Report - citi-now.com/

Report Overview

Submitted URL
citi-now.com/
IP
192.3.204.226
ASN
#36352 AS-COLOCROSSING
Submitted
2023-05-01 21:01:37
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
12
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-01	2.1 kB	68 kB	216.58.207.227
translate.googleapis.com	1005	2005-01-25	2012-05-31	2023-05-01	1.7 kB	78 kB	142.250.74.170
embed.tawk.to	8650	unknown	2014-03-19	2023-05-01	9.4 kB	859 kB	104.22.25.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-01	877 B	20 kB	142.250.74.106
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-05-01	842 B	63 kB	142.250.74.170
maps.googleapis.com	33876	2005-01-25	2019-10-17	2023-05-01	1.8 kB	180 kB	142.250.74.170
vsb29.tawk.to	113653	unknown	2020-04-04	2023-04-28	1.1 kB	441 B	172.67.38.66
translate.google.com	1156	1997-09-15	2012-05-30	2023-05-01	441 B	80 kB	142.250.74.110
va.tawk.to	8297	unknown	2017-01-30	2023-05-01	2.5 kB	6.7 kB	104.22.25.131
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-01	4.3 kB	9.1 kB	142.250.74.131
col.eum-appdynamics.com	2199	2013-04-16	2013-07-18	2023-04-30	1.9 kB	113 B	44.238.78.108
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2023-05-01	520 B	2.3 kB	142.250.74.170
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-05-01	358 B	1.9 kB	104.18.21.226
citi-now.com	unknown	2023-04-06	2023-04-06	2023-05-01	34 kB	4.5 MB	192.3.204.226
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-01	2.1 kB	11 kB	142.250.74.35
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-05-01	419 B	42 kB	151.101.193.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-01 21:01:24	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:24	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:24	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:24	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:26	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:26	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:26	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:26	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:27	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:27	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:27	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-05-01 21:01:27	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-01	medium	citi-now.com/
2023-05-01	medium	citi-now.com/
2023-05-01	medium	citi-now.com/cdn.weglot.com/weglot.min.js
2023-05-01	medium	citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
2023-05-01	medium	citi-now.com/1.12.4/jquery.min.js
2023-05-01	medium	citi-now.com/js/waypoints.min.js
2023-05-01	medium	citi-now.com/js/jquery.filterizr.min.js
2023-05-01	medium	citi-now.com/js/wow.min.js
2023-05-01	medium	citi-now.com/js/filterizer-controls.js
2023-05-01	medium	citi-now.com/js/bootstrap.min.js
2023-05-01	medium	citi-now.com/js/owl.carousel.min.js
2023-05-01	medium	citi-now.com/js/fakeLoader.min.js
2023-05-01	medium	citi-now.com/js/scrolltopcontrol.js
2023-05-01	medium	citi-now.com/js/bootstrap-4-navbar.js
2023-05-01	medium	citi-now.com/inc/lightbox/js/jquery.fancybox.pack.js
2023-05-01	medium	citi-now.com/js/map.js
2023-05-01	medium	citi-now.com/js/jquery.sticky.js
2023-05-01	medium	citi-now.com/js/jquery.counterup.min.js
2023-05-01	medium	citi-now.com/js/jquery.magnific-popup.min.js
2023-05-01	medium	citi-now.com/js/color-switcher.js
2023-05-01	medium	citi-now.com/js/color-switcher-active.js
2023-05-01	medium	citi-now.com/inc/lightbox/js/lightbox.js
2023-05-01	medium	citi-now.com/js/custom.js
2023-05-01	medium	citi-now.com/js/toastr.js
2023-05-01	medium	citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
2023-05-01	medium	citi-now.com/js/sweetalert.js
2023-05-01	medium	citi-now.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
2023-05-01	medium	citi-now.com/fonts/icomoon87f487f487f487f4.ttf
2023-05-01	medium	citi-now.com/fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html
2023-05-01	medium	citi-now.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js
2023-05-01	medium	citi-now.com/js/jquery.bxslider.min.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (58)

	URL	Size	First Seen	Last Seen
	citi-now.com/js/jquery.filterizr.min.js	12 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/jquery.filterizr.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen316 Hash 5eb0077b399d38f31eef66c00d150980 014c05a2ca80b0066631dc8e48267ddb4bbfc057 03c9a5d09cf0714352a12a9233626ec69367822b520550955bd7bab074f11a09 Loading...

	citi-now.com/js/jquery.bxslider.min.js	19 kB	2023-03-07	2024-05-08
Pretty URL citi-now.com/js/jquery.bxslider.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:02 Last Seen2024-05-08 11:54:23 Times Seen1016 Hash 7658757f3908f59389898e30f4de4067 f8f94befddf4def914df3fae70d106fc525819a0 7bc204a8009323811c2888323b9626d4417b02358aab7fdfabdcf0153385c621 Loading...

	citi-now.com/	151 B	2023-03-07	2024-05-09
Pretty URL citi-now.com/ IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:07 Last Seen2024-05-09 18:20:39 Times Seen733 Hash 0cb796ac99f11a254d9e9f15ce0b9870 51bb8503b7fe625b14146193a4f31ac85a3fb738 b190352728af320b263b7d46746b52165e46b8ecb82ce2500dff740540bc6f76 Loading...

	citi-now.com/_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_conf	80 kB	2023-05-01	2023-05-01
Pretty URL citi-now.com/_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-01 23:01:47 Last Seen2023-05-01 23:01:47 Times Seen2 Hash 9c6a1566d293aedb243b8c546db6cdda 105e7c03fd45a7c40e46f0b968f176d916361774 8882a21124e6665377454ed9c97b4989d0c036b89cfeee461e86526cb329f547 Loading...

	citi-now.com/js/filterizer-controls.js	593 B	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/filterizer-controls.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen298 Hash 09092616c6c92eadf3ac73e85dbbcfb0 b7e28ee5a4cc047b4d5d196c22b24eedf5c58dc1 da484791ac65c3a3c67de883ccbc8b6a651ec08b85df451913a8870b0fe2facc Loading...

	citi-now.com/js/color-switcher-active.js	881 B	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/color-switcher-active.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen288 Hash f1da354bd0f4d3927aff85ca576021c5 97dca7530fc9992c86ebefb3b75c2c1edfb9181c 653ae2847222b2f5ae9232037834859823c7548f8fb6434b33c24bc9805068dc Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_main	217 kB	2023-04-28	2023-05-02
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_main IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 01:44:06 Last Seen2023-05-02 01:25:36 Times Seen130 Hash ae790e055724d26a6effa65adbd4e059 8472016ea555984d66117dc7c69eb9503652ca7f 76c29d1de2d538fd885a76bdc690da3b3acac779e50093b5b4953d9c5227512d Loading...

	maps.googleapis.com/maps-api-v3/api/js/53/1a/util.js	168 kB	2023-04-26	2023-05-03
Pretty URL maps.googleapis.com/maps-api-v3/api/js/53/1a/util.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-26 21:24:55 Last Seen2023-05-03 22:44:33 Times Seen934 Hash 1287829807f8b0260c56c1ac110f6825 fffe1c519b563d18fb37802ec62f9e141ebe6001 000b0a8faef3f22a0214df4a9354a3518be73922682c271b253a5cd4ca7e4ddc Loading...

	citi-now.com/	1.0 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/ IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:38:59 Last Seen2024-05-02 10:32:00 Times Seen359 Hash b0ee026917c32e8a6da66642d9460cd2 e3291127132eb79427ad5d0792e7e93bbfc4cb41 60735758c186f54b2843614e83be903067a0a03d9feb85b26bc382a19cde058c Loading...

	citi-now.com/	125 B	2023-03-07	2024-05-02
Pretty URL citi-now.com/ IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:54 Times Seen133 Hash 7a0d852373c111de4ced8bd78baf1659 6d19de969c2456ce2b7342b5c8c4093549abca85 0e9bd4ca792c8431012e9ca8efcbc9fa0dbac0cdae75eed27bfa15def69a85d9 Loading...

	citi-now.com/inc/lightbox/js/jquery.fancybox.pack.js	23 kB	2023-03-07	2024-05-10
Pretty URL citi-now.com/inc/lightbox/js/jquery.fancybox.pack.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:46 Last Seen2024-05-10 21:02:41 Times Seen889 Hash 0ca8cd384931d74c4b6a9f592e987f69 ae6318aeb62ad4ce7a7e9a4cdacd93ffb004f0fb 2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525 Loading...

	citi-now.com/js/sweetalert.js	41 kB	2023-03-07	2024-05-10
Pretty URL citi-now.com/js/sweetalert.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:31 Last Seen2024-05-10 17:40:30 Times Seen7564 Hash f3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js	121 B	2023-03-07	2024-05-10
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-10 20:34:34 Times Seen46097 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js	10 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:52:01 Last Seen2023-12-01 20:53:28 Times Seen5573 Hash a902d29bb2d86f4de3feae8e697eed5a 87ddb488d60df982c5a55a15e62d59c1044c2ab0 7979ef8653d67f3fa9dd237e08a359371ae1f541e62ec2b135364a0969ca7f8f Loading...

	citi-now.com/js/jquery.counterup.min.js	1.1 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/jquery.counterup.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen311 Hash 465906f7e86adf960de5784a9cdb40fb 124337b64842cb55e7d480f99a83159ac6104d58 05231ca1268f3f7b2cdbc4daba734e7718a03a0ffaf79cb376bc5a49d85bbdfb Loading...

	citi-now.com/js/owl.carousel.min.js	43 kB	2023-03-07	2024-05-09
Pretty URL citi-now.com/js/owl.carousel.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-05-09 18:00:12 Times Seen1704 Hash 56b28ad35f1816c6894b14190a0a006d 967ceaa9e6f67e636d818f42b4d5d15c7a4a254e b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd Loading...

	citi-now.com/js/map.js	2.1 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/map.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:45 Last Seen2024-05-02 22:46:55 Times Seen272 Hash 074d18a20690c9e786a7e8ea5c505067 f7d4d1717a6f83b912ded783212799555a730dfe ac463348ed7518f3e8482361b2efdfaf6ec5cfcf907b8b37795f522280b59cbd Loading...

	citi-now.com/	852 B	2023-03-08	2024-03-29
Pretty URL citi-now.com/ IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 22:47:56 Last Seen2024-03-29 06:27:22 Times Seen90 Hash 0aee47eebb1c44dbf43eee9717de55d8 6b95093ef2eabbb6f1c9e15c00c20347169bde20 fe991a5a146532a3f08910933b6d87d4a98e2a282a30bf243a3083e6ae8aec73 Loading...

	cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js	303 kB	2023-04-05	2024-05-10
Pretty URL cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:38 Last Seen2024-05-10 19:26:21 Times Seen59204 Hash 7bb7aac0cac89a90304af1c72eb4f50d 729f6f8ca5787d89743b0ed7eb27fd76406bf985 f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b Loading...

