20
3fa3ca6a53788d5a96c0c161c07d42a2dd2392525b4db57cdb28e8e77b89d0bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
citi-now.com/js/fakeLoader.min.js
192.3.204.226200 OK 2.2 kB URL GET HTTP/1.1 citi-now.com/js/fakeLoader.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (2181), with no line terminators
Hash fbbc2dce21db4ede54f377af673a14e4
6744ee1c09c777c03dd645e1feef863bef36afe0
019ac00d99daed25891f79aa2560c46ea37cd3a263a21b5c0ee4c9e14cfabd89
Analyzer Verdict Alert fortinet Phishing
GET /js/fakeLoader.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:34 GMT
Accept-Ranges: bytes
Content-Length: 2181
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
142.250.74.35200 OK 4.2 kB URL GET HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
IP 142.250.74.35:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type ASCII text, with very long lines (23228), with no line terminators
Hash 8f89ebd6757f0474347497a9545d3cc2
014d050331fcdbcff8cbf854b4c926286e0c104a
015111236a8db21de30b2af7d2d24221a9f358fe83137f4651707f4728043585
GET /_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 15:39:58 GMT
expires: Sun, 28 Apr 2024 15:39:58 GMT
cache-control: public, max-age=31536000
age: 192082
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ebcfe66cabee8d5ba507cb7b2321072c
aa5ab35362cb37530ee009bab1145e2c1f87ef20
3fa3ca6a53788d5a96c0c161c07d42a2dd2392525b4db57cdb28e8e77b89d0bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 07:44:41 GMT
expires: Sun, 28 Apr 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 220599
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 16:13:41 GMT
expires: Sun, 28 Apr 2024 16:13:41 GMT
cache-control: public, max-age=31536000
age: 190059
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
citi-now.com/js/scrolltopcontrol.js
192.3.204.226200 OK 3.8 kB URL GET HTTP/1.1 citi-now.com/js/scrolltopcontrol.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash a4b429f9967aa1c8266040f0c3a8af06
68ded267a97e354b790812e7621e6b0cdbf1d1b1
8fa3dcf37f804c3ff9d561fedf2fefece267e4a18ac47a14d5aab0028870a8c0
Analyzer Verdict Alert fortinet Phishing
GET /js/scrolltopcontrol.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 3802
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/bootstrap-4-navbar.js
192.3.204.226200 OK 1.1 kB URL GET HTTP/1.1 citi-now.com/js/bootstrap-4-navbar.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 19692f564401574998529b3fc97e08ce
1b790552a374ea3a7856ecd1fb147e695275ed8c
00b8431e30ab00475d6c7050e50b9bc2538689894048107875e3416dbe8817b0
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap-4-navbar.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 1126
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ebcfe66cabee8d5ba507cb7b2321072c
aa5ab35362cb37530ee009bab1145e2c1f87ef20
3fa3ca6a53788d5a96c0c161c07d42a2dd2392525b4db57cdb28e8e77b89d0bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ebcfe66cabee8d5ba507cb7b2321072c
aa5ab35362cb37530ee009bab1145e2c1f87ef20
3fa3ca6a53788d5a96c0c161c07d42a2dd2392525b4db57cdb28e8e77b89d0bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
citi-now.com/inc/lightbox/js/jquery.fancybox.pack.js
192.3.204.226200 OK 23 kB URL GET HTTP/1.1 citi-now.com/inc/lightbox/js/jquery.fancybox.pack.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (645), with CRLF line terminators
Hash 0ca8cd384931d74c4b6a9f592e987f69
ae6318aeb62ad4ce7a7e9a4cdacd93ffb004f0fb
2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525
Analyzer Verdict Alert fortinet Phishing
GET /inc/lightbox/js/jquery.fancybox.pack.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:28 GMT
Accept-Ranges: bytes
Content-Length: 23180
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 03:11:48 GMT
expires: Sun, 28 Apr 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 236973
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK 17 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.227:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 15:48:35 GMT
expires: Sun, 28 Apr 2024 15:48:35 GMT
cache-control: public, max-age=31536000
age: 191566
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
citi-now.com/js/map.js
192.3.204.226200 OK 2.1 kB IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 074d18a20690c9e786a7e8ea5c505067
f7d4d1717a6f83b912ded783212799555a730dfe
ac463348ed7518f3e8482361b2efdfaf6ec5cfcf907b8b37795f522280b59cbd
Analyzer Verdict Alert fortinet Phishing
GET /js/map.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 2135
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/jquery.sticky.js
192.3.204.226200 OK 9.5 kB URL GET HTTP/1.1 citi-now.com/js/jquery.sticky.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash bb9e65fc3638c9c96ab909c51882b0a6
9109c4c710cfaf3be7fba3b12b348a79262e4923
8a0fb587e2399fa57291795510001b9e5de7b0c6f8ee097ded2e7a66ad149492
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.sticky.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 9544
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/jquery.counterup.min.js
192.3.204.226200 OK 1.1 kB URL GET HTTP/1.1 citi-now.com/js/jquery.counterup.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (917), with CRLF line terminators
Hash 465906f7e86adf960de5784a9cdb40fb
124337b64842cb55e7d480f99a83159ac6104d58
05231ca1268f3f7b2cdbc4daba734e7718a03a0ffaf79cb376bc5a49d85bbdfb
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.counterup.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 1078
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/jquery.magnific-popup.min.js
192.3.204.226200 OK 20 kB URL GET HTTP/1.1 citi-now.com/js/jquery.magnific-popup.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (20087), with CRLF line terminators
Hash b37d7edf99565d3858eaa1ad80df3cff
786a4343711e9af5e5dfcc493e7d2331b48875bb
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 20219
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/color-switcher.js
192.3.204.226200 OK 2.4 kB URL GET HTTP/1.1 citi-now.com/js/color-switcher.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 07e0e829a35fa6e171ca38846cfcfde6
c038677cc1072e2df4b2a1d8997bdfb41da44590
