signup.citimy.rowendakitchen.com Open in urlscan Pro
2606:4700:3031::ac43:8825 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://signup.citimy.rowendakitchen.com/
Submission: On July 09 via automatic, source certstream-suspicious (July 9th 2024, 9:45:00 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3031::ac43:8825, located in United States and belongs to CLOUDFLARENET, US. The main domain is signup.citimy.rowendakitchen.com.
TLS certificate: Issued by E6 on July 9th 2024. Valid for: 3 months.

This is the only time signup.citimy.rowendakitchen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3031::ac43:8825	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.3.36 104.18.3.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::42 2620:1ec:bdf::42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	8

2 2606:4700:3031::ac43:8825 (United States)

ASN13335 (CLOUDFLARENET, US)

signup.citimy.rowendakitchen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:f9cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1094 c.clarity.ms — Cisco Umbrella Rank: 1823 t.clarity.ms — Cisco Umbrella Rank: 9056	28 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1271	28 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2949
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	171 KB
2	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 16784	273 KB
2	rowendakitchen.com signup.citimy.rowendakitchen.com	4 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 379	774 B
13	7

	Domain	Requested by
3	unpkg.com	2 redirects signup.citimy.rowendakitchen.com
2	c.clarity.ms	1 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	signup.citimy.rowendakitchen.com www.googletagmanager.com
2	www.clarity.ms	signup.citimy.rowendakitchen.com www.clarity.ms
2	imagedelivery.net	signup.citimy.rowendakitchen.com
2	signup.citimy.rowendakitchen.com
1	t.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
13	9

This site contains no links.

Subject Issuer	Validity	Valid
signup.citimy.rowendakitchen.com E6	`2024-07-09` - `2024-10-07`	3 months	crt.sh
imagedelivery.net E5	`2024-07-08` - `2024-10-06`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://signup.citimy.rowendakitchen.com/
Frame ID: C251E9F5DD9B1F88CC835B26EC3137E5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citibet - Come Celebrate our Grand Launch -

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

13
Requests

85 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

502 kB
Transfer

916 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://unpkg.com/feather-icons HTTP 302
https://unpkg.com/feather-icons@4.29.2 HTTP 302
https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js

Request Chain 8

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F5DA94729547403381CA48E72CADC21B&RedC=c.clarity.ms&MXFR=27C0D55EE1446CBC26D2C1E9E54462EB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5DA94729547403381CA48E72CADC21B&MUID=3B62005C6C3166E11C0414EB6D9D6702

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
signup.citimy.rowendakitchen.com/ 5 KB
2 KB 373ms
121ms Document
text/html 2606:4700:3031::ac43:8825
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://signup.citimy.rowendakitchen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8825 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88ed8140272d7065fd689fab04a426961f8a022829c0d2724bc3f4af94214466

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a0760c7cbb35d92-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 09 Jul 2024 09:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2F4Y797Izp03joiqJZf%2Fn2Q361YZ1FwHg5hOg%2BKWBhX9I9pBMchV%2FWprkGmxBlx9FmVoDZgWdcQVC5A%2B9g2GsyLKbGBwppjOw6jv4vaeWcIV%2F2EZ87%2BkAXnQSG3OUG6j5mjS2l7uFxs313RAxiq8HjnF1Nv630%2FLHLRClu%2BIxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2

200

feather.min.js Show response
unpkg.com/feather-icons@4.29.2/dist/
Redirect Chain

https://unpkg.com/feather-icons
https://unpkg.com/feather-icons@4.29.2
https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js

74 KB
27 KB

57ms
57ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js

Requested by

Host: signup.citimy.rowendakitchen.com
URL: https://signup.citimy.rowendakitchen.com/

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:44:54 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2394939
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J0423PV2EYK4E195B8N7WHZH-fra
server: cloudflare
etag: "1290f-X/pK4GwdM6kTkoZ77NToWvhCbGg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a0760c9fbe22ba6-FRA

Redirect headers

date: Tue, 09 Jul 2024 09:44:54 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HWSAF986MKNQTFWA90RCP961-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5976496
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /feather-icons@4.29.2/dist/feather.min.js
cache-control: public, max-age=31536000
cf-ray: 8a0760c99b8d2ba6-FRA