	maps.googleapis.com/maps-api-v3/api/js/53/1a/common.js	279 kB	2023-04-26	2023-05-03
Pretty URL maps.googleapis.com/maps-api-v3/api/js/53/1a/common.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-26 21:24:55 Last Seen2023-05-03 22:44:33 Times Seen935 Hash 9faf241dc30c968fae1b9b497528d989 a1ab0c4c723be5a14f84904552e6979577066bf1 866efe7677d4f7a5c61230aeb4b7c6ce2ccf58e7a778d1bfb113a8ee1326808b Loading...

	citi-now.com/js/fakeLoader.min.js	2.2 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/fakeLoader.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen311 Hash fbbc2dce21db4ede54f377af673a14e4 6744ee1c09c777c03dd645e1feef863bef36afe0 019ac00d99daed25891f79aa2560c46ea37cd3a263a21b5c0ee4c9e14cfabd89 Loading...

	citi-now.com/js/toastr.js	8.0 kB	2023-03-08	2024-03-29
Pretty URL citi-now.com/js/toastr.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:47:56 Last Seen2024-03-29 06:27:22 Times Seen168 Hash b8309849622865e0321015ec2482645d 5ee2d93004b15046be73afc88d29d0b780d165bd 3bffa2cee14e483c528eeade0e59f4705555bf047c2400b0bf9fda105129b638 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js	151 B	2023-03-07	2024-05-10
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-05-10 20:34:30 Times Seen46770 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	citi-now.com/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/bootstrap.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2024-05-02 22:46:55 Times Seen419 Hash 95697eefe013ce1a1e69c14105d09696 7fcbfe254ff0b171b13c21c7a86d4db5a32fa676 44a7e1e6e7f4f6ad49f162ce33dfd72f05d3162e150415b7ac9cefba8d51acc1 Loading...

	citi-now.com/js/color-switcher.js	2.4 kB	2023-03-07	2024-05-08
Pretty URL citi-now.com/js/color-switcher.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:45 Last Seen2024-05-08 00:22:48 Times Seen275 Hash 07e0e829a35fa6e171ca38846cfcfde6 c038677cc1072e2df4b2a1d8997bdfb41da44590 45312d094380e813ad3ccef98fbce8734a737fd9b6c9a520b7b0c915a9f652df Loading...

	citi-now.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js	724 kB	2023-03-09	2024-03-29
Pretty URL citi-now.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:05:47 Last Seen2024-03-29 06:27:22 Times Seen165 Hash 7d95abe64f17c7a573ff60dd644a1e43 ff29e996be8195af48eeef617b5c6a20c77dafc1 ca9fb3233fb99405b67fb2770c2b1860f03db4275c790dcd181e58ce5f60288f Loading...

	citi-now.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js	38 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:45 Last Seen2024-05-02 22:46:55 Times Seen255 Hash af2968fceb7f237e56363e001bbf407f 245b56bf8b91af47031b8f1141c59979429dc039 d43a868701070b5ce6966b7000acb506c8b519635e284b4f824e26b63b2b444a Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js	16 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:39 Last Seen2023-12-01 20:53:29 Times Seen9441 Hash 0d3d21546a441253c44a8c1d274a485a 721f9007bf8fb314d6c6506bf837dc6fe573e684 ce6eb52e07dc8dfb25e967feffbb8a20d4a4c9a31c99ab9a1b410253a3082a26 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	citi-now.com/js/bootstrap-4-navbar.js	1.1 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/bootstrap-4-navbar.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen306 Hash 19692f564401574998529b3fc97e08ce 1b790552a374ea3a7856ecd1fb147e695275ed8c 00b8431e30ab00475d6c7050e50b9bc2538689894048107875e3416dbe8817b0 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-11 02:29:08 Times Seen110612 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	citi-now.com/js/jquery.magnific-popup.min.js	20 kB	2023-03-07	2024-05-10
Pretty URL citi-now.com/js/jquery.magnific-popup.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-05-10 19:00:14 Times Seen6080 Hash b37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js	17 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:38 Last Seen2023-12-01 20:53:29 Times Seen9715 Hash 3fd68b27902043cbf7d50fa19809babb c3cf7276b06a8232edf73734d91813d46cdfdb09 1017110c7ff8f11157f5189d5bf4921401b313563af4b250163628c4fc5f26d5 Loading...

	citi-now.com/inc/lightbox/js/lightbox.js	1.4 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/inc/lightbox/js/lightbox.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen300 Hash 518c953f31f7299691a1621b803cbf44 b26b64be947c86d14cbafc10de84149c462ed8bf b537a80c14d7d295dc304619d62df5605d71b93b9783cf9368a8df14e9ec5598 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js	2.3 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:39 Last Seen2023-12-01 20:53:28 Times Seen5768 Hash cbcaf94cf2c68654c23d2fa971522e9e 0a49ffb52df638c073a059823136a909eebe1bae 164c3cba5ce1923d067d50221c35e4c17508356b1a4dd1eaf3aa34ab85c3567a Loading...

	citi-now.com/	379 B	2023-03-07	2024-05-02
Pretty URL citi-now.com/ IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen175 Hash e9a532e0c50d86e2635456d5340d53e3 3c0a38464b4fdde1b728302ba2929d6bd1d917bc c87d95b6678b92ba0013516fea63f1ba8b23a89abb7bf698730d6abda7d838dc Loading...

	citi-now.com/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-05-10
Pretty URL citi-now.com/1.12.4/jquery.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2024-05-10 23:10:36 Times Seen2328 Hash 618538b4ab9639d444e962729a927f15 dacc1f76630a9708add066819b1aabf8dce01056 27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe Loading...

	embed.tawk.to/615784c8d326717cb684536a/1fguttcga	2.1 kB	2023-05-01	2023-05-31
Pretty URL embed.tawk.to/615784c8d326717cb684536a/1fguttcga IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-01 23:01:47 Last Seen2023-05-31 09:30:42 Times Seen7 Hash 897edeb274a853f64626fedc9908d920 b44011615e1fd7d432e8b266dd14961f9d435a01 058210bbc1e97975b4220c87a4ddfdf8dc43c0843c30381c7f11791763345a1a Loading...

	citi-now.com/js/waypoints.min.js	8.1 kB	2023-03-07	2024-05-09
Pretty URL citi-now.com/js/waypoints.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:57 Last Seen2024-05-09 10:01:02 Times Seen2559 Hash 4fe14337a62d710389f42e8a5d1043f7 5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5 069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf Loading...

	citi-now.com/js/jquery.sticky.js	9.5 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/jquery.sticky.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:45 Last Seen2024-05-02 22:46:55 Times Seen290 Hash bb9e65fc3638c9c96ab909c51882b0a6 9109c4c710cfaf3be7fba3b12b348a79262e4923 8a0fb587e2399fa57291795510001b9e5de7b0c6f8ee097ded2e7a66ad149492 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	citi-now.com/	334 B	2023-03-12	2024-01-26
Pretty URL citi-now.com/ IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 15:04:55 Last Seen2024-01-26 00:40:33 Times Seen23 Hash beabc35222e5a16fcdf952ec0b46fafb 9fa857afe8fe5d7705825c76ba48b4a274f3aec9 702efed0617b907085810534a56763c0efcb9d334bb173a7c0428c664ad3b50c Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	citi-now.com/cdn.weglot.com/weglot.min.js	48 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/cdn.weglot.com/weglot.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:45 Last Seen2024-05-02 22:46:55 Times Seen257 Hash 4f2efd52c68e5a56f2317f9b5ed22704 25bfc4447fe2cd7da24f94195b8ac0ea0c5f067c 9d88bb54b2b3656afa6dcb8edca86757929e05d3faabe5c0c08a474750615ab9 Loading...

	citi-now.com/js/wow.min.js	8.4 kB	2023-03-07	2024-05-10
Pretty URL citi-now.com/js/wow.min.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-05-10 19:00:14 Times Seen1549 Hash e1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js	211 kB	2023-03-25	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:39:38 Last Seen2023-12-01 20:53:29 Times Seen8603 Hash 27a109773b0fdd12c9737166eb5719c2 8977473ceb692a49bac7a9a3c010d82c48857995 abd9f756ab6f8d858e73f4b8d8194ed99333d58fcadafbb50cac353fbaf9a03f Loading...

	citi-now.com/	264 B	2023-03-07	2024-03-29
Pretty URL citi-now.com/ IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:42:10 Last Seen2024-03-29 06:27:22 Times Seen102 Hash 1e0625d5c6d365e5db5c9081315badbc 3353fbb8dbb85a3f936a40320817faa49e18b988 6d79a22566f07530402bfc8b87289129e8f3376b2dcde223196b57f7c4bdf7a4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-11 01:51:41 Times Seen97921 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	citi-now.com/js/scrolltopcontrol.js	3.8 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/scrolltopcontrol.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen301 Hash a4b429f9967aa1c8266040f0c3a8af06 68ded267a97e354b790812e7621e6b0cdbf1d1b1 8fa3dcf37f804c3ff9d561fedf2fefece267e4a18ac47a14d5aab0028870a8c0 Loading...

	citi-now.com/js/custom.js	6.1 kB	2023-03-07	2024-05-02
Pretty URL citi-now.com/js/custom.js IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:07 Last Seen2024-05-02 22:46:55 Times Seen303 Hash c4591e618ff24176ccec82f552b9330c 36daaa5a527140f997f00161d62effd6fe01371b ecc579c8a5c04b1c2fe74efd57f9e6942bc960fe1121e2915b9193f4e1bd7e67 Loading...

	maps.googleapis.com/maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0	193 kB	2023-05-01	2023-05-01
Pretty URL maps.googleapis.com/maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0 IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-01 23:01:47 Last Seen2023-05-01 23:01:47 Times Seen2 Hash cab2f77aa7958e69f0f58acf0e31790f f6ab93a96a19f6d61db949e9db0d660eb0eb835c 0741b0e863ebd514dfa39afae2fc5d8b5c6f945e4ca872a4002d51eaa5869e18 Loading...

	citi-now.com/	0 B	2023-03-07	2024-05-11
Pretty URL citi-now.com/ IP 192.3.204.226 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 02:33:16 Times Seen37534080 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js	197 kB	2023-04-05	2023-06-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:38 Last Seen2023-06-01 10:45:51 Times Seen10687 Hash a9acef5db79df87d4a97ef0644902d48 e12501304cdddd5f1beee918c68284eadde212e7 cf838191c065eb8a98b4c32690462d2828259c796c95157a27cfcd3df9dc71ed Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js	74 kB	2023-04-05	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:49:39 Last Seen2023-12-01 20:53:29 Times Seen9574 Hash 89188756a8e20dbd2b0140c3c94ed26a d40d9d3d3201e27e8fee34e48a6b57b4266b0618 023077d134c53a612af90efdbf65f7ae210b74cb3fd1148998efa4582d151978 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 01cece45c90a71db7d3616eb1b64ee64	724 B	2023-03-07	2024-05-09
Pretty Observations First Seen2023-03-07 01:10:28 Last Seen2024-05-09 18:20:39 Times Seen988 Hash 01cece45c90a71db7d3616eb1b64ee64 51ec46279d524491393c8a9d3ef1835c8947b961 3a62321995cd73f8e559e86048958d42a12bedd237f56310881e8eff6cfb4ca7 Loading...