45312d094380e813ad3ccef98fbce8734a737fd9b6c9a520b7b0c915a9f652df
Analyzer Verdict Alert fortinet Phishing
GET /js/color-switcher.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 2384
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/color-switcher-active.js
192.3.204.226200 OK 881 B URL GET HTTP/1.1 citi-now.com/js/color-switcher-active.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash f1da354bd0f4d3927aff85ca576021c5
97dca7530fc9992c86ebefb3b75c2c1edfb9181c
653ae2847222b2f5ae9232037834859823c7548f8fb6434b33c24bc9805068dc
Analyzer Verdict Alert fortinet Phishing
GET /js/color-switcher-active.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 881
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/inc/lightbox/js/lightbox.js
192.3.204.226200 OK 1.4 kB URL GET HTTP/1.1 citi-now.com/inc/lightbox/js/lightbox.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with CRLF line terminators
Hash 518c953f31f7299691a1621b803cbf44
b26b64be947c86d14cbafc10de84149c462ed8bf
b537a80c14d7d295dc304619d62df5605d71b93b9783cf9368a8df14e9ec5598
Analyzer Verdict Alert fortinet Phishing
GET /inc/lightbox/js/lightbox.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:28 GMT
Accept-Ranges: bytes
Content-Length: 1377
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/custom.js
192.3.204.226200 OK 6.1 kB URL GET HTTP/1.1 citi-now.com/js/custom.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
Hash c4591e618ff24176ccec82f552b9330c
36daaa5a527140f997f00161d62effd6fe01371b
ecc579c8a5c04b1c2fe74efd57f9e6942bc960fe1121e2915b9193f4e1bd7e67
Analyzer Verdict Alert fortinet Phishing
GET /js/custom.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 6117
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/toastr.js
192.3.204.226200 OK 8.0 kB URL GET HTTP/1.1 citi-now.com/js/toastr.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash b8309849622865e0321015ec2482645d
5ee2d93004b15046be73afc88d29d0b780d165bd
3bffa2cee14e483c528eeade0e59f4705555bf047c2400b0bf9fda105129b638
Analyzer Verdict Alert fortinet Phishing
GET /js/toastr.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 8035
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
192.3.204.226404 Not Found 315 B URL GET HTTP/1.1 citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
citi-now.com/js/sweetalert.js
192.3.204.226200 OK 41 kB URL GET HTTP/1.1 citi-now.com/js/sweetalert.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (40808), with no line terminators
Hash f3b8ce97ff6ce324da6232da353adf40
2a3daabc70232c6350ab48d32605dc4a6ac1f1fa
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Analyzer Verdict Alert fortinet Phishing
GET /js/sweetalert.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:40 GMT
Accept-Ranges: bytes
Content-Length: 40808
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/js/jquery.bxslider.min.js
192.3.204.226200 OK 19 kB URL GET HTTP/1.1 citi-now.com/js/jquery.bxslider.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (19040), with CRLF line terminators
Hash 7658757f3908f59389898e30f4de4067
f8f94befddf4def914df3fae70d106fc525819a0
7bc204a8009323811c2888323b9626d4417b02358aab7fdfabdcf0153385c621
GET /js/jquery.bxslider.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 19368
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
192.3.204.226200 OK 38 kB URL GET HTTP/1.1 citi-now.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (873), with CRLF line terminators
Hash af2968fceb7f237e56363e001bbf407f
245b56bf8b91af47031b8f1141c59979429dc039
d43a868701070b5ce6966b7000acb506c8b519635e284b4f824e26b63b2b444a
Analyzer Verdict Alert fortinet Phishing
GET /etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:20 GMT
Accept-Ranges: bytes
Content-Length: 38468
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/fonts/icomoon87f487f487f487f4.ttf
192.3.204.226200 OK 53 kB URL GET HTTP/1.1 citi-now.com/fonts/icomoon87f487f487f487f4.ttf
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash c0f9a8825c938a3f34c3699831427236
265e5236fd5361bc3b80cb169020caf619397680
93a180d6de5a94708086d7ceddd1dc5fc2795e503a9c2528e6f0a87fe59a6278
Analyzer Verdict Alert fortinet Phishing
GET /fonts/icomoon87f487f487f487f4.ttf HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/site.min.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:26 GMT
Accept-Ranges: bytes
Content-Length: 52948
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/ttf
citi-now.com/fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html
192.3.204.226200 OK 77 kB URL GET HTTP/1.1 citi-now.com/fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://citi-now.com/css/font-awesome.min.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:28 GMT
Accept-Ranges: bytes
Content-Length: 77160
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html
citi-now.com/images/bg-2.jpg
192.3.204.226200 OK 69 kB URL GET HTTP/1.1 citi-now.com/images/bg-2.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 570x370, components 3\012- data
Hash a5147fb69b0d501b6690f6548b1a9af6
7bfd9304ac9fd82aeaeb9e4e95ea9ba919149b28
3ff0e12658143c927418c8783fed132470717b9ea46c05536a4bc677c7690390
GET /images/bg-2.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:58 GMT
Accept-Ranges: bytes
Content-Length: 68737
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/bg-5.jpg
192.3.204.226200 OK 98 kB URL GET HTTP/1.1 citi-now.com/images/bg-5.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Hash 7f096f50c88548931dd0df7831200e8b
30dc16e18926dd80bd73e3b4c291307f86d90b7e
861d9ce39e5a4852c9dbacb24a8f20a5121995414c8d0e431e1586689c4fccd2
GET /images/bg-5.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:08 GMT
Accept-Ranges: bytes
Content-Length: 97824
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/bg-4.jpg
192.3.204.226200 OK 87 kB URL GET HTTP/1.1 citi-now.com/images/bg-4.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Hash 4e630e7ac70b8485413ce35c6b375966
c188d6e67310b5b93b22debef7fdd0323c8d08d5
b3721db605cfd56e61cd25e1cfde2527226f0a528b03c480eaaebdba77384782
GET /images/bg-4.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:58 GMT
