citizens.cw Open in urlscan Pro
199.16.173.151 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citizens.cw/
Submission: On November 11 via automatic, source certstream-suspicious (November 11th 2024, 2:12:41 pm UTC) — Scanned from DE

Summary HTTP 57 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 57 HTTP transactions. The main IP is 199.16.173.151, located in United States and belongs to AUTOMATTIC, US. The main domain is citizens.cw.
TLS certificate: Issued by E5 on November 4th 2024. Valid for: 3 months.

This is the only time citizens.cw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	199.16.173.151 199.16.173.151	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
6	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	52.45.92.77 52.45.92.77	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
57	16

19 199.16.173.151 (United States)

ASN2635 (AUTOMATTIC, US)

citizens.cw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.92.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-92-77.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	citizens.cw citizens.cw	116 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	185 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
4	gstatic.com fonts.gstatic.com	58 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	232 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 27477	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3409 pixel.wp.com — Cisco Umbrella Rank: 3394	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	27 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3607
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
57	14

	Domain	Requested by
19	citizens.cw	citizens.cw
6	cdnjs.cloudflare.com	citizens.cw cdnjs.cloudflare.com
5	region1.google-analytics.com	www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	citizens.cw www.googletagmanager.com
2	www.facebook.com	citizens.cw
2	secure.gaug.es	citizens.cw
2	connect.facebook.net	citizens.cw connect.facebook.net
2	www.youtube.com	citizens.cw www.youtube.com
2	cdn.jsdelivr.net	citizens.cw
1	pixel.wp.com	citizens.cw
1	www.google.com	www.googletagmanager.com
1	www.youtube-nocookie.com	citizens.cw
1	fonts.googleapis.com	citizens.cw
1	stats.wp.com	citizens.cw
57	15

This site contains links to these domains. Also see Links.

Domain
www.citizens.aw
www.facebook.com
wa.me
profoundprojects.com

Subject Issuer	Validity	Valid
tls.automattic.com E5	`2024-11-04` - `2025-02-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-20` - `2024-11-18`	3 months	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2024-03-03` - `2025-04-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://citizens.cw/
Frame ID: AAC9977C2CF4D924978BFD5246D8E6B8
Requests: 54 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lD91RM-qoW8?controls=0&showinfo=0&rel=0&autoplay=1&loop=1&mute=1&enablejsapi=1&playlist=lD91RM-qoW8
Frame ID: E126864D6C6B7674E89C95FF94B89F2F
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fcitizens.cw
Frame ID: E89A8A3EFEBB23A3A0E22F5F3F129437
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citizens Insurance | Reliable, Affordable, simple | Car, Health & Home |

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

57
Requests

91 %
HTTPS

47 %
IPv6

14
Domains

15
Subdomains

16
IPs

3
Countries

715 kB
Transfer

1913 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citizens.aw/
Title: Aruba

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citizenscuracao/

Search URL Search Domain Scan URL

URL: https://wa.me/+59996855566

Search URL Search Domain Scan URL

URL: https://profoundprojects.com/

Search URL Search Domain Scan URL

URL: https://wa.me/59996855566

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
citizens.cw/ 41 KB
10 KB 378ms
160ms Document
text/html 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc5f2a01a960a0f9afe83aa97f5a34a198c324c98aa41a50465bd2a2dcd6ae0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=299, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Nov 2024 14:12:04 GMT
host-header: wpcloud
last-modified: Mon, 11 Nov 2024 14:12:03 GMT
link: <https://citizens.cw/wp-json/>; rel="https://api.w.org/" <https://citizens.cw/wp-json/wp/v2/pages/600>; rel="alternate"; title="JSON"; type="application/json" <https://citizens.cw/>; rel=shortlink
permissions-policy: camera=(none)
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 1.hhn _atomic_ams BYPASS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-nananana: Batcache-Hit
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
citizens.cw/wp-includes/css/dist/block-library/ 110 KB
15 KB 147ms
142ms Stylesheet
text/css 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"66d88f8f-1b72b"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 1.hhn _atomic_ams BYPASS
content-type: text/css
last-modified: Wed, 04 Sep 2024 16:49:19 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 mediaelementplayer-legacy.min.css
citizens.cw/wp-includes/js/mediaelement/ 11 KB
3 KB 146ms
141ms Stylesheet
text/css 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"5f735862-2bf8"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 1.hhn _atomic_ams BYPASS
content-type: text/css
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 wp-mediaelement.min.css
citizens.cw/wp-includes/js/mediaelement/ 4 KB
1 KB 153ms
148ms Stylesheet
text/css 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"5cfaccce-105a"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 1.hhn _atomic_ams BYPASS
content-type: text/css
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 12 KB
4 KB 170ms
50ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
age: 1750040
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 11 Nov 2024 14:12:04 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230072-FRA, cache-mxp6947-MXP
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3370
x-jsd-version: 3.5.7