HTTP Transactions (138)

URL IP Response Size

citi-now.com/

192.3.204.226

301 Moved Permanently

229 B

URL User Request GET HTTP/1.1
citi-now.com/
IP
192.3.204.226:80
ASN
#36352 AS-COLOCROSSING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
229 B (229 bytes)
Hash
55dfb203d3240025c9e46d8950ce028f
d61c7974741140e8f774f0e835da26b09f05750c
8bb7c31093f7ddcb977fbba7cdf1f8ff136e34feeda60ab3e86e391c570288fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Mon, 01 May 2023 21:01:17 GMT
Server: Apache
Location: https://citi-now.com/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

citi-now.com/

192.3.204.226

301 Moved Permanently

53 kB

URL User Request GET HTTP/1.1
citi-now.com/
IP
192.3.204.226:80
ASN
#36352 AS-COLOCROSSING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2395)
Size
53 kB (53055 bytes)
Hash
09d3bc0140f479b0abff9a38286e4b10
5e547a5efe7e8984ab3f8081ce5c12deef6e12d5
102448aa3d652e770be0e8e1463d37dac5cdeed5816d64afb37fe21629332607

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7; path=/
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6cbb9f15d1911c8b9960fa84cd46746a
5a818e7c516f66d74cc89cdc417740f76f19b325
d6f500b8a531532af0fafd55c442a163882a946d5f01c2ade121100c24e80b4c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

142.250.74.170

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 11:26:16 GMT
expires: Sun, 28 Apr 2024 11:26:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 207302
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0

142.250.74.170

200 OK

64 kB

URL GET HTTP/2
maps.googleapis.com/maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (2455)
Size
64 kB (63486 bytes)
Hash
84898c1e53fe717d86867abefccf489e
a5832d800fe90fb7d8da8243ff71e69037b5087c
c605998ce23b2e2a5f62fa02a4d01b9a7d1e31aed7e80f0f7d2b8fa41141038c

HTTP Headers

GET /maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Language, Origin, X-Origin, Referer
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=1800
timing-allow-origin: *
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
date: Mon, 01 May 2023 21:01:18 GMT
server: scaffolding on HTTPServer2
content-length: 63486
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

citi-now.com/css/bootstrap-4-navbar.css

192.3.204.226

200 OK

2.6 kB

URL GET HTTP/1.1
citi-now.com/css/bootstrap-4-navbar.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
2.6 kB (2598 bytes)
Hash
3121aca3cb99cd03f95743a56b310f4c
deb82d89faae0f8b6bd1e20297c9d42dc788a08c
c894be19c38522da4f1984ed993c8238b1ab293311105611d96dc825c417a9ab

HTTP Headers

GET /css/bootstrap-4-navbar.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 2598
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/font-awesome.min.css

192.3.204.226

200 OK

31 kB

URL GET HTTP/1.1
citi-now.com/css/font-awesome.min.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (30858), with CRLF line terminators
Size
31 kB (31025 bytes)
Hash
f4232088435e47914bbc280dbf56c8df
9e6aff916f2be32dbc9a053f83f906aab6527c7f
562bd1e9b6d71357cb209821a63ebb8324b5498fa8e144c48c9a9ec2b49e6d10

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 31025
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/animate.css

192.3.204.226

200 OK

25 kB

URL GET HTTP/1.1
citi-now.com/css/animate.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
25 kB (25427 bytes)
Hash
1c7ad0a97d2dc2da70b8d855ae946cae
7f3596852663437b7f89231cc750628a0d86e403
cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 25427
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6f7298ed349da5c5d3cefbd60fb5afbe
88b65ae103faac327c242b0b8c4f56f4b96b299f
ea6a0e7d7ebc2abaf9aaced8273e9883010990d064e7c5c46088cc451623cbcc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:23 GMT
expires: Sun, 28 Apr 2024 13:45:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 198956
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6cbb9f15d1911c8b9960fa84cd46746a
5a818e7c516f66d74cc89cdc417740f76f19b325
d6f500b8a531532af0fafd55c442a163882a946d5f01c2ade121100c24e80b4c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

citi-now.com/etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css

192.3.204.226

200 OK

563 kB

URL GET HTTP/1.1
citi-now.com/etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
563 kB (562942 bytes)
Hash
11c2fedc258a33a78dbd89d85bda9562
66a93f44841b6666b748340f9580486b096c3fe7
ea0eed3ac657f69fab9be7ec82e84e54e8e26a1e6dd47b242600551766030d2f

HTTP Headers

GET /etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:22 GMT
Accept-Ranges: bytes
Content-Length: 562942
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/bootstrap.min.css

192.3.204.226

200 OK

140 kB

URL GET HTTP/1.1
citi-now.com/css/bootstrap.min.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
140 kB (140427 bytes)
Hash
9085ab0d9dc4f08b981ba6b6766fd2bb
a9dc0e1df4a8b9f852fe0a7197f179cd45f3e30a
1212f28ff9fe4b7829e31633b30c67bbb1209ecd1a7bb915f96b6e0eedaf02a4

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 140427
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/site.min.css

192.3.204.226

200 OK

484 kB

URL GET HTTP/1.1
citi-now.com/site.min.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
484 kB (483640 bytes)
Hash
5abb79f867020effd7ff146c326104f0
9ed1b35395ae8889b1ae8a08e4ef0aa964112caa
cafa5acc2910f631c03d41c2c7d1f521d23c69dd0b333a2991e11bd6974966f4

HTTP Headers

GET /site.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:18 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:32 GMT
Accept-Ranges: bytes
Content-Length: 483640
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/fakeLoader.css

192.3.204.226

200 OK

9.1 kB

URL GET HTTP/1.1
citi-now.com/css/fakeLoader.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
9.1 kB (9055 bytes)
Hash
3373236010f4791905b4243523c852ae
f0518b67f831bf7ae4a8fae2873dda32cccee71e
dc917074047f65fb36f2683634b4df05900d1ce0c30102679e170419c2477339

HTTP Headers

GET /css/fakeLoader.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 9055
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/inc/lightbox/css/jquery.fancybox.css

192.3.204.226

200 OK

5.3 kB

URL GET HTTP/1.1
citi-now.com/inc/lightbox/css/jquery.fancybox.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
5.3 kB (5278 bytes)
Hash
f7cc36f690e370ee8b85cbd5d1862d59
64f621553581eaaf5d56341ff138f9bcba6de562
8f29da77daf2aa97c4c482e0f5ae474154f6494e92bca50c8424815af2989883

HTTP Headers

GET /inc/lightbox/css/jquery.fancybox.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:26 GMT
Accept-Ranges: bytes
Content-Length: 5278
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/owl.theme.default.min.css

192.3.204.226

200 OK

941 B

URL GET HTTP/1.1
citi-now.com/css/owl.theme.default.min.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (846), with CRLF line terminators
Size
941 B (941 bytes)
Hash
58fa0eb0891a7bcb0f2ee822cce62ed4
34e714fc4d078105e9a7b1ababd192d6e544685a
fedfa62c29729ccdabb5e90b287385f13ef1c5c8b4e5efbc000702b110e40fdd

HTTP Headers

GET /css/owl.theme.default.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 941
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/filterizer.css

192.3.204.226

200 OK

795 B

URL GET HTTP/1.1
citi-now.com/css/filterizer.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
0c77b2adffa1884df02e4f956f01b470
bf192c93ba2e0ceefd02f6f072483e2be62438d8
89d3e611d3c764ff08d2510c4943c9e91e52edfcf78f28caade28821301831a1

HTTP Headers

GET /css/filterizer.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 795
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/sweetalert.css

192.3.204.226

200 OK

24 kB

URL GET HTTP/1.1
citi-now.com/css/sweetalert.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
24 kB (23811 bytes)
Hash
9b8007e29ad2778d449264166a7892b7
47418efe84958fcf4a945cbf6c2f54d29967e79b
4513f34c44831aab38d5171e7d729e3fabeea39dfc7ffd06722b490d02f20a70

HTTP Headers

GET /css/sweetalert.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 23811
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/style.css

192.3.204.226

200 OK

84 kB

URL GET HTTP/1.1
citi-now.com/style.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (491), with CRLF line terminators
Size
84 kB (84044 bytes)
Hash
b8bcc550c17edd950f084ab15cf1a4d5
048c264b14895248ee583d507f1253c6a0e90664
2a04435c9150e2ccc8acf106f03892734664589d14f063c4290af4e0438eeed6

HTTP Headers

GET /style.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:32 GMT
Accept-Ranges: bytes
Content-Length: 84044
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/customcss.css

192.3.204.226

200 OK

89 B

URL GET HTTP/1.1
citi-now.com/css/customcss.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
89 B (89 bytes)
Hash
e74cc393f0eb1c928a61f4a905587645
111baad88be18649c64139557f83fdb0053cc2dc
3905954654fa396aa0b64496f1394d11e2f932fcf7a2aecfc70d3cf0f6c58a93

HTTP Headers

GET /css/customcss.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 89
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/toastr.css

192.3.204.226

200 OK

7.0 kB

URL GET HTTP/1.1
citi-now.com/css/toastr.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (821), with CRLF line terminators
Size
7.0 kB (6988 bytes)
Hash
6f3bc1fed2acd85204fa04c82b6c872d
ee57a6e6fd2ee673e0f14d4647f92d4e8d1eab0b
bf3687811bb3e963a9fabd3d280d0c7f670257b151be140936dfc6c6cefa00dc

HTTP Headers

GET /css/toastr.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 6988
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/css/responsive.css

192.3.204.226

200 OK

16 kB

URL GET HTTP/1.1
citi-now.com/css/responsive.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
16 kB (15829 bytes)
Hash
e256adcdbe2f9480a7dc6e5f0beb715b
135fbf0541692b363e7a81790a5bb130afecdc6e
95d10df44c77d308c6656eed015a103063ad0ca02362c51b9fdb93947c9a64da

HTTP Headers

GET /css/responsive.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 15829
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/color/color-switcher.css