Accept-Ranges: bytes
Content-Length: 87406
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js
192.3.204.226200 OK 724 kB URL GET HTTP/1.1 citi-now.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (1421), with CRLF line terminators
Size 724 kB (723763 bytes)
Hash 7d95abe64f17c7a573ff60dd644a1e43
ff29e996be8195af48eeef617b5c6a20c77dafc1
ca9fb3233fb99405b67fb2770c2b1860f03db4275c790dcd181e58ce5f60288f
Analyzer Verdict Alert fortinet Phishing
GET /etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:22 GMT
Accept-Ranges: bytes
Content-Length: 723763
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/images/bg-1.jpg
192.3.204.226200 OK 129 kB URL GET HTTP/1.1 citi-now.com/images/bg-1.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 944x689, components 3\012- data
Size 129 kB (128804 bytes)
Hash e197355547cbef209427632bd7b2b866
8f9da60df1b9b6014cad7e830a4cb6fd1fb4f225
7f7c832aa8b7cc957e2a58427a62e6add5f054a88b24e0693f3d7490ac17c689
GET /images/bg-1.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 128804
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/bg-3.jpg
192.3.204.226200 OK 118 kB URL GET HTTP/1.1 citi-now.com/images/bg-3.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Size 118 kB (117544 bytes)
Hash d706c5bf6e1f46d37f538863b2a18825
0a043a00e318b7b500c86a7b272eeb9e140ef4ed
ee8d71964c7c269d013737fbe04e23839cece9814c39c00e4ca396b9d4758125
GET /images/bg-3.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:06 GMT
Accept-Ranges: bytes
Content-Length: 117544
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/b1.jpg
192.3.204.226200 OK 106 kB URL GET HTTP/1.1 citi-now.com/images/b1.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x640, components 3\012- data
Size 106 kB (105550 bytes)
Hash 6be0a85a85a1ff0fb1026b53a11a1f70
b12974005bc57a523677ae27ebdd2384f9470004
efaba296ecc888b632df1fd42aaa1e2a608fc2a6cee52684539a5265dc181829
GET /images/b1.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 105550
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/blog-1.jpg
192.3.204.226200 OK 42 kB URL GET HTTP/1.1 citi-now.com/images/blog-1.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Hash bab4874be3238db6dab8c701f427a96f
d21d82a83b8bde19fd16ffea616f75ffe37e3a6e
202d5e31c8db7a1b0c9a8a75de061f53b357223d6c6e0afe8375bc2d0b98f217
GET /images/blog-1.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:10 GMT
Accept-Ranges: bytes
Content-Length: 41726
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/js/jquery.bxslider.min.js
192.3.204.226200 OK 19 kB URL GET HTTP/1.1 citi-now.com/js/jquery.bxslider.min.js
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type ASCII text, with very long lines (19040), with CRLF line terminators
Hash 7658757f3908f59389898e30f4de4067
f8f94befddf4def914df3fae70d106fc525819a0
7bc204a8009323811c2888323b9626d4417b02358aab7fdfabdcf0153385c621
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.bxslider.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 19368
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
citi-now.com/images/blog-2.jpg
192.3.204.226200 OK 53 kB URL GET HTTP/1.1 citi-now.com/images/blog-2.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Hash 893353112665ee1c944f520846722007
a08a84f88e61b3f1a5e4b651cc6ba558f6d324ee
f65ad81e6d7ea52e0c1018a7bdaedf037228be46cc1022462d308003fc5521e2
GET /images/blog-2.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 53321
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/blog-3.jpg
192.3.204.226200 OK 52 kB URL GET HTTP/1.1 citi-now.com/images/blog-3.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Hash 61f44c0098105b666ac8f32e1d8ef5a5
8cd4db77562f8fca66e150399b115edfecd6b682
6731970a99cfda11c4e5c76eb6eccdd0ac04286d953435180d1d17b458db7429
GET /images/blog-3.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:00 GMT
Accept-Ranges: bytes
Content-Length: 52247
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/blog-4.jpg
192.3.204.226200 OK 51 kB URL GET HTTP/1.1 citi-now.com/images/blog-4.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Hash 355e149413ab293e1f8e76f1aab4559d
22acb164f38ae80fd8cd5d5984f9b4dadb6f11b2
82871af3cb7d32d68779917061f60538324f8262dd1a706448fccea0cf229386
GET /images/blog-4.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:22 GMT
Accept-Ranges: bytes
Content-Length: 50781
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/blog-5.jpg
192.3.204.226200 OK 78 kB URL GET HTTP/1.1 citi-now.com/images/blog-5.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 971x649, components 3\012- data
Hash 69ce9bdf66f0c76eb1a80ef7baf41260
adfb7cd1a2f9a9b53d38cbef3b7f4e52b38fd170
75343815a2e8e1c48c82100b40b1bfb6e5b74b028e8b708d9db1efee89f646af
GET /images/blog-5.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:58 GMT
Accept-Ranges: bytes
Content-Length: 78295
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/blog-6.jpg
192.3.204.226200 OK 42 kB URL GET HTTP/1.1 citi-now.com/images/blog-6.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Hash dd8fc778f54121666896bc7e399323eb
4abc3d9b8bf97a9914d65807ef04a8e99b4ffa67
ebe230389404c32af8df72ddaabc5102477eea6693c1af9c53ebfdab12a7ab36
GET /images/blog-6.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 42180
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/logo.png
192.3.204.226200 OK 7.0 kB IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type PNG image data, 289 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash fb01c489c91a651176ce21954cdb161f
dd01cda0fd9c9a5899e1eaa0e407511555c2a0b3
dd240db9b2bd1f2a33421a99b6a6eb3fe5bb271ad707bd5d451904ac2762c38c
GET /logo.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Tue, 18 Apr 2023 10:48:33 GMT
Accept-Ranges: bytes
Content-Length: 7029
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
col.eum-appdynamics.com//eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0AOnErrorEventHandlerNonNull*f.prototype.Ac%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A22%0Af.prototype.setUp%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A349%3A6%0Ad.Zc%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A9%3A6%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A710%3A11%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A711%3A3%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1%3A13%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1053%3A3%0A