GET
H3 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ 2 KB
1 KB 141ms
92ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03f2b-745"
age: 314912
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3h5eKeRY7v3Sp10mFoNotiXRSc0YPFQuuin3qZUYXWBmUAPyElMNrSWZ3AYHq01N3E%2FSmv5f720KbeeY4cgAC%2F867SFUQ5mf7qnXWlbbPDO3A6dfb6zJGZd8HKkX0uxyZR9g4KH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 14:12:04 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:13:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e0ee0095f2d91de-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 633
server: cloudflare

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 99ms
50ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f5628a2-11846"
age: 505268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3tiTx3f0wZg0RgSpbt%2B2jXc9n9owOA6YLed%2F%2B6To56fVm%2B7P%2BVN6lsGI3h1b6x9dmVr0tHU8hCYh8MvOM8SpRmrM82MtTO9aht8X6EnNKEBdI6zP9LAd1Rul30z4JOhD4eTDGF8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 14:12:04 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e0ee0095f2b91de-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4216
server: cloudflare

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/ 101 KB
19 KB 99ms
52ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "660cc074-49fa"
age: 225391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7anHkTEZ89rmpmPh4sWzSxBlX3R1EoB0S5FJAFcsr%2BfBz20TMjoOUFurxOOV4iDunmkToy6p9n6lpzErxaJ7%2Bgj%2B4lOoz2r0%2Fp2c9Zv7mXn0kqYXy%2FbHn71kjHIp7iW0X8Ci3ML8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 14:12:04 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 03 Apr 2024 02:35:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e0ee0094f2891de-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18938
server: cloudflare

GET
H2 200 style.css
citizens.cw/wp-content/themes/Citizen-insurance/ 54 KB
10 KB 242ms
240ms Stylesheet
text/css 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5c0dc07be2f67b55e28132a0116416b00c08047a177a431629d0ad8cfc31521e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"66de8c95-d678"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 1.hhn _atomic_ams BYPASS
content-type: text/css
last-modified: Mon, 09 Sep 2024 05:50:13 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
4 KB 137ms
91ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03f26-2b4c"
age: 554071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKI2KMb9hNQAqHsUj514%2BPiBvx4XVSANCrgJhmQ3jwdbsNHuin%2BFdqn%2BwYBpkFddiKohpE2AsRiT67V9DBezXRsCIatwcQzMZ%2Bzh5p1%2B72Uztq%2BxmTzcgZ%2BoEa9cFwPNmIMBOh9h"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 14:12:04 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:13:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e0ee0095f2c91de-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3980
server: cloudflare

GET
H2 200 jquery.min.js Show response
citizens.cw/wp-includes/js/jquery/ 86 KB
31 KB 200ms
198ms Script
application/javascript 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/wp-includes/js/jquery/jquery.min.js

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"64ecd5ef-15601"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 1.hhn _atomic_ams BYPASS
content-type: application/javascript
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
citizens.cw/wp-includes/js/jquery/ 13 KB
5 KB 200ms
199ms Script
application/javascript 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"6482bd64-3509"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 1.hhn _atomic_ams BYPASS
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 logo.svg
citizens.cw/wp-content/uploads/2021/06/ 15 KB
16 KB 208ms
207ms Image
image/svg+xml 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/uploads/2021/06/logo.svg

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c2733c5b7685fc69c9a4e4f3c5c5d35bf8e601ff9b67bd0d713566d2aa85b6fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "60c76cd1-3d32"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 15666
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 1.hhn _atomic_ams BYPASS
content-type: image/svg+xml
last-modified: Mon, 14 Jun 2021 14:50:57 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 Flag_of_Aruba.png
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 6 KB
6 KB 162ms
161ms Image
image/png 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/Flag_of_Aruba.png