192.3.204.226

200 OK

11 kB

URL GET HTTP/1.1
citi-now.com/color/color-switcher.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (4431), with CRLF line terminators
Size
11 kB (10768 bytes)
Hash
757718467df48369313fad0aad1500b8
a2820ace49fd22f3376873b90585cfed3edda776
46465dc28550e5e16a7200f217a63b6b7951c11ac3aa2f1b7ce00d4677be6f25

HTTP Headers

GET /color/color-switcher.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 10768
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/color/default.css

192.3.204.226

200 OK

11 kB

URL GET HTTP/1.1
citi-now.com/color/default.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
11 kB (10842 bytes)
Hash
66e02114de8ae25ea34ea998184da67e
39cfbadb11695b98280deed67e3f060b4ba9c73c
d043c2cca265536ff5ecfd0c37b2f836708bd91cd1d76967187b9ec83a58d77d

HTTP Headers

GET /color/default.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 10842
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/cdn.weglot.com/weglot.min.js

192.3.204.226

200 OK

48 kB

URL GET HTTP/1.1
citi-now.com/cdn.weglot.com/weglot.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (48054), with no line terminators
Size
48 kB (48484 bytes)
Hash
4f2efd52c68e5a56f2317f9b5ed22704
25bfc4447fe2cd7da24f94195b8ac0ea0c5f067c
9d88bb54b2b3656afa6dcb8edca86757929e05d3faabe5c0c08a474750615ab9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn.weglot.com/weglot.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:58 GMT
Accept-Ranges: bytes
Content-Length: 48484
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min

192.3.204.226

404 Not Found

315 B

URL GET HTTP/1.1
citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

citi-now.com/1.12.4/jquery.min.js

192.3.204.226

200 OK

97 kB

URL GET HTTP/1.1
citi-now.com/1.12.4/jquery.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (32077), with CRLF line terminators
Size
97 kB (97168 bytes)
Hash
618538b4ab9639d444e962729a927f15
dacc1f76630a9708add066819b1aabf8dce01056
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /1.12.4/jquery.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:11:34 GMT
Accept-Ranges: bytes
Content-Length: 97168
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/waypoints.min.js

192.3.204.226

200 OK

8.1 kB

URL GET HTTP/1.1
citi-now.com/js/waypoints.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (7808), with CRLF line terminators
Size
8.1 kB (8051 bytes)
Hash
4fe14337a62d710389f42e8a5d1043f7
5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5
069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/waypoints.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 8051
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/jquery.filterizr.min.js

192.3.204.226

200 OK

12 kB

URL GET HTTP/1.1
citi-now.com/js/jquery.filterizr.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (12034), with no line terminators
Size
12 kB (12034 bytes)
Hash
5eb0077b399d38f31eef66c00d150980
014c05a2ca80b0066631dc8e48267ddb4bbfc057
03c9a5d09cf0714352a12a9233626ec69367822b520550955bd7bab074f11a09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.filterizr.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:30 GMT
Accept-Ranges: bytes
Content-Length: 12034
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/wow.min.js

192.3.204.226

200 OK

8.4 kB

URL GET HTTP/1.1
citi-now.com/js/wow.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (8385), with CRLF line terminators
Size
8.4 kB (8416 bytes)
Hash
e1f1ff6897992a9165e8ce009b4039e3
e297207404fea99863aea60a1dcd3770f8ecddee
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/wow.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:30 GMT
Accept-Ranges: bytes
Content-Length: 8416
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/filterizer-controls.js

192.3.204.226

200 OK

593 B

URL GET HTTP/1.1
citi-now.com/js/filterizer-controls.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
593 B (593 bytes)
Hash
09092616c6c92eadf3ac73e85dbbcfb0
b7e28ee5a4cc047b4d5d196c22b24eedf5c58dc1
da484791ac65c3a3c67de883ccbc8b6a651ec08b85df451913a8870b0fe2facc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/filterizer-controls.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 593
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/bootstrap.min.js

192.3.204.226

200 OK

51 kB

URL GET HTTP/1.1
citi-now.com/js/bootstrap.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (50395), with CRLF line terminators
Size
51 kB (50682 bytes)
Hash
95697eefe013ce1a1e69c14105d09696
7fcbfe254ff0b171b13c21c7a86d4db5a32fa676
44a7e1e6e7f4f6ad49f162ce33dfd72f05d3162e150415b7ac9cefba8d51acc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 50682
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/css/owl.carousel.min.css

192.3.204.226

200 OK

2.9 kB

URL GET HTTP/1.1
citi-now.com/css/owl.carousel.min.css
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (2846), with CRLF line terminators
Size
2.9 kB (2941 bytes)
Hash
11f8f55299612003d16158106d01f2f0
78bead4cb5ce15f16b6554065404a01df5f67325
8608c63311f463ed5cb19febda4aaedc756eba9516c345375e5a7e56ec67a46e

HTTP Headers

GET /css/owl.carousel.min.css HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:19 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:12:00 GMT
Accept-Ranges: bytes
Content-Length: 2941
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

citi-now.com/js/owl.carousel.min.js

192.3.204.226

200 OK

43 kB

URL GET HTTP/1.1
citi-now.com/js/owl.carousel.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (32000), with CRLF line terminators
Size
43 kB (42772 bytes)
Hash
56b28ad35f1816c6894b14190a0a006d
967ceaa9e6f67e636d818f42b4d5d15c7a4a254e
b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/owl.carousel.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 42772
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebcfe66cabee8d5ba507cb7b2321072c
aa5ab35362cb37530ee009bab1145e2c1f87ef20
3fa3ca6a53788d5a96c0c161c07d42a2dd2392525b4db57cdb28e8e77b89d0bb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

citi-now.com/js/fakeLoader.min.js

192.3.204.226

200 OK

2.2 kB

URL GET HTTP/1.1
citi-now.com/js/fakeLoader.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (2181), with no line terminators
Size
2.2 kB (2181 bytes)
Hash
fbbc2dce21db4ede54f377af673a14e4
6744ee1c09c777c03dd645e1feef863bef36afe0
019ac00d99daed25891f79aa2560c46ea37cd3a263a21b5c0ee4c9e14cfabd89

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/fakeLoader.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:34 GMT
Accept-Ranges: bytes
Content-Length: 2181
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css

142.250.74.35

200 OK

4.2 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
ASCII text, with very long lines (23228), with no line terminators
Size
4.2 kB (4205 bytes)
Hash
8f89ebd6757f0474347497a9545d3cc2
014d050331fcdbcff8cbf854b4c926286e0c104a
015111236a8db21de30b2af7d2d24221a9f358fe83137f4651707f4728043585

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 15:39:58 GMT
expires: Sun, 28 Apr 2024 15:39:58 GMT
cache-control: public, max-age=31536000
age: 192082
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebcfe66cabee8d5ba507cb7b2321072c
aa5ab35362cb37530ee009bab1145e2c1f87ef20
3fa3ca6a53788d5a96c0c161c07d42a2dd2392525b4db57cdb28e8e77b89d0bb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 07:44:41 GMT
expires: Sun, 28 Apr 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 220599
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 16:13:41 GMT
expires: Sun, 28 Apr 2024 16:13:41 GMT
cache-control: public, max-age=31536000
age: 190059
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

citi-now.com/js/scrolltopcontrol.js

192.3.204.226

200 OK

3.8 kB

URL GET HTTP/1.1
citi-now.com/js/scrolltopcontrol.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
3.8 kB (3802 bytes)
Hash
a4b429f9967aa1c8266040f0c3a8af06
68ded267a97e354b790812e7621e6b0cdbf1d1b1
8fa3dcf37f804c3ff9d561fedf2fefece267e4a18ac47a14d5aab0028870a8c0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/scrolltopcontrol.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 3802
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/bootstrap-4-navbar.js

192.3.204.226

200 OK

1.1 kB

URL GET HTTP/1.1
citi-now.com/js/bootstrap-4-navbar.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1126 bytes)
Hash
19692f564401574998529b3fc97e08ce
1b790552a374ea3a7856ecd1fb147e695275ed8c
00b8431e30ab00475d6c7050e50b9bc2538689894048107875e3416dbe8817b0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bootstrap-4-navbar.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 1126
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebcfe66cabee8d5ba507cb7b2321072c
aa5ab35362cb37530ee009bab1145e2c1f87ef20
3fa3ca6a53788d5a96c0c161c07d42a2dd2392525b4db57cdb28e8e77b89d0bb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebcfe66cabee8d5ba507cb7b2321072c
aa5ab35362cb37530ee009bab1145e2c1f87ef20
3fa3ca6a53788d5a96c0c161c07d42a2dd2392525b4db57cdb28e8e77b89d0bb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 May 2023 21:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

citi-now.com/inc/lightbox/js/jquery.fancybox.pack.js

192.3.204.226

200 OK

23 kB

URL GET HTTP/1.1
citi-now.com/inc/lightbox/js/jquery.fancybox.pack.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (645), with CRLF line terminators
Size
23 kB (23180 bytes)
Hash
0ca8cd384931d74c4b6a9f592e987f69
ae6318aeb62ad4ce7a7e9a4cdacd93ffb004f0fb
2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /inc/lightbox/js/jquery.fancybox.pack.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:28 GMT
Accept-Ranges: bytes
Content-Length: 23180
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 03:11:48 GMT
expires: Sun, 28 Apr 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 236973
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

216.58.207.227

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 15:48:35 GMT
expires: Sun, 28 Apr 2024 15:48:35 GMT
cache-control: public, max-age=31536000
age: 191566
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

citi-now.com/js/map.js

192.3.204.226

200 OK

2.1 kB

URL GET HTTP/1.1
citi-now.com/js/map.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2135 bytes)
Hash
074d18a20690c9e786a7e8ea5c505067
f7d4d1717a6f83b912ded783212799555a730dfe
ac463348ed7518f3e8482361b2efdfaf6ec5cfcf907b8b37795f522280b59cbd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/map.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 2135
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/jquery.sticky.js

192.3.204.226

200 OK

9.5 kB

URL GET HTTP/1.1
citi-now.com/js/jquery.sticky.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
9.5 kB (9544 bytes)
Hash
bb9e65fc3638c9c96ab909c51882b0a6
9109c4c710cfaf3be7fba3b12b348a79262e4923
8a0fb587e2399fa57291795510001b9e5de7b0c6f8ee097ded2e7a66ad149492

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.sticky.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:32 GMT
Accept-Ranges: bytes
Content-Length: 9544
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/jquery.counterup.min.js

192.3.204.226

200 OK

1.1 kB

URL GET HTTP/1.1
citi-now.com/js/jquery.counterup.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (917), with CRLF line terminators
Size
1.1 kB (1078 bytes)
Hash
465906f7e86adf960de5784a9cdb40fb
124337b64842cb55e7d480f99a83159ac6104d58
05231ca1268f3f7b2cdbc4daba734e7718a03a0ffaf79cb376bc5a49d85bbdfb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.counterup.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 1078
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/jquery.magnific-popup.min.js