44.238.78.108404 Not Found 0 B URL GET HTTP/2 col.eum-appdynamics.com//eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0AOnErrorEventHandlerNonNull*f.prototype.Ac%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A22%0Af.prototype.setUp%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A349%3A6%0Ad.Zc%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A9%3A6%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A710%3A11%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A711%3A3%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1%3A13%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1053%3A3%0A
IP 44.238.78.108:443
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0AOnErrorEventHandlerNonNull*f.prototype.Ac%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A22%0Af.prototype.setUp%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A349%3A6%0Ad.Zc%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A9%3A6%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A710%3A11%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A711%3A3%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1%3A13%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1053%3A3%0A HTTP/1.1
Host: col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Mon, 01 May 2023 21:01:22 GMT
content-length: 0
server: envoy
X-Firefox-Spdy: h2
citi-now.com/images/blog-7.jpg
192.3.204.226200 OK 29 kB URL GET HTTP/1.1 citi-now.com/images/blog-7.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Hash 58042d50e2139db5e3b4d265c1aab916
d100a0db9c6b7c011562be7b153252466ef18259
1230940cd7817047fb178deadc01b3900a3854089bf24c8f305f16ca8d30adf4
GET /images/blog-7.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 28606
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/blog-9.jpg
192.3.204.226200 OK 31 kB URL GET HTTP/1.1 citi-now.com/images/blog-9.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Hash a5c44207c57853163a53a23d43a89726
74a2a6a0ba70788bad4ca07e88aab235aa82289b
c1f74b20c558359aba86eacf49a3bb469f527b963161bbd68b3608ee27f7333d
GET /images/blog-9.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:22 GMT
Accept-Ranges: bytes
Content-Length: 30616
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/blog-8.jpg
192.3.204.226200 OK 31 kB URL GET HTTP/1.1 citi-now.com/images/blog-8.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x511, components 3\012- data
Hash 804b8e44e1c43286f78b89a422c9a620
93c2a2097512c6949df2e0b6de0f3d0b1338266e
d8bf28bd319981ed47b5d871397b837f84f311716fdb0ab92c3686103bfd285c
GET /images/blog-8.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:14 GMT
Accept-Ranges: bytes
Content-Length: 31177
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/footerlogo.png
192.3.204.226200 OK 7.0 kB URL GET HTTP/1.1 citi-now.com/footerlogo.png
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type PNG image data, 289 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash fb01c489c91a651176ce21954cdb161f
dd01cda0fd9c9a5899e1eaa0e407511555c2a0b3
dd240db9b2bd1f2a33421a99b6a6eb3fe5bb271ad707bd5d451904ac2762c38c
GET /footerlogo.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Tue, 18 Apr 2023 10:47:49 GMT
Accept-Ranges: bytes
Content-Length: 7029
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
citi-now.com/images/couple-hiking-840.jpg
192.3.204.226200 OK 94 kB URL GET HTTP/1.1 citi-now.com/images/couple-hiking-840.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2018:09:06 12:55:13], progressive, precision 8, 601x400, components 3\012- data
Hash fbd399a4fb4cfd05b5786d8608651760
332d3ad7975e78c48eeef929609adc63b0170aed
96927945a2f7fdcddc4ba1b97e5ee55ade5d16b05ce5a56123321cf47c62bb46
GET /images/couple-hiking-840.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 93653
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/bl-840.jpg
192.3.204.226200 OK 146 kB URL GET HTTP/1.1 citi-now.com/images/bl-840.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2018:09:06 12:53:01], progressive, precision 8, 812x540, components 3\012- data
Size 146 kB (145862 bytes)
Hash 7312b8b13b3be58c8118fadb3f15c8a8
24fed7013a2d3459d8641f6231651c63ab49589d
c4249eb98c7fa39a43bb8cd1026497cda3112e9e320dfc001e508f47cb025b88
GET /images/bl-840.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:14 GMT
Accept-Ranges: bytes
Content-Length: 145862
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/visa1%20(2).png
192.3.204.226200 OK 37 kB URL GET HTTP/1.1 citi-now.com/images/visa1%20(2).png
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type PNG image data, 396 x 260, 8-bit/color RGBA, non-interlaced\012- data
Hash 049ce8bca6336a5a45e6aeec6b956dda
1e10b17f52f2780013f96c14ccd3ca2f6a66bd67
ae4d25e08e8c063c9b0a6c4dd39a43e0c9e99848b5180ce515eaa19cacd96d7f
GET /images/visa1%20(2).png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:08 GMT
Accept-Ranges: bytes
Content-Length: 37414
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
citi-now.com/images/Question-mark.jpg
192.3.204.226200 OK 91 kB URL GET HTTP/1.1 citi-now.com/images/Question-mark.jpg
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1774x2365, components 3\012- data
Hash db34e90d64234eedf1530f4187547d80
c0e222b7c416438d4a7c7eff68c70448aeae8300
e6b1e3a4498fe376871c68a809d741fe3a828284b7a8715726770c7dee3562a5
GET /images/Question-mark.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:40 GMT
Accept-Ranges: bytes
Content-Length: 91165
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
citi-now.com/images/visa2.png
192.3.204.226200 OK 215 kB URL GET HTTP/1.1 citi-now.com/images/visa2.png
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type PNG image data, 775 x 322, 8-bit/color RGBA, non-interlaced\012- data
Size 215 kB (215093 bytes)
Hash c2a5ff703b6e7c71f994eeb0f67ca40b
97095cd707e896c47b028e3b3d117d3057a71412
512678a6350d49dd9ee674adaa4b75e8548b04b740e502a3ccc63c3e9052b962