GET
H3 200 800x600
imagedelivery.net/SRcRpFjit3ICGIapZdq7tg/75be2141-764d-45fc-93c5-2792c5e6cf00/ 8 KB
9 KB 155ms
84ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/SRcRpFjit3ICGIapZdq7tg/75be2141-764d-45fc-93c5-2792c5e6cf00/800x600

Requested by

Host: signup.citimy.rowendakitchen.com
URL: https://signup.citimy.rowendakitchen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f50f5ea2e85a6c61e5bc11b2bcd391c4a4f2bec9dfb6499c63d968e3738f09

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=771+180 c=0+0 v=2024.6.0 l=8491
date: Tue, 09 Jul 2024 09:44:53 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8491
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfQmwEsHjQu5JWk-_3OwynH2p8JBcUQ8x2iGGbWMtwDQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8a0760c90c37bf24-WAW

GET
H2 200 mze0wowc9c Show response
www.clarity.ms/tag/ 637 B
1003 B 418ms
233ms Script
application/x-javascript 2620:1ec:bdf::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/mze0wowc9c
Requested by: Host: signup.citimy.rowendakitchen.com
URL: https://signup.citimy.rowendakitchen.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0e1a81d52e41772ef01deeac72b71397fccc4724606eac9b6e9b9b49f64f347b

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Tue, 09 Jul 2024 09:44:54 GMT
x-azure-ref: 20240709T094454Z-17c86fbf54dvsfdh4vxmvbunm800000001f000000000wsyd
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
69 KB 161ms
70ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MWQ46FHD

Requested by

Host: signup.citimy.rowendakitchen.com
URL: https://signup.citimy.rowendakitchen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e0b45dbb05b1dbd436555da80bdd31dc9d507d785946478bc4bf95f19e77e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70137
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jul 2024 09:44:54 GMT

GET
H3 200 public
imagedelivery.net/SRcRpFjit3ICGIapZdq7tg/58a5647f-e7ed-4d57-0e47-83633f080a00/ 264 KB
265 KB 75ms
75ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/SRcRpFjit3ICGIapZdq7tg/58a5647f-e7ed-4d57-0e47-83633f080a00/public

Requested by

Host: signup.citimy.rowendakitchen.com
URL: https://signup.citimy.rowendakitchen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae4dae2bb3f9a6e9e43571ab9a4ec57836c9a0ae911edfeef84654bc0a68845

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=687+191 c=0+0 v=2024.6.0 l=270538
date: Tue, 09 Jul 2024 09:44:54 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 270538
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf8uTWjWxrw7jLbU7Kjl1JVGRLfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8a0760ca7e15bf24-WAW

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G4TEKQW69P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWQ46FHD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e413d73f2d5f4bee40fb83326f7ae45ce227ee1be942f2094ae6b043c87a0a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 09:44:54 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 280ms
47ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G4TEKQW69P&gtm=45je4730v9188825039z89188814413za200zb9188814413&_p=1720518294125&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1017022187.1720518295&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720518294&sct=1&seg=0&dl=https%3A%2F%2Fsignup.citimy.rowendakitchen.com%2F&dt=Citibet%20-%20Come%20Celebrate%20our%20Grand%20Launch%20-&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1125&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G4TEKQW69P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 09:44:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signup.citimy.rowendakitchen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 81ms
81ms Script
application/javascript 2620:1ec:bdf::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mze0wowc9c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:44:54 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240709T094454Z-17c86fbf54dvsfdh4vxmvbunm800000001f000000000wszh
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3a449fa1-701e-0001-30bc-d07107000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F5DA94729547403381CA48E72CADC21B&RedC=c.clarity.ms&MXFR=27C0D55EE1446CBC26D2C1E9E54462EB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5DA94729547403381CA48E72CADC21B&MUID=3B62005C6C3166E11C0414EB6D9D6702

42 B
466 B

56ms
56ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5DA94729547403381CA48E72CADC21B&MUID=3B62005C6C3166E11C0414EB6D9D6702
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 09:44:54 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 09 Jul 2024 09:44:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3FA05D925FA64EB6AB341BB87E7CC226 Ref B: FRA31EDGE0807 Ref C: 2024-07-09T09:44:55Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5DA94729547403381CA48E72CADC21B&MUID=3B62005C6C3166E11C0414EB6D9D6702
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
296 B 442ms
182ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://signup.citimy.rowendakitchen.com
Date: Tue, 09 Jul 2024 09:44:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 favicon.ico
signup.citimy.rowendakitchen.com/ 5 KB
2 KB 152ms
151ms Other
text/html 2606:4700:3031::ac43:8825
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://signup.citimy.rowendakitchen.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8825 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88ed8140272d7065fd689fab04a426961f8a022829c0d2724bc3f4af94214466