192.3.204.226

200 OK

20 kB

URL GET HTTP/1.1
citi-now.com/js/jquery.magnific-popup.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (20087), with CRLF line terminators
Size
20 kB (20219 bytes)
Hash
b37d7edf99565d3858eaa1ad80df3cff
786a4343711e9af5e5dfcc493e7d2331b48875bb
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 20219
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/color-switcher.js

192.3.204.226

200 OK

2.4 kB

URL GET HTTP/1.1
citi-now.com/js/color-switcher.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2384 bytes)
Hash
07e0e829a35fa6e171ca38846cfcfde6
c038677cc1072e2df4b2a1d8997bdfb41da44590
45312d094380e813ad3ccef98fbce8734a737fd9b6c9a520b7b0c915a9f652df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/color-switcher.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 2384
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/color-switcher-active.js

192.3.204.226

200 OK

881 B

URL GET HTTP/1.1
citi-now.com/js/color-switcher-active.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
881 B (881 bytes)
Hash
f1da354bd0f4d3927aff85ca576021c5
97dca7530fc9992c86ebefb3b75c2c1edfb9181c
653ae2847222b2f5ae9232037834859823c7548f8fb6434b33c24bc9805068dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/color-switcher-active.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:36 GMT
Accept-Ranges: bytes
Content-Length: 881
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/inc/lightbox/js/lightbox.js

192.3.204.226

200 OK

1.4 kB

URL GET HTTP/1.1
citi-now.com/inc/lightbox/js/lightbox.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1377 bytes)
Hash
518c953f31f7299691a1621b803cbf44
b26b64be947c86d14cbafc10de84149c462ed8bf
b537a80c14d7d295dc304619d62df5605d71b93b9783cf9368a8df14e9ec5598

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /inc/lightbox/js/lightbox.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:20 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:28 GMT
Accept-Ranges: bytes
Content-Length: 1377
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/custom.js

192.3.204.226

200 OK

6.1 kB

URL GET HTTP/1.1
citi-now.com/js/custom.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text
Size
6.1 kB (6117 bytes)
Hash
c4591e618ff24176ccec82f552b9330c
36daaa5a527140f997f00161d62effd6fe01371b
ecc579c8a5c04b1c2fe74efd57f9e6942bc960fe1121e2915b9193f4e1bd7e67

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/custom.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 6117
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/toastr.js

192.3.204.226

200 OK

8.0 kB

URL GET HTTP/1.1
citi-now.com/js/toastr.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
8.0 kB (8035 bytes)
Hash
b8309849622865e0321015ec2482645d
5ee2d93004b15046be73afc88d29d0b780d165bd
3bffa2cee14e483c528eeade0e59f4705555bf047c2400b0bf9fda105129b638

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/toastr.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 8035
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min

192.3.204.226

404 Not Found

315 B

URL GET HTTP/1.1
citi-now.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

citi-now.com/js/sweetalert.js

192.3.204.226

200 OK

41 kB

URL GET HTTP/1.1
citi-now.com/js/sweetalert.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (40808), with no line terminators
Size
41 kB (40808 bytes)
Hash
f3b8ce97ff6ce324da6232da353adf40
2a3daabc70232c6350ab48d32605dc4a6ac1f1fa
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/sweetalert.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:40 GMT
Accept-Ranges: bytes
Content-Length: 40808
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/js/jquery.bxslider.min.js

192.3.204.226

200 OK

19 kB

URL GET HTTP/1.1
citi-now.com/js/jquery.bxslider.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (19040), with CRLF line terminators
Size
19 kB (19368 bytes)
Hash
7658757f3908f59389898e30f4de4067
f8f94befddf4def914df3fae70d106fc525819a0
7bc204a8009323811c2888323b9626d4417b02358aab7fdfabdcf0153385c621

HTTP Headers

GET /js/jquery.bxslider.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 19368
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

192.3.204.226

200 OK

38 kB

URL GET HTTP/1.1
citi-now.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (873), with CRLF line terminators
Size
38 kB (38468 bytes)
Hash
af2968fceb7f237e56363e001bbf407f
245b56bf8b91af47031b8f1141c59979429dc039
d43a868701070b5ce6966b7000acb506c8b519635e284b4f824e26b63b2b444a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:20 GMT
Accept-Ranges: bytes
Content-Length: 38468
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/fonts/icomoon87f487f487f487f4.ttf

192.3.204.226

200 OK

53 kB

URL GET HTTP/1.1
citi-now.com/fonts/icomoon87f487f487f487f4.ttf
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
53 kB (52948 bytes)
Hash
c0f9a8825c938a3f34c3699831427236
265e5236fd5361bc3b80cb169020caf619397680
93a180d6de5a94708086d7ceddd1dc5fc2795e503a9c2528e6f0a87fe59a6278

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/icomoon87f487f487f487f4.ttf HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/site.min.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:26 GMT
Accept-Ranges: bytes
Content-Length: 52948
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/ttf

citi-now.com/fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html

192.3.204.226

200 OK

77 kB

URL GET HTTP/1.1
citi-now.com/fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://citi-now.com/css/font-awesome.min.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:28 GMT
Accept-Ranges: bytes
Content-Length: 77160
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html

citi-now.com/images/bg-2.jpg

192.3.204.226

200 OK

69 kB

URL GET HTTP/1.1
citi-now.com/images/bg-2.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 570x370, components 3\012- data
Size
69 kB (68737 bytes)
Hash
a5147fb69b0d501b6690f6548b1a9af6
7bfd9304ac9fd82aeaeb9e4e95ea9ba919149b28
3ff0e12658143c927418c8783fed132470717b9ea46c05536a4bc677c7690390

HTTP Headers

GET /images/bg-2.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:58 GMT
Accept-Ranges: bytes
Content-Length: 68737
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/bg-5.jpg

192.3.204.226

200 OK

98 kB

URL GET HTTP/1.1
citi-now.com/images/bg-5.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Size
98 kB (97824 bytes)
Hash
7f096f50c88548931dd0df7831200e8b
30dc16e18926dd80bd73e3b4c291307f86d90b7e
861d9ce39e5a4852c9dbacb24a8f20a5121995414c8d0e431e1586689c4fccd2

HTTP Headers

GET /images/bg-5.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:08 GMT
Accept-Ranges: bytes
Content-Length: 97824
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/bg-4.jpg

192.3.204.226

200 OK

87 kB

URL GET HTTP/1.1
citi-now.com/images/bg-4.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Size
87 kB (87406 bytes)
Hash
4e630e7ac70b8485413ce35c6b375966
c188d6e67310b5b93b22debef7fdd0323c8d08d5
b3721db605cfd56e61cd25e1cfde2527226f0a528b03c480eaaebdba77384782

HTTP Headers

GET /images/bg-4.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:58 GMT
Accept-Ranges: bytes
Content-Length: 87406
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js

192.3.204.226

200 OK

724 kB

URL GET HTTP/1.1
citi-now.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (1421), with CRLF line terminators
Size
724 kB (723763 bytes)
Hash
7d95abe64f17c7a573ff60dd644a1e43
ff29e996be8195af48eeef617b5c6a20c77dafc1
ca9fb3233fb99405b67fb2770c2b1860f03db4275c790dcd181e58ce5f60288f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:22 GMT
Accept-Ranges: bytes
Content-Length: 723763
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/images/bg-1.jpg

192.3.204.226

200 OK

129 kB

URL GET HTTP/1.1
citi-now.com/images/bg-1.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 944x689, components 3\012- data
Size
129 kB (128804 bytes)
Hash
e197355547cbef209427632bd7b2b866
8f9da60df1b9b6014cad7e830a4cb6fd1fb4f225
7f7c832aa8b7cc957e2a58427a62e6add5f054a88b24e0693f3d7490ac17c689

HTTP Headers

GET /images/bg-1.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 128804
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/bg-3.jpg

192.3.204.226

200 OK

118 kB

URL GET HTTP/1.1
citi-now.com/images/bg-3.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Size
118 kB (117544 bytes)
Hash
d706c5bf6e1f46d37f538863b2a18825
0a043a00e318b7b500c86a7b272eeb9e140ef4ed
ee8d71964c7c269d013737fbe04e23839cece9814c39c00e4ca396b9d4758125

HTTP Headers

GET /images/bg-3.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/color/default.css
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:06 GMT
Accept-Ranges: bytes
Content-Length: 117544
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/b1.jpg

192.3.204.226

200 OK

106 kB

URL GET HTTP/1.1
citi-now.com/images/b1.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x640, components 3\012- data
Size
106 kB (105550 bytes)
Hash
6be0a85a85a1ff0fb1026b53a11a1f70
b12974005bc57a523677ae27ebdd2384f9470004
efaba296ecc888b632df1fd42aaa1e2a608fc2a6cee52684539a5265dc181829

HTTP Headers

GET /images/b1.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 105550
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/blog-1.jpg

192.3.204.226

200 OK

42 kB

URL GET HTTP/1.1
citi-now.com/images/blog-1.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Size
42 kB (41726 bytes)
Hash
bab4874be3238db6dab8c701f427a96f
d21d82a83b8bde19fd16ffea616f75ffe37e3a6e
202d5e31c8db7a1b0c9a8a75de061f53b357223d6c6e0afe8375bc2d0b98f217

HTTP Headers

GET /images/blog-1.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:10 GMT
Accept-Ranges: bytes
Content-Length: 41726
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/js/jquery.bxslider.min.js

192.3.204.226

200 OK

19 kB

URL GET HTTP/1.1
citi-now.com/js/jquery.bxslider.min.js
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
ASCII text, with very long lines (19040), with CRLF line terminators
Size
19 kB (19368 bytes)
Hash
7658757f3908f59389898e30f4de4067
f8f94befddf4def914df3fae70d106fc525819a0
7bc204a8009323811c2888323b9626d4417b02358aab7fdfabdcf0153385c621

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.bxslider.min.js HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:38 GMT
Accept-Ranges: bytes
Content-Length: 19368
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

citi-now.com/images/blog-2.jpg

192.3.204.226

200 OK

53 kB

URL GET HTTP/1.1
citi-now.com/images/blog-2.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Size
53 kB (53321 bytes)
Hash
893353112665ee1c944f520846722007
a08a84f88e61b3f1a5e4b651cc6ba558f6d324ee
f65ad81e6d7ea52e0c1018a7bdaedf037228be46cc1022462d308003fc5521e2

HTTP Headers

GET /images/blog-2.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 53321
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/blog-3.jpg

192.3.204.226

200 OK

52 kB

URL GET HTTP/1.1
citi-now.com/images/blog-3.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Size
52 kB (52247 bytes)
Hash
61f44c0098105b666ac8f32e1d8ef5a5
8cd4db77562f8fca66e150399b115edfecd6b682
6731970a99cfda11c4e5c76eb6eccdd0ac04286d953435180d1d17b458db7429