GET /images/visa2.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:36 GMT
Accept-Ranges: bytes
Content-Length: 215093
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
citi-now.com/images/visa.png
192.3.204.226200 OK 72 kB URL GET HTTP/1.1 citi-now.com/images/visa.png
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type PNG image data, 403 x 261, 8-bit/color RGBA, non-interlaced\012- data
Hash e8270036c4afed927f6850600296fbee
12b0ee8ae9830d46926b24d2f2020e2716f85276
2b1713d31a3bf731afbba5a76a5eb8e7e00c0fe126bf5b971c29e586ebd75577
GET /images/visa.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:51:16 GMT
Accept-Ranges: bytes
Content-Length: 72266
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_main
142.250.74.170200 OK 76 kB URL GET HTTP/3 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_main
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (1767)
Hash 86ca587de53cf3b2f2c6506d6e3f8590
063e657ed9ae10d940a2980a9f23ab99f1f002a8
571bfe06e40289f7b1a3518da434e1eb61cfedacdbae3ba39e1df8cc71c88a67
GET /_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 76092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Apr 2023 19:36:09 GMT
expires: Fri, 26 Apr 2024 19:36:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 21:10:08 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 350714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.170200 OK 23 B URL GET HTTP/3 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 01 May 2023 21:01:23 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://citi-now.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL GET HTTP/3 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 01 May 2023 19:53:31 GMT
expires: Tue, 30 Apr 2024 19:53:31 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 4072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL GET HTTP/3 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 17:57:34 GMT
expires: Sun, 28 Apr 2024 17:57:34 GMT
cache-control: public, max-age=31536000
age: 183829
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.35200 OK 910 B URL GET HTTP/3 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.35:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 17:48:40 GMT
expires: Sun, 28 Apr 2024 17:48:40 GMT
cache-control: public, max-age=31536000
age: 184363
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.170 1.4 kB URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.170:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 01 May 2023 21:01:23 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Mon, 01 May 2023 21:01:23 GMT
set-cookie: NID=511=L52wZQCwliHFrW22F8LC_vpnMMt3eU2rZspHpcXHnIPa16BqZTo6M3kemId3YRL5aCiwCyMSAfRTs7o5nm0yCIDqiBUquOWXwrCVGVJ09tKu2UXyA23fA-RvxSYNqS3Whn8KQndgUMkxRod-hxAWJ12_TWq_g_bUgUbGyrh6gTY; expires=Tue, 31-Oct-2023 21:01:23 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+099; expires=Wed, 30-Apr-2025 21:01:23 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
citi-now.com/images/favicon.png
192.3.204.226200 OK 6.2 kB URL GET HTTP/1.1 citi-now.com/images/favicon.png
IP 192.3.204.226:443
ASN #36352 AS-COLOCROSSING
Certificate IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT
File type PNG image data, 180 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 484d515408b873065b57fef1d836e0ee
eaaacaa5b471531cfa9ff1754372c76c7c200dd0
3006ed3c5349e708fad40e5b975326f872a84fd9898056ebe781826ab094923a
GET /images/favicon.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:23 GMT
Server: Apache
Last-Modified: Tue, 18 Apr 2023 10:40:03 GMT
Accept-Ranges: bytes
Content-Length: 6166
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.193.229200 OK 41 kB URL GET HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.193.229:443
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (32014)
Hash fdd0a7a58b37d9f155cc7fa6b00200e0
1b3253a11da97aea90eed315a7169d23e8b373d8
e8823739e5e8b0492c9e444cbe0ed35489984efca1143a9f9ab23552a2dd45ca
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Mon, 01 May 2023 21:01:25 GMT
age: 2397776
x-served-by: cache-fra-eddf8230136-FRA, cache-bma1666-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/642b759ae8c/css/min-widget.css
104.22.25.131200 OK 46 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/css/min-widget.css
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (24880), with no line terminators
Hash 7fb5e8e265e8c9455cc902bfa8ee33dd
101e563c3486cc4278fc8266dfa71276aa6b477a
e355c27bd12ebd7f71b6d0cbe444a15d43ba47c080fed0e616c78ab319172cdc
GET /_s/v4/app/642b759ae8c/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24960
access-control-allow-origin: *
etag: W/"80df9814fe6b98404ccc1df3c455ceaa"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a76c941c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226 1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash a3c01be61343914a820fe743af2064e3
0a262370f7d632f0731acde621d550b577659dec
7236f4e14e2424d7951db3d49cb07dbe7247decadf0f9280288e68db79685c45
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:25 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6A5625BDB718B4CC2FA77BD4B51010F8399B680E"
Expires: Tue, 02 May 2023 08:00:00 GMT
Last-Modified: Mon, 01 May 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 956
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c0af5a8ac88b4fa-OSL
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js
104.22.25.131200 OK 6.4 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e588453b57ea58c8b078fb8ea35a28fb
07fadaf5f204325503529f5bf2327237a96ed450
d5500c8bd6334df92b6d5d2d18bee5a96613a404e14f6654ecc3e40f641697fe
GET /_s/v4/app/642b759ae8c/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:23 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e2f880b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maps.googleapis.com/maps-api-v3/api/js/53/1a/common.js
142.250.74.170200 OK 62 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/53/1a/common.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (580)
Hash 87e57c072298800a1dc9be9dc5dc4d1d
2340e799040f6f4424a7b14d2b1a3d5c3238e56f