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:44:54 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 09 Jul 2024 09:44:54 GMT
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVzkjjUM5m2j1BCkPvwIQD3Oj4M6LpNMxiqQOKNjEJBfCTJIA1W%2BAOOwRQrfS4qIlQZbtYLrEoSVbGMkU5E8yT5FP7FOUEL2wAhTOpvk9PKNRMHNyyqzdClmkV3sOpdHjyHgh8UqKfCEAW6%2BRVV9WreJ%2FXDuEURO%2BTMMejNAcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a0760cebada5d92-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 48ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G4TEKQW69P&gtm=45je4730v9188825039za200zb9188814413&_p=1720518294125&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1017022187.1720518295&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720518294&sct=1&seg=0&dl=https%3A%2F%2Fsignup.citimy.rowendakitchen.com%2F&dt=Citibet%20-%20Come%20Celebrate%20our%20Grand%20Launch%20-&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6135&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G4TEKQW69P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://signup.citimy.rowendakitchen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 09:44:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signup.citimy.rowendakitchen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 06:40:54	Name: CLID Value: e209377fcd1249ef92ea93acfcc0440b.20240709.20250709
.rowendakitchen.com/	1970-01-21 07:31:18	Name: _ga Value: GA1.1.1017022187.1720518295
.rowendakitchen.com/	1970-01-21 07:31:18	Name: _ga_G4TEKQW69P Value: GS1.1.1720518294.1.0.1720518294.0.0.0
.rowendakitchen.com/	1970-01-21 06:40:54	Name: _clck Value: 1pwp21b%7C2%7Cfnb%7C0%7C1651
.bing.com/	1970-01-21 07:16:54	Name: MUID Value: 3B62005C6C3166E11C0414EB6D9D6702
.c.bing.com/	1970-01-20 22:05:23	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:16:54	Name: SRM_B Value: 3B62005C6C3166E11C0414EB6D9D6702
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:16:54	Name: MUID Value: 3B62005C6C3166E11C0414EB6D9D6702
.c.clarity.ms/	1970-01-20 22:05:23	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:55:18	Name: ANONCHK Value: 0
.rowendakitchen.com/	1970-01-20 21:56:44	Name: _clsk Value: qbvctn%7C1720518295230%7C1%7C1%7Ct.clarity.ms%2Fcollect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
imagedelivery.net
region1.google-analytics.com
signup.citimy.rowendakitchen.com
t.clarity.ms
unpkg.com
www.clarity.ms
www.googletagmanager.com
104.18.3.36
13.74.129.1
20.114.189.70
2001:4860:4802:34::36
2606:4700:3031::ac43:8825
2606:4700::6811:f9cb
2620:1ec:bdf::42
2620:1ec:c11::237
2a00:1450:4001:810::2008
0e1a81d52e41772ef01deeac72b71397fccc4724606eac9b6e9b9b49f64f347b
13f50f5ea2e85a6c61e5bc11b2bcd391c4a4f2bec9dfb6499c63d968e3738f09
3e413d73f2d5f4bee40fb83326f7ae45ce227ee1be942f2094ae6b043c87a0a7
4ae4dae2bb3f9a6e9e43571ab9a4ec57836c9a0ae911edfeef84654bc0a68845
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
7e0b45dbb05b1dbd436555da80bdd31dc9d507d785946478bc4bf95f19e77e92
88ed8140272d7065fd689fab04a426961f8a022829c0d2724bc3f4af94214466
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e

signup.citimy.rowendakitchen.com Open in urlscan Pro 2606:4700:3031::ac43:8825 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

85 %HTTPS

67 %IPv6

7 Domains

9 Subdomains

8 IPs

4 Countries

502 kBTransfer

916 kBSize

12 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

12 Cookies

Security Headers

Indicators

signup.citimy.rowendakitchen.com Open in urlscan Pro
2606:4700:3031::ac43:8825 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

502 kB
Transfer

916 kB
Size

12
Cookies

13 HTTP transactions
0 data transactions