urlscan.io logo urlscan.io
SecurityTrails logo

auth.citnow.com Open in urlscan Pro
2606:4700::6813:9913  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mercedes.citnow.com/
Effective URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE...
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6813:9913, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.citnow.com.
TLS certificate: Issued by E1 on August 26th 2023. Valid for: 3 months.
This is the only time auth.citnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 52.18.200.203 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:236... 16509 (AMAZON-02)
5 2a05:d014:275... 16509 (AMAZON-02)
1 35.177.104.230 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 9
3    52.18.200.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: eu-secondary.citnow.com
mercedes.citnow.com
2    2606:4700::6813:9913 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.citnow.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:236e:1000:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
5    2a05:d014:275:cb02::c8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
dashboard.citnow.com
1    35.177.104.230 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: uk-primary.citnow.com
video.citnow.com
1    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 citnow.com
mercedes.citnow.com
auth.citnow.com
dashboard.citnow.com
video.citnow.com — Cisco Umbrella Rank: 216320
61 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
4 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1102
15 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7991
61 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
12 6
Domain Requested by
5 dashboard.citnow.com auth.citnow.com
cdn.jsdelivr.net
3 mercedes.citnow.com 3 redirects
2 auth.citnow.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net auth.citnow.com
1 unpkg.com auth.citnow.com
1 video.citnow.com auth.citnow.com
1 cdn.auth0.com auth.citnow.com
1 fonts.googleapis.com auth.citnow.com
12 9

This site contains links to these domains. Also see Links.

Domain
www.citnow.com
Subject Issuer Validity Valid
auth.citnow.com
E1		 2023-08-26 -
2023-11-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
dashboard.citnow.com
R3		 2023-09-27 -
2023-12-26		 3 months crt.sh
*.citnow.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-05 -
2024-10-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Frame ID: 16D4A34EA92A4CEF741EDF8CFA5504F7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CitNOW Dashboard - Login

Page URL History Show full URLs

  1. http://mercedes.citnow.com/ HTTP 302
    http://mercedes.citnow.com/dashboard/user/login HTTP 301
    https://mercedes.citnow.com/dashboard/user/login HTTP 302
    https://auth.citnow.com/authorize?scope=openid%20profile%20email&response_mode=query&response_type=c... HTTP 302
    https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