e7e244bee8ca974df46485d2a53046fdf736300d853549dc25d61e33d4854804
GET /maps-api-v3/api/js/53/1a/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: maps.googleapis.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 61543
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Apr 2023 19:00:50 GMT
expires: Thu, 25 Apr 2024 19:00:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 25 Apr 2023 19:09:52 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 439236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/53/1a/util.js
142.250.74.170200 OK 53 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/53/1a/util.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (564)
Hash 49d86568bfb4df31d61632deb3b137dc
4a8dff430bd28e439b37cb850915f1b97ae0c284
6897bb42f8ecd556157bdaf3310afd9611aea583fb3d9838695670ddb01879e8
GET /maps-api-v3/api/js/53/1a/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: maps.googleapis.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 52758
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Apr 2023 19:00:50 GMT
expires: Thu, 25 Apr 2024 19:00:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 25 Apr 2023 19:09:52 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 439236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
142.250.74.170 0 B URL translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP 142.250.74.170:0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Referer: https://citi-now.com/
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://citi-now.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
content-type: text/plain; charset=UTF-8
date: Mon, 01 May 2023 21:01:33 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+694; expires=Wed, 30-Apr-2025 21:01:33 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 May 2023 21:01:33 GMT
cache-control: private
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
142.250.74.170 131 B URL translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP 142.250.74.170:0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Encoding: gzip
Content-Type: application/binary
Content-Length: 208
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://citi-now.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 01 May 2023 21:01:33 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+329; expires=Wed, 30-Apr-2025 21:01:33 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 May 2023 21:01:33 GMT
embed.tawk.to/_s/v4/app/642b759ae8c/css/bubble-widget.css
104.22.25.131200 OK 14 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/css/bubble-widget.css
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (13521), with no line terminators
Hash 950518e32fd92957181f766f08d3cf98
9fe20c86b818d3576e9d70e6ed091964cb8b7427
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
GET /_s/v4/app/642b759ae8c/css/bubble-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=13594
access-control-allow-origin: *
etag: W/"ce7913b80c763449b3895d46419f7a6b"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2316304
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a70be41c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js
104.22.25.131200 OK 74 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 89188756a8e20dbd2b0140c3c94ed26a
d40d9d3d3201e27e8fee34e48a6b57b4266b0618
023077d134c53a612af90efdbf65f7ae210b74cb3fd1148998efa4582d151978
GET /_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"89188756a8e20dbd2b0140c3c94ed26a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316595
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a7d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js
104.22.25.131200 OK 546 B URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (568), with no line terminators
Hash c1956a61d95d03bd8abc011c705c7d3b
a5b060fabc618729ee1a9ef49059995689d19f0c
f0525a8cf45170ef8b8a6d646d23d142c2fce17134a5800dd49893a5c5e781d2
GET /_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"09c3819d373bd4178a620d721429fada"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2256457
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a761c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/css/message-preview.css
104.22.25.131200 OK 38 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/css/message-preview.css
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (38135), with no line terminators
Hash f1216623b93f4cee059c5617354220b2
57bde0e4098faebd89c3581167b761c0ac450edb
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
GET /_s/v4/app/642b759ae8c/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=38268
access-control-allow-origin: *
etag: W/"949ecc85ac578750ec9a03e5680f7b0e"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a76c991c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
va.tawk.to/log-performance/v3
104.22.25.131200 OK 0 B URL OPTIONS HTTP/3 va.tawk.to/log-performance/v3
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citi-now.com/
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
x-served-by: visitor-application-preemptive-dpgb
access-control-allow-origin: https://citi-now.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5aaf84e1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/615784c8d326717cb684536a/1fguttcga
104.22.25.131200 OK 2.1 kB URL GET HTTP/2 embed.tawk.to/615784c8d326717cb684536a/1fguttcga
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2310), with no line terminators
Hash 3505f9479228534bfa20b5da5b1fc2b0
5530237772b1ef94a93f76f8b275ff09cc4bd386
356076a52d9cfd8a12b9c6347fd0831f21ed8b4837d3711ee4e8a6801db40ba7
GET /615784c8d326717cb684536a/1fguttcga HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:22 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-642b759ae8c"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af595fe270b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
va.tawk.to/v1/session/start
104.22.25.131200 OK 986 B URL POST HTTP/3 va.tawk.to/v1/session/start
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1070), with no line terminators
Hash 621ed68f988e8d75e7848f31516d6114
35c8a4803e8f94982ec7317c85eb6b66f9ec1e7f