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7016f2b3f95d6cc31591a3efbb538e7710e21642d198c68580955e49839abd32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "668272c3-189e"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 6302
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 1.hhn _atomic_ams BYPASS
content-type: image/png
last-modified: Mon, 01 Jul 2024 09:11:31 GMT
server: nginx

GET
H3 200 Flag_of_Cura%C3%A7ao.png
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 13 KB
13 KB 150ms
150ms Image
image/png 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/Flag_of_Cura%C3%A7ao.png

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7ff17a88b521d4b5745516f3f163fb89cb00202ad24825f72b2683b4ab8218da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "668272c3-3306"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13062
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: image/png
last-modified: Mon, 01 Jul 2024 09:11:31 GMT
server: nginx

GET
H3 200 phone.png
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 692 B
999 B 143ms
143ms Image
image/png 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/phone.png

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9b8055bb5bffbc435c90115a5be5a739a322a4e6b980190a38bbbd2e7eb462ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "608147b8-2b4"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:04 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 692
date: Mon, 11 Nov 2024 14:12:04 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: image/png
last-modified: Thu, 22 Apr 2021 09:54:00 GMT
server: nginx

GET
H3 200 fb.svg
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 6 KB
0 243ms
243ms Image
image/svg+xml 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/fb.svg

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"60815644-a27f"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:05 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: image/svg+xml
last-modified: Thu, 22 Apr 2021 10:56:04 GMT
server: nginx
vary: Accept-Encoding

GET whatsapp.png
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 0
0

GET screen.svg
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 0
0

GET product-1.svg
citizens.cw/wp-content/uploads/2021/04/ 0
0

GET
H3 200 prouct-2.svg
citizens.cw/wp-content/uploads/2021/04/ 783 B
0 1168ms
1167ms Image
image/svg+xml 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/uploads/2021/04/prouct-2.svg

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "60816060-2657"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9815
date: Mon, 11 Nov 2024 14:12:05 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: image/svg+xml
last-modified: Thu, 22 Apr 2021 11:39:12 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 product-3.svg
citizens.cw/wp-content/uploads/2021/04/ 2 KB
0 460ms
458ms Image
image/svg+xml 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/uploads/2021/04/product-3.svg

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "60816086-1f9d"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 8093
date: Mon, 11 Nov 2024 14:12:05 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: image/svg+xml
last-modified: Thu, 22 Apr 2021 11:39:50 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 e-202446.js Show response
stats.wp.com/ 7 KB
3 KB 546ms
427ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202446.js
Requested by: Host: citizens.cw
URL: https://citizens.cw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000
content-encoding: br
x-nc: HIT hhn
etag: W/14421-1717166113344.7605
x-minify: t
x-minify-cache: hit
access-control-allow-methods: GET, HEAD
expires: Sat, 08 Nov 2025 11:43:26 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx

GET
H2 200 jquery.fancybox.min.js Show response
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 67 KB
23 KB 54ms
49ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
age: 3936198
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220109-FRA, cache-mxp6947-MXP
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23149
x-jsd-version: 3.5.7

GET
H3 200 jquery.matchHeight-min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/ 3 KB
2 KB 51ms
48ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/jquery.matchHeight-min.js

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-d34"
age: 323192
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWBjDcLdZ10fdvAeGP2yCxBjIcAcXehhRz27KI%2FuuGLt3UAkXCzhC5KtV2Kmkm7q3fmpdCXOPHzBY%2Fa2W4gkvXcI%2Blrhqkjzd1tq%2FBC6oG78AEdOms%2FYq%2FE9GW1pgpkIz0QO7ZRV"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 14:12:05 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e0ee00bc94091de-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1221
server: cloudflare

GET
H3 200 main.js Show response
citizens.cw/wp-content/themes/Citizen-insurance/assets/js/ 7 KB
2 KB 262ms
260ms Script
application/javascript 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/js/main.js

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0ef2676a5016ed682983a146681da0fcd6e941645601eede9267cf09ea8fcbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"668275c9-1bae"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:05 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: application/javascript
last-modified: Mon, 01 Jul 2024 09:24:25 GMT
server: nginx
vary: Accept-Encoding

GET 689ff5aa-e393-46c7-abc7-d37b336970a1
https://citizens.cw/ Frame 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
101 KB 197ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZS8KMF

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa9c980cab8aa701e4046549d233b37d35807ec68553074854cf86bf4cde0058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 11 Nov 2024 14:12:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 11 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102531
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 142ms
51ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap

Requested by

Host: citizens.cw
URL: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14b33661c2188f49ca703ffb4937d485b73598ecff117dfa774be3d234bd4506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 14:12:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 14:12:04 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 11 Nov 2024 12:30:05 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 164ms
89ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://citizens.cw
Referer: https://fonts.googleapis.com/

Response headers

age: 427796
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:22:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:22:09 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H2 200 lD91RM-qoW8
www.youtube-nocookie.com/embed/ Frame E126 0
0 804ms
241ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/lD91RM-qoW8?controls=0&showinfo=0&rel=0&autoplay=1&loop=1&mute=1&enablejsapi=1&playlist=lD91RM-qoW8

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 14:12:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 238ms
86ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17b3c384ec1b5ed6df85a810d4ae90a3b58461a35b415a9d20daa2a9bedf20d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Mon, 11 Nov 2024 14:12:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H3 200 mobile-home.svg
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 1 KB
0 1109ms
1107ms Image
image/svg+xml 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/mobile-home.svg

Requested by

Host: citizens.cw
URL: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"608bda96-1fa8"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:05 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: image/svg+xml
last-modified: Fri, 30 Apr 2021 10:23:18 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 mobile-heart.svg
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 1020 B
0 154ms
152ms Image
image/svg+xml 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/mobile-heart.svg

Requested by

Host: citizens.cw
URL: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"608bda97-2662"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:05 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: image/svg+xml
last-modified: Fri, 30 Apr 2021 10:23:19 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 mobile-car.svg
citizens.cw/wp-content/themes/Citizen-insurance/assets/img/ 4 KB
0 597ms
594ms Image
image/svg+xml 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/mobile-car.svg

Requested by

Host: citizens.cw
URL: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"608bda98-5bac"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:05 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: image/svg+xml
last-modified: Fri, 30 Apr 2021 10:23:20 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/ 153 KB
153 KB 78ms
74ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://citizens.cw
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "660cc074-262f0"
age: 328282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdSB1l%2F0UeiUZ%2BFml5Cd1UzYVHd%2Bg978gRSOyK9jMCv8PHdKaHX7Ne0ybW%2BFWLa8mdhREitN0mtsn91ZB%2BVgoNHe6zZkdRwHArceKC1q6M%2FCqLinz%2BRlOLufmRReLThJ%2BSGAsPLZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 14:12:05 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Wed, 03 Apr 2024 02:35:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e0ee00d0d09dc50-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 156400
server: cloudflare

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 51ms
49ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://citizens.cw
Referer: https://fonts.googleapis.com/

Response headers

age: 427733
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:23:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:23:12 GMT
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14712
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 65ms
63ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://citizens.cw
Referer: https://fonts.googleapis.com/

Response headers

age: 427953
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:19:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:19:32 GMT
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14824
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 58ms
55ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://citizens.cw
Referer: https://fonts.googleapis.com/

Response headers

age: 427895
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:20:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:20:30 GMT
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14780
x-xss-protection: 0
server: sffe

GET
H3 200 ppl.ttf
citizens.cw/wp-content/themes/Citizen-insurance/assets/fonts/ 3 KB
2 KB 680ms
678ms Font
application/font-ttf 199.16.173.151
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.cw/wp-content/themes/Citizen-insurance/assets/fonts/ppl.ttf

Requested by

Host: citizens.cw
URL: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.151 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

19c6da276e4d09f491eff75e0793657954e1c54935bfc4ef63127ae54e9a5635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://citizens.cw
Referer: https://citizens.cw/wp-content/themes/Citizen-insurance/style.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
content-encoding: br
etag: W/"60803857-b70"
access-control-allow-methods: GET, HEAD
expires: Tue, 11 Nov 2025 14:12:05 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
x-ac: 2.hhn _atomic_ams BYPASS
content-type: application/font-ttf
last-modified: Wed, 21 Apr 2021 14:36:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/baafab19/www-widgetapi.vflset/ 30 KB
10 KB 49ms
44ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/baafab19/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab729c30cf1f421e9f8d2f9d8a6f5981fc906e90da32d5a46c7cbbf251fe8af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
age: 18241
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 11 Nov 2025 09:08:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 09:08:04 GMT
last-modified: Wed, 06 Nov 2024 05:17:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10157
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 412 KB
131 KB 97ms
92ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S6QJM10NCH&l=dataLayer&cx=c&gtm=45He4b70v830966851za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZS8KMF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ab66dff9da7be4294feef513ff5a108f6f07d7cbbd07dbf3ddb9eb2b9e5f2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 11 Nov 2024 14:12:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134007
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 171ms
58ms Ping
text/plain 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fcitizens.cw%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1540359668.1731334325&auid=287053908.1731334325&npa=1&gtm=45He4b70v830966851za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102015666&tft=1731334325491&tfd=1269&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZS8KMF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f196.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 118ms
44ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-cQHiB85F' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-cQHiB85F' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=56, rtx=0, c=23, mss=1232, tbw=4420, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 3brIwaRbFe9dAmho3ktPuqGqSLVma7r54Vs7ZFHPp9fmDiB1tTo1+iy9SHZF+REASd0msUfqSVmNiP0nueg5Rg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62105
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame E89A 0
0 129ms
40ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fcitizens.cw