78 %
IPv6

6
Domains

9
Subdomains

9
IPs

4
Countries

158 kB
Transfer

402 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mercedes.citnow.com/ HTTP 302
    http://mercedes.citnow.com/dashboard/user/login HTTP 301
    https://mercedes.citnow.com/dashboard/user/login HTTP 302
    https://auth.citnow.com/authorize?scope=openid%20profile%20email&response_mode=query&response_type=code&redirect_uri=https%3A%2F%2Fmercedes.citnow.com%2Fdashboard%2Fuser%2Fcallback%3Fcontinue%3D%2Fdashboard%2F&connection=citnow&state=65311c2368a9c9.52469470&client_id=VQ0IaUBU7m6diiuPAHqEcCsXcLbn0lbQ HTTP 302
    https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
auth.citnow.com/u/
Redirect Chain
  • http://mercedes.citnow.com/
  • http://mercedes.citnow.com/dashboard/user/login
  • https://mercedes.citnow.com/dashboard/user/login
  • https://auth.citnow.com/authorize?scope=openid%20profile%20email&response_mode=query&response_type=code&redirect_uri=https%3A%2F%2Fmercedes.citnow.com%2Fdashboard%2Fuser%2Fcallback%3Fcontinue%3D%2F...
  • https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUV...
42 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df841d25e0b23ff074127a8f54a831b61751500ca8a61040a43aae4b75a21ef6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8188e77eeb7037cb-FRA
content-language
de
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 12:08:03 GMT
etag
W/"a87c-eepT1v2on03GxFXmRFkniJksfu0"
expires
Thu, 19 Oct 2023 12:08:03 GMT
ot-baggage-auth0-request-id
8188e77eeb7037cb
ot-tracer-sampled
true
ot-tracer-spanid
32a6b8c400cf6350
ot-tracer-traceid
3656294b6585203e
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000003656294b6585203e-32a6b8c400cf6350-01
tracestate
auth0-request-id=8188e77eeb7037cb,auth0=true
vary
Accept-Encoding
x-auth0-requestid
d3c169eee5e38e4f522b
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1697717290
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8188e77dfa2e37cb-FRA
content-length
424
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 12:08:03 GMT
location
/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
ot-baggage-auth0-request-id
8188e77dfa2e37cb
ot-tracer-sampled
true
ot-tracer-spanid
6e88a03f4a0393d0
ot-tracer-traceid
724d977b3cf446e0
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-0000000000000000724d977b3cf446e0-6e88a03f4a0393d0-01
tracestate
auth0-request-id=8188e77dfa2e37cb,auth0=true
vary
Accept, Accept-Encoding
x-auth0-requestid
2f07a6f5142a6be8e5e6
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1697717284
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 12:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 11:06:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 12:08:03 GMT
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.80.12/css/ 		253 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.80.12/css/main.cdn.min.css
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:1000:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de08641258e97a3e431e2af92f16aee1a56c44c7c8dcd8d193215d34c282cce6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
4_aBijlKpOlS6naiQLUjVxGC8SXs.12x
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
date
Thu, 19 Oct 2023 11:42:59 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
1505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Mon, 25 Sep 2023 12:25:37 GMT
server
AmazonS3
etag
W/"304cf6b9fd46066efd61cab874e4609d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
_n8q7jGpaQ-ti4VItFya0ScbApROZtxyFMKiEJ_1992YJay57Ic9vQ==
logo-mb-star.svg
dashboard.citnow.com/assets/images/login/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.citnow.com/assets/images/login/logo-mb-star.svg
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
571c652a6d249ad2098a6124209e922739fd927099130eb1d8db75b2a71c5192
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HD3XBV03K17EJJRQT7Z82JJJ
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
content-encoding
br
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 12:08:03 GMT
strict-transport-security
max-age=31536000
age
28931
content-length
5911
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
etag
"18238bf95c4e90ab4b7996f5762eab6c-ssl-df"
vary
Accept-Encoding
x-frame-options
deny
content-type
image/svg+xml
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
logo.png
video.citnow.com/staff/themes/citnow/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.citnow.com/staff/themes/citnow/images/logo.png
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.104.230 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
uk-primary.citnow.com
Software
Apache /
Resource Hash
1791d2f3144a6973fe88452e5e8780c50e34a1fcf285201fbef6e3afa4327ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 12:08:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Feb 2019 15:40:15 GMT
Server
Apache
ETag
"420196-eab-582552c8fb5c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
3755
circle-solid-red-gradient.svg
dashboard.citnow.com/assets/images/login/ 		709 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.citnow.com/assets/images/login/circle-solid-red-gradient.svg
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
d644442536b75884bff5012b1b4518f1c0859fee22d62ef7dc4d8e092489e0df
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HD3XBV031CG88D07J9K6QG9G
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
date
Thu, 19 Oct 2023 12:08:03 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
server
Netlify
age
2207
x-content-type-options
nosniff
etag
"97a711fd395e8c56220eb64d5e2c8b44-ssl"
x-frame-options
deny
content-type
image/svg+xml
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
709
x-xss-protection
1; mode=block
circle-ring-purple-gradient.svg
dashboard.citnow.com/assets/images/login/ 		892 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.citnow.com/assets/images/login/circle-ring-purple-gradient.svg
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
b8c68eb94eb942fea4e837377aa8647109c66164fe86727f2892803a3452d6f4
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HD3XBV03YG56FY2WS3S7NATA
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
date
Thu, 19 Oct 2023 12:08:03 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
server
Netlify
age
2207
x-content-type-options
nosniff
etag
"d1a424a25748c0570ea9ef32900aed75-ssl"
x-frame-options
deny
content-type
image/svg+xml
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
892
x-xss-protection
1; mode=block
i18next.min.js
unpkg.com/i18next@21.6.13/dist/umd/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/i18next@21.6.13/dist/umd/i18next.min.js
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d89568b489658df4cd2e2dee16b78d70df8c9ba47a2c09e0329db85153e4e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:08:03 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
998482
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HC654H90RKX7AEC10HJT92T9-fra
server
cloudflare
etag
W/"d501-Dr6nCgusSkK8QK7netng0RVXtX8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8188e77fef8465cf-FRA
i18nextHttpBackend.min.js
cdn.jsdelivr.net/npm/i18next-http-backend@1.3.1/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/i18next-http-backend@1.3.1/i18nextHttpBackend.min.js
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36cfc9d9fcca943f0c314760b29b33589a5bc54f83729eccc15f35b8f5be505b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:08:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3548744
x-jsd-version
1.3.1
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230047-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"22d9-l4mdi15ui/zZbU1PixpWPHbIhGQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKz5F0w3g%2B6hTONKQeri6%2B%2BtnXHsWq6bmQaGM4Dumo7WK14vev1vhGOPnQPwFjzyekFm%2Fb78SXSrndTRod06jIiye%2FChGoWgtflQhv%2FY4mtvx07vH5%2FzBtNv2DlJcBoHLjQnW%2BmiBLVO2WCjyuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8188e77fda8b2c7e-FRA
translations-login.js
dashboard.citnow.com/assets/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.citnow.com/assets/scripts/translations-login.js
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SB0NFMwMGRlaXBWbXQ5dWNYN2ZVejhrcHJlVUEyNHNuX6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEpkSS1xUmtJbzAyR05QN0pDdGRlTnRGT3RaeWhEYkFpo2NpZNkgVlEwSWFVQlU3bTZkaWl1UEFIcUVjQ3NYY0xibjBsYlE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
8a2af4cf3efe0e4572f8812d781192b9636c46f3bd6e48af8274b061dc59137e
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HD3XBV03AHNXPC72V2JZNXHM
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
content-encoding
br
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 12:08:03 GMT
strict-transport-security
max-age=31536000
age
54156
content-length
523
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
etag
"52c6b8a6bab5e12cace4067e18b5940d-ssl-df"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.citnow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:17:36 GMT
x-content-type-options
nosniff
age
582627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:17:36 GMT
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://auth.citnow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
login.en.json
dashboard.citnow.com/locales/en/ 		417 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dashboard.citnow.com/locales/en/login.en.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/i18next-http-backend@1.3.1/i18nextHttpBackend.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
1a43d1a34505112fd594cdcf490fa265100ff1862b6a1ae90ac567e6b54a01c0
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id
01HD3XBV2KZW7JCBKTZEJWES2A
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
date
Thu, 19 Oct 2023 12:08:03 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2162
content-length
417
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
etag
"2f74e4da0c596df16f8bc443b4f3ffee-ssl"
x-frame-options
deny
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| i18next function| i18nextHttpBackend number| versionNumber string| domain function| getValidLanguage string| validLanguage