ce742703f95a5f647d7dd4e4a7297ebb2d9bdcdac2a03e7ab2bf37dc22315d67
POST /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citi-now.com/
Content-Type: application/json; charset=utf-8
Content-Length: 174
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-dpgb
access-control-allow-origin: https://citi-now.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a36ec11c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js
104.22.25.131200 OK 11 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (11056), with no line terminators
Hash a92075fd9ac5ba130387a80453676099
4b5b13cf9479b8311d574356e53f8da74200c57a
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
GET /_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a92075fd9ac5ba130387a80453676099"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a781c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js
104.22.25.131200 OK 942 B URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (992), with no line terminators
Hash 6363f547762d97e2dad37d15550527e7
761e6ff070f211fa601c9d1be21658da20e95ce8
bf85cf3737bca26569763313dcadec3362aa4ec45de16247c0c18fb2c79fa969
GET /_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a741c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/css/max-widget.css
104.22.25.131200 OK 76 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/css/max-widget.css
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash bb5f3f8136ec2154b73c02604fe6bd01
7b63db15a7fd9e9eecf8d3aaeb1d5daf33e5b173
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
GET /_s/v4/app/642b759ae8c/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=75771
access-control-allow-origin: *
etag: W/"0158db159e8967dbda5865ed6b2e435d"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a76c9d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js
104.22.25.131200 OK 211 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Size 211 kB (211420 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"27a109773b0fdd12c9737166eb5719c2"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f950b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js
104.22.25.131200 OK 2.3 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2349), with no line terminators
Hash 8d3ced0b56bcac30ac462b815cdeebaa
57271fbe4fb8ea407f415ecdc6614a567bed6fc4
f53e05fd2b57660aa6539fdf6074fe8d4e020bd4d9ff0afba57f6d5d39fd6aea
GET /_s/v4/app/642b759ae8c/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:23 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"cbcaf94cf2c68654c23d2fa971522e9e"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f9a0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js
104.22.25.131200 OK 7.1 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (7672), with no line terminators
Hash 07edfe7c995ad4ca565536abad5e51b0
80655f9a2d723533f8aa078d0684129994413c4a
b097fab7910c102705d91197e16f1175fe039e6740e6f79693df820708139a1b
GET /_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a64a4e1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
va.tawk.to/v1/session/start
104.22.25.131200 OK 0 B URL OPTIONS HTTP/3 va.tawk.to/v1/session/start
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citi-now.com/
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
x-served-by: visitor-application-preemptive-tr8r
access-control-allow-origin: https://citi-now.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a24b5ab529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
va.tawk.to/log-performance/v3
104.22.25.131200 OK 5 B URL POST HTTP/3 va.tawk.to/log-performance/v3
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 38a8a3e3b4b6a6e4f295b2e0f899b1f0
474f5fac3d23afbaf16c5a31c98dfcd956e4c186
7652c7891ed06bce4174ab00a6ee9721daf6a4286929213ecb7daf42cd866615
POST /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citi-now.com/
Content-Type: application/json; charset=utf-8
Content-Length: 95
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-1p29
access-control-allow-origin: https://citi-now.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5abf9391c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
vsb29.tawk.to/s/?k=645028a45625d7d34e1c4628&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEiLCJ2aWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEtVDRHNk1NU2txSHQyb1FtdjVMWVpsIiwic2lkIjoiNjQ1MDI4YTQ1NjI1ZDdkMzRlMWM0NjI4IiwiaWF0IjoxNjgyOTc0ODg0LCJleHAiOjE2ODI5NzY2ODQsImp0aSI6Ik9DYnFrdjJEMjhrYTFRSnJhSWp4ciJ9.W-SZ5A-WSaHLivtaTz3ICnjFFaEXFuNFSwJVOBEvYZSJhHVKwqRObkrFXxI7TdD9_ZsUvpcYF6hc7Cysfy6HVw&EIO=3&transport=websocket&__t=OVP7iwl
172.67.38.66101 Switching Protocols 0 B URL GET HTTP/1.1 vsb29.tawk.to/s/?k=645028a45625d7d34e1c4628&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEiLCJ2aWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEtVDRHNk1NU2txSHQyb1FtdjVMWVpsIiwic2lkIjoiNjQ1MDI4YTQ1NjI1ZDdkMzRlMWM0NjI4IiwiaWF0IjoxNjgyOTc0ODg0LCJleHAiOjE2ODI5NzY2ODQsImp0aSI6Ik9DYnFrdjJEMjhrYTFRSnJhSWp4ciJ9.W-SZ5A-WSaHLivtaTz3ICnjFFaEXFuNFSwJVOBEvYZSJhHVKwqRObkrFXxI7TdD9_ZsUvpcYF6hc7Cysfy6HVw&EIO=3&transport=websocket&__t=OVP7iwl
IP 172.67.38.66:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/?k=645028a45625d7d34e1c4628&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEiLCJ2aWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEtVDRHNk1NU2txSHQyb1FtdjVMWVpsIiwic2lkIjoiNjQ1MDI4YTQ1NjI1ZDdkMzRlMWM0NjI4IiwiaWF0IjoxNjgyOTc0ODg0LCJleHAiOjE2ODI5NzY2ODQsImp0aSI6Ik9DYnFrdjJEMjhrYTFRSnJhSWp4ciJ9.W-SZ5A-WSaHLivtaTz3ICnjFFaEXFuNFSwJVOBEvYZSJhHVKwqRObkrFXxI7TdD9_ZsUvpcYF6hc7Cysfy6HVw&EIO=3&transport=websocket&__t=OVP7iwl HTTP/1.1
Host: vsb29.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://citi-now.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MwXxdRTxhT74b/AKDjuGjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 01 May 2023 21:01:25 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: zmijxkIETUVsRcx6oN7HUErDVw0=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7c0af5a70a20b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Montserrat
142.250.74.106200 OK 1.9 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Montserrat