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZS8KMF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 81264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 15:37:41 GMT
expires: Mon, 10 Nov 2025 15:37:41 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 141ms
88ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=192118194&post=600&tz=0&srv=citizens.cw&hp=atomic&ac=3&amp=0&j=1%3A14.0&host=citizens.cw&ref=&fcp=1334&rand=0.3662658753323791
Requested by: Host: citizens.cw
URL: https://citizens.cw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
access-control-allow-origin: *
content-length: 50
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:05 GMT
content-type: image/gif
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 262ms
81ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S6QJM10NCH&gtm=45je4b70v9177764413z8830966851za200zb830966851&_p=1731334324650&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=855297394.1731334326&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731334325&sct=1&seg=0&dl=https%3A%2F%2Fcitizens.cw%2F&dt=Citizens%20Insurance%20%7C%20Reliable%2C%20Affordable%2C%20simple%20%7C%20Car%2C%20Health%20%26%20Home%20%7C&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1814
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6QJM10NCH&l=dataLayer&cx=c&gtm=45He4b70v830966851za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://citizens.cw
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 14:12:06 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 586ms
127ms Script
application/javascript 52.45.92.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: citizens.cw
URL: https://citizens.cw/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.92.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-92-77.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

ETag: "65f04ae5-ef5"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829
Date: Mon, 11 Nov 2024 14:12:06 GMT
Content-Type: application/javascript
Last-Modified: Tue, 12 Mar 2024 12:30:29 GMT
Server: nginx/1.10.3 (Ubuntu)

GET
H3 200 327137724125981 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 160ms
158ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/327137724125981?v=2.9.176&r=stable&domain=citizens.cw&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

4e6ad7b536e9ff7ba677c0334ead49ee19ba651b0d35a49b651356b1aadc15cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-7CbqkP8o' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:06 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-7CbqkP8o' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=76, mss=1232, tbw=70274, tp=66, tpl=0, uplat=99, ullat=0
pragma: public
x-fb-debug: YkkWvuN4eEdaEnatGWpXsH0IzdOESmSDxN4zP9t7jocqnFtn+q/5uPJRkkLv+UGrWoua3V0xsHale6RH2js/sw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET wp-emoji-release.min.js
citizens.cw/wp-includes/js/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 167ms
55ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=327137724125981&ev=PageView&dl=https%3A%2F%2Fcitizens.cw%2F&rl=&if=false&ts=1731334326411&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731334326395.247145891367829804&ler=empty&cdl=API_unavailable&it=1731334326214&coo=false&rqm=GET

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=2908, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 11 Nov 2024 14:12:06 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 301ms
190ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=327137724125981&ev=PageView&dl=https%3A%2F%2Fcitizens.cw%2F&rl=&if=false&ts=1731334326411&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731334326395.247145891367829804&ler=empty&cdl=API_unavailable&it=1731334326214&coo=false&rqm=FGET

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436024309811729618"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 14:12:06 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: dh8nX1Vt2cNA/jP5sDqs8lSP+aCSFoij6EGcJaCxse4MKl3mRnRbsLUyJzG3eQ7ogv9+MGCyg9agozhdkntX4w==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436024309811729618", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=3226, tp=-1, tpl=-1, uplat=136, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 127ms
127ms Image
image/gif 52.45.92.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=607dab21caa02b398445df41&h[resource]=https%3A%2F%2Fcitizens.cw%2F&h[referrer]=&h[title]=Citizens%20Insurance%20%7C%20Reliable%2C%20Affordable%2C%20simple%20%7C%20Car%2C%20Health%20%26%20Home%20%7C&h[user_agent]=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1731334326726