HTTP Headers

GET /images/blog-3.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:00 GMT
Accept-Ranges: bytes
Content-Length: 52247
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/blog-4.jpg

192.3.204.226

200 OK

51 kB

URL GET HTTP/1.1
citi-now.com/images/blog-4.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Size
51 kB (50781 bytes)
Hash
355e149413ab293e1f8e76f1aab4559d
22acb164f38ae80fd8cd5d5984f9b4dadb6f11b2
82871af3cb7d32d68779917061f60538324f8262dd1a706448fccea0cf229386

HTTP Headers

GET /images/blog-4.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:22 GMT
Accept-Ranges: bytes
Content-Length: 50781
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/blog-5.jpg

192.3.204.226

200 OK

78 kB

URL GET HTTP/1.1
citi-now.com/images/blog-5.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 971x649, components 3\012- data
Size
78 kB (78295 bytes)
Hash
69ce9bdf66f0c76eb1a80ef7baf41260
adfb7cd1a2f9a9b53d38cbef3b7f4e52b38fd170
75343815a2e8e1c48c82100b40b1bfb6e5b74b028e8b708d9db1efee89f646af

HTTP Headers

GET /images/blog-5.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:58 GMT
Accept-Ranges: bytes
Content-Length: 78295
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/blog-6.jpg

192.3.204.226

200 OK

42 kB

URL GET HTTP/1.1
citi-now.com/images/blog-6.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Size
42 kB (42180 bytes)
Hash
dd8fc778f54121666896bc7e399323eb
4abc3d9b8bf97a9914d65807ef04a8e99b4ffa67
ebe230389404c32af8df72ddaabc5102477eea6693c1af9c53ebfdab12a7ab36

HTTP Headers

GET /images/blog-6.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 42180
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/logo.png

192.3.204.226

200 OK

7.0 kB

URL GET HTTP/1.1
citi-now.com/logo.png
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
PNG image data, 289 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7029 bytes)
Hash
fb01c489c91a651176ce21954cdb161f
dd01cda0fd9c9a5899e1eaa0e407511555c2a0b3
dd240db9b2bd1f2a33421a99b6a6eb3fe5bb271ad707bd5d451904ac2762c38c

HTTP Headers

GET /logo.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:21 GMT
Server: Apache
Last-Modified: Tue, 18 Apr 2023 10:48:33 GMT
Accept-Ranges: bytes
Content-Length: 7029
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

col.eum-appdynamics.com//eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0AOnErrorEventHandlerNonNull*f.prototype.Ac%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A22%0Af.prototype.setUp%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A349%3A6%0Ad.Zc%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A9%3A6%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A710%3A11%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A711%3A3%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1%3A13%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1053%3A3%0A

44.238.78.108

404 Not Found

0 B

URL GET HTTP/2
col.eum-appdynamics.com//eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0AOnErrorEventHandlerNonNull*f.prototype.Ac%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A22%0Af.prototype.setUp%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A349%3A6%0Ad.Zc%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A9%3A6%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A710%3A11%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A711%3A3%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1%3A13%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1053%3A3%0A
IP
44.238.78.108:443
ASN
#16509 AMAZON-02

Requested by
https://citi-now.com/
Certificate
IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0AOnErrorEventHandlerNonNull*f.prototype.Ac%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A22%0Af.prototype.setUp%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A349%3A6%0Ad.Zc%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A9%3A6%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A710%3A11%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A711%3A3%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1%3A13%0A%40https%3A%2F%2Fciti-now.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A1053%3A3%0A HTTP/1.1
Host: col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Mon, 01 May 2023 21:01:22 GMT
content-length: 0
server: envoy
X-Firefox-Spdy: h2

citi-now.com/images/blog-7.jpg

192.3.204.226

200 OK

29 kB

URL GET HTTP/1.1
citi-now.com/images/blog-7.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Size
29 kB (28606 bytes)
Hash
58042d50e2139db5e3b4d265c1aab916
d100a0db9c6b7c011562be7b153252466ef18259
1230940cd7817047fb178deadc01b3900a3854089bf24c8f305f16ca8d30adf4

HTTP Headers

GET /images/blog-7.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 28606
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/blog-9.jpg

192.3.204.226

200 OK

31 kB

URL GET HTTP/1.1
citi-now.com/images/blog-9.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Size
31 kB (30616 bytes)
Hash
a5c44207c57853163a53a23d43a89726
74a2a6a0ba70788bad4ca07e88aab235aa82289b
c1f74b20c558359aba86eacf49a3bb469f527b963161bbd68b3608ee27f7333d

HTTP Headers

GET /images/blog-9.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:22 GMT
Accept-Ranges: bytes
Content-Length: 30616
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/blog-8.jpg

192.3.204.226

200 OK

31 kB

URL GET HTTP/1.1
citi-now.com/images/blog-8.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x511, components 3\012- data
Size
31 kB (31177 bytes)
Hash
804b8e44e1c43286f78b89a422c9a620
93c2a2097512c6949df2e0b6de0f3d0b1338266e
d8bf28bd319981ed47b5d871397b837f84f311716fdb0ab92c3686103bfd285c

HTTP Headers

GET /images/blog-8.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:14 GMT
Accept-Ranges: bytes
Content-Length: 31177
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/footerlogo.png

192.3.204.226

200 OK

7.0 kB

URL GET HTTP/1.1
citi-now.com/footerlogo.png
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
PNG image data, 289 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7029 bytes)
Hash
fb01c489c91a651176ce21954cdb161f
dd01cda0fd9c9a5899e1eaa0e407511555c2a0b3
dd240db9b2bd1f2a33421a99b6a6eb3fe5bb271ad707bd5d451904ac2762c38c

HTTP Headers

GET /footerlogo.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Tue, 18 Apr 2023 10:47:49 GMT
Accept-Ranges: bytes
Content-Length: 7029
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

citi-now.com/images/couple-hiking-840.jpg

192.3.204.226

200 OK

94 kB

URL GET HTTP/1.1
citi-now.com/images/couple-hiking-840.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2018:09:06 12:55:13], progressive, precision 8, 601x400, components 3\012- data
Size
94 kB (93653 bytes)
Hash
fbd399a4fb4cfd05b5786d8608651760
332d3ad7975e78c48eeef929609adc63b0170aed
96927945a2f7fdcddc4ba1b97e5ee55ade5d16b05ce5a56123321cf47c62bb46

HTTP Headers

GET /images/couple-hiking-840.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:42 GMT
Accept-Ranges: bytes
Content-Length: 93653
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/bl-840.jpg

192.3.204.226

200 OK

146 kB

URL GET HTTP/1.1
citi-now.com/images/bl-840.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2018:09:06 12:53:01], progressive, precision 8, 812x540, components 3\012- data
Size
146 kB (145862 bytes)
Hash
7312b8b13b3be58c8118fadb3f15c8a8
24fed7013a2d3459d8641f6231651c63ab49589d
c4249eb98c7fa39a43bb8cd1026497cda3112e9e320dfc001e508f47cb025b88

HTTP Headers

GET /images/bl-840.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:14 GMT
Accept-Ranges: bytes
Content-Length: 145862
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/visa1%20(2).png

192.3.204.226

200 OK

37 kB

URL GET HTTP/1.1
citi-now.com/images/visa1%20(2).png
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
PNG image data, 396 x 260, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (37414 bytes)
Hash
049ce8bca6336a5a45e6aeec6b956dda
1e10b17f52f2780013f96c14ccd3ca2f6a66bd67
ae4d25e08e8c063c9b0a6c4dd39a43e0c9e99848b5180ce515eaa19cacd96d7f

HTTP Headers

GET /images/visa1%20(2).png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:07:08 GMT
Accept-Ranges: bytes
Content-Length: 37414
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

citi-now.com/images/Question-mark.jpg

192.3.204.226

200 OK

91 kB

URL GET HTTP/1.1
citi-now.com/images/Question-mark.jpg
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1774x2365, components 3\012- data
Size
91 kB (91165 bytes)
Hash
db34e90d64234eedf1530f4187547d80
c0e222b7c416438d4a7c7eff68c70448aeae8300
e6b1e3a4498fe376871c68a809d741fe3a828284b7a8715726770c7dee3562a5

HTTP Headers

GET /images/Question-mark.jpg HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:40 GMT
Accept-Ranges: bytes
Content-Length: 91165
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

citi-now.com/images/visa2.png

192.3.204.226

200 OK

215 kB

URL GET HTTP/1.1
citi-now.com/images/visa2.png
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
PNG image data, 775 x 322, 8-bit/color RGBA, non-interlaced\012- data
Size
215 kB (215093 bytes)
Hash
c2a5ff703b6e7c71f994eeb0f67ca40b
97095cd707e896c47b028e3b3d117d3057a71412
512678a6350d49dd9ee674adaa4b75e8548b04b740e502a3ccc63c3e9052b962

HTTP Headers

GET /images/visa2.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:06:36 GMT
Accept-Ranges: bytes
Content-Length: 215093
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

citi-now.com/images/visa.png

192.3.204.226

200 OK

72 kB

URL GET HTTP/1.1
citi-now.com/images/visa.png
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
PNG image data, 403 x 261, 8-bit/color RGBA, non-interlaced\012- data
Size
72 kB (72266 bytes)
Hash
e8270036c4afed927f6850600296fbee
12b0ee8ae9830d46926b24d2f2020e2716f85276
2b1713d31a3bf731afbba5a76a5eb8e7e00c0fe126bf5b971c29e586ebd75577

HTTP Headers

GET /images/visa.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 20:51:16 GMT
Accept-Ranges: bytes
Content-Length: 72266
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_main

142.250.74.170

200 OK

76 kB

URL GET HTTP/3
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_main
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (1767)
Size
76 kB (76092 bytes)
Hash
86ca587de53cf3b2f2c6506d6e3f8590
063e657ed9ae10d940a2980a9f23ab99f1f002a8
571bfe06e40289f7b1a3518da434e1eb61cfedacdbae3ba39e1df8cc71c88a67

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.HhWtIX5MkuI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp9AKtqP8otc8jCaIn5p3wWjrGSlQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 76092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Apr 2023 19:36:09 GMT
expires: Fri, 26 Apr 2024 19:36:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 21:10:08 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 350714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.74.170

200 OK

23 B

URL GET HTTP/3
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 01 May 2023 21:01:23 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://citi-now.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.35

200 OK

846 B

URL GET HTTP/3
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 01 May 2023 19:53:31 GMT
expires: Tue, 30 Apr 2024 19:53:31 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 4072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 17:57:34 GMT
expires: Sun, 28 Apr 2024 17:57:34 GMT
cache-control: public, max-age=31536000
age: 183829
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.35