IP 142.250.74.106:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (1898), with no line terminators
Hash df8350be8a9bbf4160d438ba239906d0
51ff94a484fc167f11d5f8864ca24cd7312ff284
f08e7a512fd488ab2194c9d57e3553122e183f36deaafd4a56e3f212735212b9
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 01 May 2023 21:01:18 GMT
date: Mon, 01 May 2023 21:01:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js
104.22.25.131200 OK 197 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65466)
Size 197 kB (197429 bytes)
Hash a9acef5db79df87d4a97ef0644902d48
e12501304cdddd5f1beee918c68284eadde212e7
cf838191c065eb8a98b4c32690462d2828259c796c95157a27cfcd3df9dc71ed
GET /_s/v4/app/642b759ae8c/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a9acef5db79df87d4a97ef0644902d48"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f970b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
va.tawk.to/v1/widget-settings?propertyId=615784c8d326717cb684536a&widgetId=1fguttcga&sv=undefined
104.22.25.131200 OK 2.8 kB URL GET HTTP/3 va.tawk.to/v1/widget-settings?propertyId=615784c8d326717cb684536a&widgetId=1fguttcga&sv=undefined
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (3283), with no line terminators
Hash dcf414592f92a03ee5bfbaf88d80537f
d0b6612b55f79ee433a05af8f48415831c4c8d5d
9b9d2e567f02c7165e57a87567b96845a793b9b7e7288f1000ab872447976c77
GET /v1/widget-settings?propertyId=615784c8d326717cb684536a&widgetId=1fguttcga&sv=undefined HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citi-now.com/
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-dpgb
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-12-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a22afeb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js
104.22.25.131200 OK 17 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (16814), with no line terminators
Hash 3fd68b27902043cbf7d50fa19809babb
c3cf7276b06a8232edf73734d91813d46cdfdb09
1017110c7ff8f11157f5189d5bf4921401b313563af4b250163628c4fc5f26d5
GET /_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"3fd68b27902043cbf7d50fa19809babb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a64a531c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js
104.22.25.131200 OK 78 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_s/v4/app/642b759ae8c/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:23 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f930b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js
104.22.25.131200 OK 151 B URL GET HTTP/2 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 04a9862af6efaf787bc8fb8e99ba6987
a57bb8f258eb1a60dc3b288a608ad8ef9fbecef3
ecc74c329a700e3e6ca29aed5ffe3c166cf39670c8b11573fa7f837f79a71b5c
GET /_s/v4/app/642b759ae8c/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:23 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f9b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js
104.22.25.131200 OK 17 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with CRLF, LF line terminators
Hash 585ba00b2c167b90c210161454f843b5
89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
GET /_s/v4/app/642b759ae8c/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"585ba00b2c167b90c210161454f843b5"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a619f91c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js
104.22.25.131200 OK 10 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (10469), with no line terminators
Hash a902d29bb2d86f4de3feae8e697eed5a
87ddb488d60df982c5a55a15e62d59c1044c2ab0
7979ef8653d67f3fa9dd237e08a359371ae1f541e62ec2b135364a0969ca7f8f
GET /_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a902d29bb2d86f4de3feae8e697eed5a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316304
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a65a6a1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
104.22.25.131200 OK 22 kB URL GET HTTP/3 embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (22356), with no line terminators
Hash f66e029841759471d2ec78b86760dca7
d9db67738984efee3dd63cb144759ac0521c7dda
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
GET /_s/v4/assets/images/attention-grabbers/168-r-br.svg HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: image/svg+xml
age: 1094853
last-modified: Sat, 22 May 2021 07:25:19 GMT
etag: W/"f66e029841759471d2ec78b86760dca7"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a75c911c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.110200 OK 80 kB URL GET HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.110:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT
File type ASCII text, with very long lines (2474)
Hash 9c6a1566d293aedb243b8c546db6cdda
105e7c03fd45a7c40e46f0b968f176d916361774
8882a21124e6665377454ed9c97b4989d0c036b89cfeee461e86526cb329f547
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 May 2023 21:01:18 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+119; expires=Wed, 30-Apr-2025 21:01:18 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js
104.22.25.131200 OK 16 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js
IP 104.22.25.131:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (15846), with no line terminators
Hash 0d3d21546a441253c44a8c1d274a485a
721f9007bf8fb314d6c6506bf837dc6fe573e684
ce6eb52e07dc8dfb25e967feffbb8a20d4a4c9a31c99ab9a1b410253a3082a26
GET /_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"0d3d21546a441253c44a8c1d274a485a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a721c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Roboto:100,100i,300,400,400i,500,500i,700
142.250.74.106200 OK 17 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:100,100i,300,400,400i,500,500i,700
IP 142.250.74.106:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
Hash c5f503f11f59b36dfc484910d0982e15
f1c5d6f7ab57d67d37b457b71006522cab18659c
86bd71b2c17cc55778ffd19acc5e949a99ab44cd8a55d55097706e7148c15abf
GET /css?family=Roboto:100,100i,300,400,400i,500,500i,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 01 May 2023 21:01:18 GMT
date: Mon, 01 May 2023 21:01:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2