Requested by

Host: citizens.cw
URL: https://citizens.cw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.92.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-92-77.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: no-store, no-cache, must-revalidate, private
Pragma: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Sat, 25 Nov 2000 05:00:00 GMT
Content-Length: 35
Date: Mon, 11 Nov 2024 14:12:06 GMT
Content-Type: image/gif
Last-Modified: Mon, 11 Nov 2024 14:12:06 GMT
Server: nginx/1.10.3 (Ubuntu)

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 54ms
53ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S6QJM10NCH&gtm=45je4b70v9177764413za200zb830966851&_p=1731334324650&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=855297394.1731334326&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1731334325&sct=1&seg=0&dl=https%3A%2F%2Fcitizens.cw%2F&dt=Citizens%20Insurance%20%7C%20Reliable%2C%20Affordable%2C%20simple%20%7C%20Car%2C%20Health%20%26%20Home%20%7C&_s=2&tfd=8393
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6QJM10NCH&l=dataLayer&cx=c&gtm=45He4b70v830966851za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://citizens.cw
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 14:12:12 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 49ms
49ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S6QJM10NCH&gtm=45je4b70v9177764413za200zb830966851&_p=1731334324650&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=855297394.1731334326&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1731334325&sct=1&seg=1&dl=https%3A%2F%2Fcitizens.cw%2F&dt=Citizens%20Insurance%20%7C%20Reliable%2C%20Affordable%2C%20simple%20%7C%20Car%2C%20Health%20%26%20Home%20%7C&en=video_progress&epn.video_current_time=9&epn.video_duration=35&epn.video_percent=25&ep.video_provider=youtube&ep.video_title=CI%20Sambil%20Launch%20horizontal%20substitles&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Flist%3DTLGG6lRuaJkxuGgxMTExMjAyNA%26v%3DlD91RM-qoW8&ep.visible=true&_et=5222&tfd=17058
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6QJM10NCH&l=dataLayer&cx=c&gtm=45He4b70v830966851za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://citizens.cw
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 14:12:21 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 104ms
103ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S6QJM10NCH&gtm=45je4b70v9177764413za200zb830966851&_p=1731334324650&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=855297394.1731334326&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=4&sid=1731334325&sct=1&seg=1&dl=https%3A%2F%2Fcitizens.cw%2F&dt=Citizens%20Insurance%20%7C%20Reliable%2C%20Affordable%2C%20simple%20%7C%20Car%2C%20Health%20%26%20Home%20%7C&en=video_progress&epn.video_current_time=18&epn.video_duration=35&epn.video_percent=50&ep.video_provider=youtube&ep.video_title=CI%20Sambil%20Launch%20horizontal%20substitles&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Flist%3DTLGG6lRuaJkxuGgxMTExMjAyNA%26v%3DlD91RM-qoW8&ep.visible=true&_et=8727&tfd=25807
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6QJM10NCH&l=dataLayer&cx=c&gtm=45He4b70v830966851za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://citizens.cw
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 14:12:30 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 55ms
53ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S6QJM10NCH&gtm=45je4b70v9177764413za200zb830966851&_p=1731334324650&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=855297394.1731334326&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=5&sid=1731334325&sct=1&seg=1&dl=https%3A%2F%2Fcitizens.cw%2F&dt=Citizens%20Insurance%20%7C%20Reliable%2C%20Affordable%2C%20simple%20%7C%20Car%2C%20Health%20%26%20Home%20%7C&en=video_progress&epn.video_current_time=26&epn.video_duration=35&epn.video_percent=75&ep.video_provider=youtube&ep.video_title=CI%20Sambil%20Launch%20horizontal%20substitles&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Flist%3DTLGG6lRuaJkxuGgxMTExMjAyNA%26v%3DlD91RM-qoW8&ep.visible=true&_et=8733&tfd=34576
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6QJM10NCH&l=dataLayer&cx=c&gtm=45He4b70v830966851za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://citizens.cw
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 14:12:38 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: citizens.cw
URL: https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/whatsapp.png

Domain: citizens.cw
URL: https://citizens.cw/wp-content/themes/Citizen-insurance/assets/img/screen.svg

Domain: citizens.cw
URL: https://citizens.cw/wp-content/uploads/2021/04/product-1.svg

Domain: citizens.cw
URL: blob:https://citizens.cw/689ff5aa-e393-46c7-abc7-d37b336970a1

Domain: citizens.cw
URL: https://citizens.cw/wp-includes/js/wp-emoji-release.min.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: uxprzcsb25E
.youtube.com/	1970-01-21 05:14:46	Name: VISITOR_INFO1_LIVE Value: l6WCx-bskP8
.youtube.com/	1970-01-21 05:14:46	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgIA%3D%3D
.citizens.cw/	1970-01-21 03:05:10	Name: _gcl_au Value: 1.1.287053908.1731334325
.citizens.cw/	1970-01-21 10:31:34	Name: _ga Value: GA1.1.855297394.1731334326
.citizens.cw/	1970-01-21 03:05:10	Name: _fbp Value: fb.1.1731334326395.247145891367829804
citizens.cw/	1970-01-21 00:55:37	Name: _gauges_unique_hour Value: 1
citizens.cw/	1970-01-21 00:57:00	Name: _gauges_unique_day Value: 1
citizens.cw/	1970-01-21 01:40:12	Name: _gauges_unique_month Value: 1
citizens.cw/	1970-01-21 09:41:10	Name: _gauges_unique_year Value: 1
citizens.cw/	1970-01-21 09:41:10	Name: _gauges_unique Value: 1
.citizens.cw/	1970-01-21 10:31:34	Name: _ga_S6QJM10NCH Value: GS1.1.1731334325.1.1.1731334353.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Invalid allowlist item(none) for feature camera. Allowlist item must be *, self or quoted url.
other	warning	URL: https://citizens.cw/(Line 248) Message: Unrecognized feature: 'web-share'.
security	warning	URL: https://www.youtube.com/s/player/baafab19/www-widgetapi.vflset/www-widgetapi.js(Line 199) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube-nocookie.com') does not match the recipient window's origin ('https://citizens.cw').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
citizens.cw
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pixel.wp.com
region1.google-analytics.com
secure.gaug.es
stats.wp.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.youtube-nocookie.com
www.youtube.com
citizens.cw
104.17.25.14
142.250.181.227
157.240.253.1
172.217.16.196
192.0.76.3
199.16.173.151
2001:4860:4802:34::36
216.239.32.36
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:830::2008
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::485
52.45.92.77
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0ef2676a5016ed682983a146681da0fcd6e941645601eede9267cf09ea8fcbcc
14b33661c2188f49ca703ffb4937d485b73598ecff117dfa774be3d234bd4506
17b3c384ec1b5ed6df85a810d4ae90a3b58461a35b415a9d20daa2a9bedf20d3
19c6da276e4d09f491eff75e0793657954e1c54935bfc4ef63127ae54e9a5635
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
4e6ad7b536e9ff7ba677c0334ead49ee19ba651b0d35a49b651356b1aadc15cd
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5c0dc07be2f67b55e28132a0116416b00c08047a177a431629d0ad8cfc31521e
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6ab66dff9da7be4294feef513ff5a108f6f07d7cbbd07dbf3ddb9eb2b9e5f2d9
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
7016f2b3f95d6cc31591a3efbb538e7710e21642d198c68580955e49839abd32
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ff17a88b521d4b5745516f3f163fb89cb00202ad24825f72b2683b4ab8218da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
9b8055bb5bffbc435c90115a5be5a739a322a4e6b980190a38bbbd2e7eb462ee
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa9c980cab8aa701e4046549d233b37d35807ec68553074854cf86bf4cde0058
ab729c30cf1f421e9f8d2f9d8a6f5981fc906e90da32d5a46c7cbbf251fe8af3
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
c2733c5b7685fc69c9a4e4f3c5c5d35bf8e601ff9b67bd0d713566d2aa85b6fc
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
dc5f2a01a960a0f9afe83aa97f5a34a198c324c98aa41a50465bd2a2dcd6ae0c
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

citizens.cw Open in urlscan Pro 199.16.173.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

91 %HTTPS

47 %IPv6

14 Domains

15 Subdomains

16 IPs

3 Countries

715 kBTransfer

1913 kBSize

12 Cookies

5 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citizens.cw Open in urlscan Pro
199.16.173.151 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

91 %
HTTPS

47 %
IPv6

14
Domains

15
Subdomains

16
IPs

3
Countries

715 kB
Transfer

1913 kB
Size

12
Cookies

57 HTTP transactions
0 data transactions