200 OK

910 B

URL GET HTTP/3
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint34:5A:0A:3B:4F:02:F9:C6:C9:D7:3F:CA:9D:17:0D:40:27:05:05:0A
ValidityMon, 03 Apr 2023 08:24:23 GMT - Mon, 26 Jun 2023 08:24:22 GMT

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 17:48:40 GMT
expires: Sun, 28 Apr 2024 17:48:40 GMT
cache-control: public, max-age=31536000
age: 184363
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.170

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 01 May 2023 21:01:23 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Mon, 01 May 2023 21:01:23 GMT
set-cookie: NID=511=L52wZQCwliHFrW22F8LC_vpnMMt3eU2rZspHpcXHnIPa16BqZTo6M3kemId3YRL5aCiwCyMSAfRTs7o5nm0yCIDqiBUquOWXwrCVGVJ09tKu2UXyA23fA-RvxSYNqS3Whn8KQndgUMkxRod-hxAWJ12_TWq_g_bUgUbGyrh6gTY; expires=Tue, 31-Oct-2023 21:01:23 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+099; expires=Wed, 30-Apr-2025 21:01:23 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

citi-now.com/images/favicon.png

192.3.204.226

200 OK

6.2 kB

URL GET HTTP/1.1
citi-now.com/images/favicon.png
IP
192.3.204.226:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://citi-now.com/
Certificate
IssuerUnizeto Technologies S.A.
Subjectciti-now.com
FingerprintC1:25:C2:F7:47:92:8C:9B:60:DD:54:A3:14:6D:A8:C2:9E:A1:87:E3
ValidityThu, 06 Apr 2023 10:39:37 GMT - Fri, 05 Apr 2024 10:39:36 GMT

File type
PNG image data, 180 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
6.2 kB (6166 bytes)
Hash
484d515408b873065b57fef1d836e0ee
eaaacaa5b471531cfa9ff1754372c76c7c200dd0
3006ed3c5349e708fad40e5b975326f872a84fd9898056ebe781826ab094923a

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: citi-now.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Cookie: PHPSESSID=34eb8e3b4cdb49fda42ea778795e40c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:23 GMT
Server: Apache
Last-Modified: Tue, 18 Apr 2023 10:40:03 GMT
Accept-Ranges: bytes
Content-Length: 6166
Strict-Transport-Security: max-age=16070400;
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png

cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

151.101.193.229

200 OK

41 kB

URL GET HTTP/2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://citi-now.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (32014)
Size
41 kB (41275 bytes)
Hash
fdd0a7a58b37d9f155cc7fa6b00200e0
1b3253a11da97aea90eed315a7169d23e8b373d8
e8823739e5e8b0492c9e444cbe0ed35489984efca1143a9f9ab23552a2dd45ca

HTTP Headers

GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Mon, 01 May 2023 21:01:25 GMT
age: 2397776
x-served-by: cache-fra-eddf8230136-FRA, cache-bma1666-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/css/min-widget.css

104.22.25.131

200 OK

46 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/css/min-widget.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (24880), with no line terminators
Size
46 kB (46202 bytes)
Hash
7fb5e8e265e8c9455cc902bfa8ee33dd
101e563c3486cc4278fc8266dfa71276aa6b477a
e355c27bd12ebd7f71b6d0cbe444a15d43ba47c080fed0e616c78ab319172cdc

HTTP Headers

GET /_s/v4/app/642b759ae8c/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24960
access-control-allow-origin: *
etag: W/"80df9814fe6b98404ccc1df3c455ceaa"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a76c941c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

1.5 kB

URL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
a3c01be61343914a820fe743af2064e3
0a262370f7d632f0731acde621d550b577659dec
7236f4e14e2424d7951db3d49cb07dbe7247decadf0f9280288e68db79685c45

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 01 May 2023 21:01:25 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6A5625BDB718B4CC2FA77BD4B51010F8399B680E"
Expires: Tue, 02 May 2023 08:00:00 GMT
Last-Modified: Mon, 01 May 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 956
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c0af5a8ac88b4fa-OSL

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js

104.22.25.131

200 OK

6.4 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-main.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
6.4 kB (6393 bytes)
Hash
e588453b57ea58c8b078fb8ea35a28fb
07fadaf5f204325503529f5bf2327237a96ed450
d5500c8bd6334df92b6d5d2d18bee5a96613a404e14f6654ecc3e40f641697fe

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:23 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e2f880b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/53/1a/common.js

142.250.74.170

200 OK

62 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/53/1a/common.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (580)
Size
62 kB (61543 bytes)
Hash
87e57c072298800a1dc9be9dc5dc4d1d
2340e799040f6f4424a7b14d2b1a3d5c3238e56f
e7e244bee8ca974df46485d2a53046fdf736300d853549dc25d61e33d4854804

HTTP Headers

GET /maps-api-v3/api/js/53/1a/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: maps.googleapis.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 61543
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Apr 2023 19:00:50 GMT
expires: Thu, 25 Apr 2024 19:00:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 25 Apr 2023 19:09:52 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 439236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/53/1a/util.js

142.250.74.170

200 OK

53 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/53/1a/util.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (564)
Size
53 kB (52758 bytes)
Hash
49d86568bfb4df31d61632deb3b137dc
4a8dff430bd28e439b37cb850915f1b97ae0c284
6897bb42f8ecd556157bdaf3310afd9611aea583fb3d9838695670ddb01879e8

HTTP Headers

GET /maps-api-v3/api/js/53/1a/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: maps.googleapis.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 52758
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Apr 2023 19:00:50 GMT
expires: Thu, 25 Apr 2024 19:00:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 25 Apr 2023 19:09:52 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 439236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.170

0 B

URL
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.170:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Referer: https://citi-now.com/
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://citi-now.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
content-type: text/plain; charset=UTF-8
date: Mon, 01 May 2023 21:01:33 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+694; expires=Wed, 30-Apr-2025 21:01:33 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 May 2023 21:01:33 GMT
cache-control: private

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.170

131 B

URL
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.170:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Encoding: gzip
Content-Type: application/binary
Content-Length: 208
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://citi-now.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 01 May 2023 21:01:33 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+329; expires=Wed, 30-Apr-2025 21:01:33 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 May 2023 21:01:33 GMT

embed.tawk.to/_s/v4/app/642b759ae8c/css/bubble-widget.css

104.22.25.131

200 OK

14 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/css/bubble-widget.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (13521), with no line terminators
Size
14 kB (13521 bytes)
Hash
950518e32fd92957181f766f08d3cf98
9fe20c86b818d3576e9d70e6ed091964cb8b7427
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

HTTP Headers

GET /_s/v4/app/642b759ae8c/css/bubble-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=13594
access-control-allow-origin: *
etag: W/"ce7913b80c763449b3895d46419f7a6b"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2316304
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a70be41c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js

104.22.25.131

200 OK

74 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (74292 bytes)
Hash
89188756a8e20dbd2b0140c3c94ed26a
d40d9d3d3201e27e8fee34e48a6b57b4266b0618
023077d134c53a612af90efdbf65f7ae210b74cb3fd1148998efa4582d151978

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-32507910.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"89188756a8e20dbd2b0140c3c94ed26a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316595
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a7d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js

104.22.25.131

200 OK

546 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (568), with no line terminators
Size
546 B (546 bytes)
Hash
c1956a61d95d03bd8abc011c705c7d3b
a5b060fabc618729ee1a9ef49059995689d19f0c
f0525a8cf45170ef8b8a6d646d23d142c2fce17134a5800dd49893a5c5e781d2

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"09c3819d373bd4178a620d721429fada"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2256457
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a761c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/css/message-preview.css

104.22.25.131

200 OK

38 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/css/message-preview.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38135), with no line terminators
Size
38 kB (38135 bytes)
Hash
f1216623b93f4cee059c5617354220b2
57bde0e4098faebd89c3581167b761c0ac450edb
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc

HTTP Headers

GET /_s/v4/app/642b759ae8c/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=38268
access-control-allow-origin: *
etag: W/"949ecc85ac578750ec9a03e5680f7b0e"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a76c991c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

va.tawk.to/log-performance/v3

104.22.25.131

200 OK

0 B

URL OPTIONS HTTP/3
va.tawk.to/log-performance/v3
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citi-now.com/
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
x-served-by: visitor-application-preemptive-dpgb
access-control-allow-origin: https://citi-now.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5aaf84e1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/615784c8d326717cb684536a/1fguttcga

104.22.25.131

200 OK

2.1 kB

URL GET HTTP/2
embed.tawk.to/615784c8d326717cb684536a/1fguttcga
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2310), with no line terminators
Size
2.1 kB (2123 bytes)
Hash
3505f9479228534bfa20b5da5b1fc2b0
5530237772b1ef94a93f76f8b275ff09cc4bd386
356076a52d9cfd8a12b9c6347fd0831f21ed8b4837d3711ee4e8a6801db40ba7

HTTP Headers

GET /615784c8d326717cb684536a/1fguttcga HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:22 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-642b759ae8c"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af595fe270b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

va.tawk.to/v1/session/start

104.22.25.131

200 OK

986 B

URL POST HTTP/3
va.tawk.to/v1/session/start
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1070), with no line terminators
Size
986 B (986 bytes)
Hash
621ed68f988e8d75e7848f31516d6114
35c8a4803e8f94982ec7317c85eb6b66f9ec1e7f
ce742703f95a5f647d7dd4e4a7297ebb2d9bdcdac2a03e7ab2bf37dc22315d67

HTTP Headers

POST /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citi-now.com/
Content-Type: application/json; charset=utf-8
Content-Length: 174
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-dpgb
access-control-allow-origin: https://citi-now.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a36ec11c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js

104.22.25.131

200 OK

11 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11056), with no line terminators
Size
11 kB (11056 bytes)
Hash
a92075fd9ac5ba130387a80453676099
4b5b13cf9479b8311d574356e53f8da74200c57a
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-f163fcd0.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a92075fd9ac5ba130387a80453676099"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a781c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js

104.22.25.131

200 OK

942 B

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (992), with no line terminators
Size
942 B (942 bytes)
Hash
6363f547762d97e2dad37d15550527e7
761e6ff070f211fa601c9d1be21658da20e95ce8
bf85cf3737bca26569763313dcadec3362aa4ec45de16247c0c18fb2c79fa969

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a741c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/css/max-widget.css

104.22.25.131

200 OK

76 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/css/max-widget.css
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
76 kB (75642 bytes)
Hash
bb5f3f8136ec2154b73c02604fe6bd01
7b63db15a7fd9e9eecf8d3aaeb1d5daf33e5b173
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41