6 Cookies

Domain/Path Name / Value
mercedes.citnow.com/dashboard/ Name: PHPSESSID_DASH
Value: pg33kp8upvo8c5qp72tufju612
auth.citnow.com/ Name: did
Value: s%3Av0%3A27ac53c0-6e78-11ee-a3b8-4fd9bfb50be8.TrqRKzINxrc0NLn%2FrI79zcv%2B5krSFQO7aGRbeVaJ3KE
auth.citnow.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOBdQkNO0eUq7Vvo4ef94Qwjosm0R-D4Sswx1HYCOZWi8dqexhLJd-dq_-YODJeq64IShOS58gQy21PWvODeQ6OmY29va2llg6dleHBpcmVz1_-bcuwAZTUQo65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.kW8o%2F5WFM43ZuLFJtabiG9mOvGJhW8uQ8MAMeUHFotA
auth.citnow.com/ Name: did_compat
Value: s%3Av0%3A27ac53c0-6e78-11ee-a3b8-4fd9bfb50be8.TrqRKzINxrc0NLn%2FrI79zcv%2B5krSFQO7aGRbeVaJ3KE
auth.citnow.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOBdQkNO0eUq7Vvo4ef94Qwjosm0R-D4Sswx1HYCOZWi8dqexhLJd-dq_-YODJeq64IShOS58gQy21PWvODeQ6OmY29va2llg6dleHBpcmVz1_-bcuwAZTUQo65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.kW8o%2F5WFM43ZuLFJtabiG9mOvGJhW8uQ8MAMeUHFotA
.auth.citnow.com/ Name: __cf_bm
Value: BPXx1FqJzWHnnmbEPfHXZYAagaaq8hOp5_VVrFYzP.k-1697717283-0-AUnuL+I/hEfUln4qHvbjLiGqsz6DOr8qLgJr3OPfUg/CjeJZl8y/BFc+AczqMF1w/7cWdYgyTtCDxuWAURtD1MM=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block