HTTP Headers

GET /_s/v4/app/642b759ae8c/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=75771
access-control-allow-origin: *
etag: W/"0158db159e8967dbda5865ed6b2e435d"
last-modified: Tue, 04 Apr 2023 00:57:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a76c9d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js

104.22.25.131

200 OK

211 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type

Size
211 kB (211420 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"27a109773b0fdd12c9737166eb5719c2"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f950b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js

104.22.25.131

200 OK

2.3 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-runtime.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2349), with no line terminators
Size
2.3 kB (2306 bytes)
Hash
8d3ced0b56bcac30ac462b815cdeebaa
57271fbe4fb8ea407f415ecdc6614a567bed6fc4
f53e05fd2b57660aa6539fdf6074fe8d4e020bd4d9ff0afba57f6d5d39fd6aea

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:23 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"cbcaf94cf2c68654c23d2fa971522e9e"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f9a0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js

104.22.25.131

200 OK

7.1 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7672), with no line terminators
Size
7.1 kB (7068 bytes)
Hash
07edfe7c995ad4ca565536abad5e51b0
80655f9a2d723533f8aa078d0684129994413c4a
b097fab7910c102705d91197e16f1175fe039e6740e6f79693df820708139a1b

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-2c78ba82.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a64a4e1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

va.tawk.to/v1/session/start

104.22.25.131

200 OK

0 B

URL OPTIONS HTTP/3
va.tawk.to/v1/session/start
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citi-now.com/
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
x-served-by: visitor-application-preemptive-tr8r
access-control-allow-origin: https://citi-now.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a24b5ab529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

va.tawk.to/log-performance/v3

104.22.25.131

200 OK

5 B

URL POST HTTP/3
va.tawk.to/log-performance/v3
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
38a8a3e3b4b6a6e4f295b2e0f899b1f0
474f5fac3d23afbaf16c5a31c98dfcd956e4c186
7652c7891ed06bce4174ab00a6ee9721daf6a4286929213ecb7daf42cd866615

HTTP Headers

POST /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citi-now.com/
Content-Type: application/json; charset=utf-8
Content-Length: 95
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-1p29
access-control-allow-origin: https://citi-now.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5abf9391c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

vsb29.tawk.to/s/?k=645028a45625d7d34e1c4628&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEiLCJ2aWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEtVDRHNk1NU2txSHQyb1FtdjVMWVpsIiwic2lkIjoiNjQ1MDI4YTQ1NjI1ZDdkMzRlMWM0NjI4IiwiaWF0IjoxNjgyOTc0ODg0LCJleHAiOjE2ODI5NzY2ODQsImp0aSI6Ik9DYnFrdjJEMjhrYTFRSnJhSWp4ciJ9.W-SZ5A-WSaHLivtaTz3ICnjFFaEXFuNFSwJVOBEvYZSJhHVKwqRObkrFXxI7TdD9_ZsUvpcYF6hc7Cysfy6HVw&EIO=3&transport=websocket&__t=OVP7iwl

172.67.38.66

101 Switching Protocols

0 B

URL GET HTTP/1.1
vsb29.tawk.to/s/?k=645028a45625d7d34e1c4628&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEiLCJ2aWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEtVDRHNk1NU2txSHQyb1FtdjVMWVpsIiwic2lkIjoiNjQ1MDI4YTQ1NjI1ZDdkMzRlMWM0NjI4IiwiaWF0IjoxNjgyOTc0ODg0LCJleHAiOjE2ODI5NzY2ODQsImp0aSI6Ik9DYnFrdjJEMjhrYTFRSnJhSWp4ciJ9.W-SZ5A-WSaHLivtaTz3ICnjFFaEXFuNFSwJVOBEvYZSJhHVKwqRObkrFXxI7TdD9_ZsUvpcYF6hc7Cysfy6HVw&EIO=3&transport=websocket&__t=OVP7iwl
IP
172.67.38.66:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/?k=645028a45625d7d34e1c4628&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEiLCJ2aWQiOiI2MTU3ODRjOGQzMjY3MTdjYjY4NDUzNmEtVDRHNk1NU2txSHQyb1FtdjVMWVpsIiwic2lkIjoiNjQ1MDI4YTQ1NjI1ZDdkMzRlMWM0NjI4IiwiaWF0IjoxNjgyOTc0ODg0LCJleHAiOjE2ODI5NzY2ODQsImp0aSI6Ik9DYnFrdjJEMjhrYTFRSnJhSWp4ciJ9.W-SZ5A-WSaHLivtaTz3ICnjFFaEXFuNFSwJVOBEvYZSJhHVKwqRObkrFXxI7TdD9_ZsUvpcYF6hc7Cysfy6HVw&EIO=3&transport=websocket&__t=OVP7iwl HTTP/1.1
Host: vsb29.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://citi-now.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MwXxdRTxhT74b/AKDjuGjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Mon, 01 May 2023 21:01:25 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: zmijxkIETUVsRcx6oN7HUErDVw0=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7c0af5a70a20b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.googleapis.com/css?family=Montserrat

142.250.74.106

200 OK

1.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (1898), with no line terminators
Size
1.9 kB (1858 bytes)
Hash
df8350be8a9bbf4160d438ba239906d0
51ff94a484fc167f11d5f8864ca24cd7312ff284
f08e7a512fd488ab2194c9d57e3553122e183f36deaafd4a56e3f212735212b9

HTTP Headers

GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 01 May 2023 21:01:18 GMT
date: Mon, 01 May 2023 21:01:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js

104.22.25.131

200 OK

197 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-common.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65466)
Size
197 kB (197429 bytes)
Hash
a9acef5db79df87d4a97ef0644902d48
e12501304cdddd5f1beee918c68284eadde212e7
cf838191c065eb8a98b4c32690462d2828259c796c95157a27cfcd3df9dc71ed

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a9acef5db79df87d4a97ef0644902d48"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f970b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

va.tawk.to/v1/widget-settings?propertyId=615784c8d326717cb684536a&widgetId=1fguttcga&sv=undefined

104.22.25.131

200 OK

2.8 kB

URL GET HTTP/3
va.tawk.to/v1/widget-settings?propertyId=615784c8d326717cb684536a&widgetId=1fguttcga&sv=undefined
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (3283), with no line terminators
Size
2.8 kB (2849 bytes)
Hash
dcf414592f92a03ee5bfbaf88d80537f
d0b6612b55f79ee433a05af8f48415831c4c8d5d
9b9d2e567f02c7165e57a87567b96845a793b9b7e7288f1000ab872447976c77

HTTP Headers

GET /v1/widget-settings?propertyId=615784c8d326717cb684536a&widgetId=1fguttcga&sv=undefined HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citi-now.com/
Origin: https://citi-now.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-dpgb
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-12-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a22afeb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js

104.22.25.131

200 OK

17 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16814), with no line terminators
Size
17 kB (16814 bytes)
Hash
3fd68b27902043cbf7d50fa19809babb
c3cf7276b06a8232edf73734d91813d46cdfdb09
1017110c7ff8f11157f5189d5bf4921401b313563af4b250163628c4fc5f26d5

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-696bc286.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"3fd68b27902043cbf7d50fa19809babb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a64a531c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js

104.22.25.131

200 OK

78 kB

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-vendor.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type

Size
78 kB (77752 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:23 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f930b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js

104.22.25.131

200 OK

151 B

URL GET HTTP/2
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-app.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
151 B (151 bytes)
Hash
04a9862af6efaf787bc8fb8e99ba6987
a57bb8f258eb1a60dc3b288a608ad8ef9fbecef3
ecc74c329a700e3e6ca29aed5ffe3c166cf39670c8b11573fa7f837f79a71b5c

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citi-now.com
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 May 2023 21:01:23 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af59e3f9b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js

104.22.25.131

200 OK

17 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/languages/en.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
17 kB (16877 bytes)
Hash
585ba00b2c167b90c210161454f843b5
89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

HTTP Headers

GET /_s/v4/app/642b759ae8c/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"585ba00b2c167b90c210161454f843b5"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a619f91c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js

104.22.25.131

200 OK

10 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10469), with no line terminators
Size
10 kB (10469 bytes)
Hash
a902d29bb2d86f4de3feae8e697eed5a
87ddb488d60df982c5a55a15e62d59c1044c2ab0
7979ef8653d67f3fa9dd237e08a359371ae1f541e62ec2b135364a0969ca7f8f

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-f1596d96.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"a902d29bb2d86f4de3feae8e697eed5a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316304
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a65a6a1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg

104.22.25.131

200 OK

22 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (22356), with no line terminators
Size
22 kB (22356 bytes)
Hash
f66e029841759471d2ec78b86760dca7
d9db67738984efee3dd63cb144759ac0521c7dda
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526

HTTP Headers

GET /_s/v4/assets/images/attention-grabbers/168-r-br.svg HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:25 GMT
content-type: image/svg+xml
age: 1094853
last-modified: Sat, 22 May 2021 07:25:19 GMT
etag: W/"f66e029841759471d2ec78b86760dca7"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a75c911c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

142.250.74.110

200 OK

80 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT

File type
ASCII text, with very long lines (2474)
Size
80 kB (79537 bytes)
Hash
9c6a1566d293aedb243b8c546db6cdda
105e7c03fd45a7c40e46f0b968f176d916361774
8882a21124e6665377454ed9c97b4989d0c036b89cfeee461e86526cb329f547

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 May 2023 21:01:18 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+119; expires=Wed, 30-Apr-2025 21:01:18 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js

104.22.25.131

200 OK

16 kB

URL GET HTTP/3
embed.tawk.to/_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js
IP
104.22.25.131:443
ASN
#13335 CLOUDFLARENET

Requested by
https://citi-now.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (15846), with no line terminators
Size
16 kB (15846 bytes)
Hash
0d3d21546a441253c44a8c1d274a485a
721f9007bf8fb314d6c6506bf837dc6fe573e684
ce6eb52e07dc8dfb25e967feffbb8a20d4a4c9a31c99ab9a1b410253a3082a26

HTTP Headers

GET /_s/v4/app/642b759ae8c/js/twk-chunk-48f46bef.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: embed.tawk.to
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 01 May 2023 21:01:24 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 00:57:27 GMT
etag: W/"0d3d21546a441253c44a8c1d274a485a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2316596
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c0af5a66a721c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:100,100i,300,400,400i,500,500i,700

142.250.74.106

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,100i,300,400,400i,500,500i,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://citi-now.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text
Size
17 kB (17419 bytes)
Hash
c5f503f11f59b36dfc484910d0982e15
f1c5d6f7ab57d67d37b457b71006522cab18659c
86bd71b2c17cc55778ffd19acc5e949a99ab44cd8a55d55097706e7148c15abf

HTTP Headers

GET /css?family=Roboto:100,100i,300,400,400i,500,500i,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citi-now.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 01 May 2023 21:01:18 GMT
date: Mon, 01 May 2023 21:01:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML