cititour.com Open in urlscan Pro
216.92.109.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.m.cititour.com/
Effective URL:
https://cititour.com/
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2024, 9:59:36 am UTC) — Scanned from DE

Summary HTTP 54 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 54 HTTP transactions. The main IP is 216.92.109.8, located in United States and belongs to PAIR-NETWORKS, US. The main domain is cititour.com.
TLS certificate: Issued by R10 on July 22nd 2024. Valid for: 3 months.

This is the only time cititour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	216.92.109.8 216.92.109.8	7859 (PAIR-NETW...) (PAIR-NETWORKS)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:310c::ac42:2f70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
54	10

31 216.92.109.8 (United States) 1 redirects

ASN7859 (PAIR-NETWORKS, US)
PTR: cititour.com

www.m.cititour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cititour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:310c::ac42:2f70 (United States)

ASN13335 (CLOUDFLARENET, US)

website-widgets.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	cititour.com 1 redirects www.m.cititour.com cititour.com	2 MB
7	gstatic.com fonts.gstatic.com	261 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	40 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662	130 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	196 KB
1	pages.dev website-widgets.pages.dev — Cisco Umbrella Rank: 302057	22 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	101 KB
54	9

	Domain	Requested by
30	cititour.com	cititour.com
7	fonts.gstatic.com	fonts.googleapis.com cititour.com
5	fonts.googleapis.com	cititour.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	pagead2.googlesyndication.com	cititour.com pagead2.googlesyndication.com
1	website-widgets.pages.dev	cititour.com
1	code.jquery.com	cititour.com
1	ajax.googleapis.com	cititour.com
1	www.googletagmanager.com	cititour.com
1	www.m.cititour.com	1 redirects
54	11

This site contains links to these domains. Also see Links.

Domain
prf.hn
www.partner.viator.com
www.instagram.com
citimenus.com
citimusic.com
accessibility-widget.pages.dev

Subject Issuer	Validity	Valid
cititour.com R10	`2024-07-22` - `2024-10-20`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
website-widgets.pages.dev WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cititour.com/
Frame ID: 99F910F4E8C71510055B27A71142B033
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | NYC Home | Cititour.com

Page URL History Show full URLs

https://www.m.cititour.com/ HTTP 301
https://cititour.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

54
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

2578 kB
Transfer

3948 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://prf.hn/l/o3BRlAJ
Title: NYC HOTELS

Search URL Search Domain Scan URL

URL: http://www.partner.viator.com/en/3173/New-York-City/d687-ttd
Title: Tours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cititourny/
Title: Instagram page

Search URL Search Domain Scan URL

URL: https://citimenus.com/
Title: Citimenus

Search URL Search Domain Scan URL

URL: https://citimusic.com/
Title: Citimusic

Search URL Search Domain Scan URL

URL: https://accessibility-widget.pages.dev/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.m.cititour.com/ HTTP 301
https://cititour.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
cititour.com/
Redirect Chain

https://www.m.cititour.com/
https://cititour.com/

34 KB
9 KB

550ms
246ms

Document
text/html

216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: d2cd2e291160c2dfcf52ca45e02000f2161e519773679d78c6f1b6549efc1d11

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8471
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jul 2024 09:59:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 31 Jul 2024 09:59:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://cititour.com/
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
101 KB 70ms
48ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E63XBZJTV8

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ead3845eadd223dcbfdf97a688f06e8f2f7c8f794c759e1bbcfd9ecc0e9068c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 09:59:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jul 2024 09:59:30 GMT

GET
H/1.1 200
OK global.css
cititour.com/assets/css/ 10 KB
3 KB 103ms
102ms Stylesheet
text/css 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cititour.com/assets/css/global.css
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 31d475705b8491194c9bc19f7d27a477dbc153037aeb50269b6f56a33fe6e3ce

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Jun 2024 07:17:29 GMT
Server: Apache
ETag: "27f3-61ae886595440-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2994

GET
H/1.1 200
OK common.js Show response
cititour.com/assets/js/ 486 B
620 B 206ms
101ms Script
application/javascript 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cititour.com/assets/js/common.js
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 32866cf16082e1b250e686ac652ab604bcdeb5f05a0caee8daf3f9d5aaa791ab

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Jun 2024 07:17:30 GMT
Server: Apache
ETag: "1e6-61ae886689680-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 276

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 17:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 17:40:01 GMT

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
code.jquery.com/ 11 KB
4 KB 34ms
8ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.3.2.min.js
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 09:59:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7713610
x-cache: HIT, HIT
content-length: 4165
x-served-by: cache-lga21924-LGA, cache-fra-eddf8230048-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1722419971.798874,VS0,VE0
etag: W/"28feccc0-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 4178

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&display=swap

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e0e20ad38df787103d0cd7437ac4b78c0fcecd21ba05def0cc25abc8ae8a877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 09:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 09:59:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 09:59:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
583 B 39ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Martel:wght@200;400;700&display=swap

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9b7bd1a5017d815dbf81c642cf2d39e32ee6b05b75c94265957cd19d2d84426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 09:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 09:59:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 09:59:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
698 B 45ms
24ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@200;400;500;600;700;800;900&display=swap

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f92e045942b5b4f3e5d295b9321521f122cb1f6c2575fa4afbae2dfb66b4cf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 09:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 09:59:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 09:59:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
1 KB 39ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c7510cd1ecdcdbaf8d47f7e32f1ef6d2606f379c10cc95581e302cb148d95a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 09:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 09:16:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 09:59:30 GMT

GET
H/1.1 200
OK tour_logo.png
cititour.com/assets/img/ 5 KB
5 KB 300ms
101ms Image
image/png 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/assets/img/tour_logo.png
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: f3b2f591d29a32a844fb264bdd0704275a600267eaed1403c125e2e4902dc638

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Sat, 15 Jun 2024 07:12:57 GMT
Server: Apache
ETag: "12ff-61ae87622f040"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4863

GET
H/1.1 200
OK cititour_C_logo_white.png
cititour.com/assets/img/ 2 KB
3 KB 301ms
102ms Image
image/png 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/assets/img/cititour_C_logo_white.png
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: cb8a7ecd5d1f8c7d88d643b77a253fecd27b222bb0d88ea04594b688a8145177

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Sat, 15 Jun 2024 07:12:57 GMT
Server: Apache
ETag: "9f2-61ae87622f040"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2546

GET
H/1.1 200
OK 1job-listing-broadway-b-7nx81i.jpg
cititour.com/NYC_News/photos/ 93 KB
93 KB 102ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1job-listing-broadway-b-7nx81i.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 4623bf3b3a8fdddbaa4009f8a916aa1816cd5a54019a94b83ea50e3c2783fba3

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Wed, 31 Jul 2024 02:06:24 GMT
Server: Apache
ETag: "17340-61e818a8c8276"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 95040

GET
H/1.1 200
OK 1desert-spot-5-williamsburg-brooklyn-cocktail-ygjfem.jpg
cititour.com/NYC_News/photos/ 49 KB
50 KB 103ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1desert-spot-5-williamsburg-brooklyn-cocktail-ygjfem.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: a2f550d6b6e570ade30344d59b0c811fb2970c5c448637e189532e13a642dad6

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Tue, 30 Jul 2024 05:36:00 GMT
Server: Apache
ETag: "c5e5-61e705a4ce39c"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 50661

GET
H/1.1 200
OK 1the-sabbath-girl-play-2024-b-2y3vr8.jpg
cititour.com/NYC_News/photos/ 59 KB
59 KB 819ms
107ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1the-sabbath-girl-play-2024-b-2y3vr8.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: e05fe37dbd431b949ec19066170c5c22beeebcad17c34de7cb87d5aad91dda94

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Mon, 29 Jul 2024 00:50:17 GMT
Server: Apache
ETag: "eaac-61e583ea25d53"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 60076

GET
H/1.1 200
OK 1dishoom-spread-92u683.jpg
cititour.com/NYC_News/photos/ 106 KB
106 KB 825ms
105ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1dishoom-spread-92u683.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 03e6f809882086d8728f0902458f158b64ec6b8149aa91c03743e8e23e2f983f

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Sun, 28 Jul 2024 16:26:33 GMT
Server: Apache
ETag: "1a75a-61e51353058f1"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 108378

GET
H/1.1 200
OK 1le-b-fine-dining-for-children-nyc-ql7eoe.jpg
cititour.com/NYC_News/photos/ 53 KB
53 KB 2019ms
1515ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1le-b-fine-dining-for-children-nyc-ql7eoe.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 3bf00a081eb3ba29e57569c077638caab56c484ddd5b585489259250e1b09ee7

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:32 GMT
Last-Modified: Sat, 27 Jul 2024 12:30:13 GMT
Server: Apache
ETag: "d2dd-61e39ca21fbe4"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 53981

GET
H/1.1 200
OK 1kelloggs-diner-williamsburg-chef-jackie-carnesi-m6idgw.jpg
cititour.com/NYC_News/photos/ 87 KB
87 KB 606ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1kelloggs-diner-williamsburg-chef-jackie-carnesi-m6idgw.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 68c7c414bd6a05324faf62cfb073eb92acbb8531f5825862f70aba9ab7816910

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Mon, 29 Jul 2024 22:33:12 GMT
Server: Apache
ETag: "15bbc-61e6a7245913a"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 89020

GET
H/1.1 200
OK 1tabu-williamsburg-brooklyn-octopus-tostada-rxqgic.jpg
cititour.com/NYC_News/photos/ 46 KB
46 KB 406ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1tabu-williamsburg-brooklyn-octopus-tostada-rxqgic.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 70aaa71d40f901edac76dc7e100130759d5d3a570356301e0160056fdb11f0f1

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Thu, 25 Jul 2024 21:54:23 GMT
Server: Apache
ETag: "b771-61e197014e35c"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 46961

GET
H/1.1 200
OK 1vintage-green-rooftop-murray-hill-nyc-7-tsgekr.jpg
cititour.com/NYC_News/photos/ 149 KB
149 KB 490ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1vintage-green-rooftop-murray-hill-nyc-7-tsgekr.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 9470d566bcd989389980c3bb0f1e308258ccb122043b12959174b5028577573b

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Thu, 25 Jul 2024 21:38:44 GMT
Server: Apache
ETag: "2546d-61e19381ca282"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 152685

GET
H/1.1 200
OK 1lavitta-s-harlem-jimmy-thomas-1-6hk3hg.jpg
cititour.com/NYC_News/photos/ 51 KB
51 KB 295ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1lavitta-s-harlem-jimmy-thomas-1-6hk3hg.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 5996981e8ab9031efac2a09bbb5733a3d57b0df7065f995a3919dd45c3509339

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Thu, 25 Jul 2024 02:55:12 GMT
Server: Apache
ETag: "ca20-61e0986032cb1"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51744

GET
H/1.1 200
OK 1xanadu-roller-rink-brooklyn-1-hqbv2z.jpg
cititour.com/NYC_News/photos/ 95 KB
95 KB 609ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1xanadu-roller-rink-brooklyn-1-hqbv2z.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: a68723afa122aeb90702975e2eff5da033b766ad9c4ae70b18bebf16aa3333ff

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Thu, 25 Jul 2024 02:21:54 GMT
Server: Apache
ETag: "17a2f-61e090ef5acdb"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 96815

GET
H/1.1 200
OK 1allure-restaurant-and-lounge-nyc-sushi-d7ytug.jpg
cititour.com/NYC_News/photos/ 48 KB
48 KB 186ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_News/photos/1allure-restaurant-and-lounge-nyc-sushi-d7ytug.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 22dbfe7e1e15b993ad6fb08f7217b51b2dd399e8bb0f8c09abee5241d954e32c

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Wed, 24 Jul 2024 22:28:16 GMT
Server: Apache
ETag: "be62-61e05cb6cfd60"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 48738

GET
H/1.1 200
OK 1chef-driven-restaurant-group-labeille-75-cy7o2j.jpg
cititour.com/NYC_Tour/homepage/images/ 56 KB
56 KB 727ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1chef-driven-restaurant-group-labeille-75-cy7o2j.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 9702de357f88d85f6f6b9fbca6869526a9a5cbf13781ba281236646f84e5174f

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Tue, 30 Jul 2024 16:47:58 GMT
Server: Apache
ETag: "df89-61e79bd6dd766"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 57225

GET
H/1.1 200
OK 1robert-downey-jr-hjbuea.jpg
cititour.com/NYC_Tour/homepage/images/ 44 KB
44 KB 700ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1robert-downey-jr-hjbuea.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 2320d11002168923a34cbb754f66dc7f413d0cf780af6a8e24656f815245e304

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Mon, 29 Jul 2024 21:35:31 GMT
Server: Apache
ETag: "ae84-61e69a3f9a799"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 44676

GET
H/1.1 200
OK 1black-seed-x-minnow-eel-bar-pop-up-lxstwz.jpg
cititour.com/NYC_Tour/homepage/images/ 75 KB
75 KB 185ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1black-seed-x-minnow-eel-bar-pop-up-lxstwz.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 888bc502721f7c046e5d251f5046e7096cc402ad35387978f52f95e7cb1b7eac

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Mon, 29 Jul 2024 21:58:34 GMT
Server: Apache
ETag: "12a28-61e69f6658538"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 76328

GET
H/1.1 200
OK 1west-bank-cafe-42nd-st-nyc-luut8h.jpg
cititour.com/NYC_Tour/homepage/images/ 113 KB
114 KB 514ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1west-bank-cafe-42nd-st-nyc-luut8h.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 23d7fe6bd1e0697efe519f328505caf295660397acfd6da5574e9fb58e0744c7

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Sun, 28 Jul 2024 16:12:53 GMT
Server: Apache
ETag: "1c5cd-61e510450c954"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 116173

GET
H/1.1 200
OK 1broadway-barks-bernadette-peters-72bcoc.jpg
cititour.com/NYC_Tour/homepage/images/ 55 KB
56 KB 494ms
103ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1broadway-barks-bernadette-peters-72bcoc.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 52dbe99f28a47683421782eae0552a120b59aaeb6d539262949feb36a29e9b63

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Fri, 26 Jul 2024 22:51:59 GMT
Server: Apache
ETag: "ddd9-61e2e5be2e85e"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 56793

GET
H/1.1 200
OK 1creamline-gold-medal-milkshake-inuovj.jpg
cititour.com/NYC_Tour/homepage/images/ 56 KB
56 KB 401ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1creamline-gold-medal-milkshake-inuovj.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 83ebf62330c5e8104f688ea0ae855b3c19542123b30946f4753d1530c72b99c8

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Sat, 27 Jul 2024 00:09:40 GMT
Server: Apache
ETag: "df77-61e2f71bb5671"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 57207

GET
H/1.1 200
OK 1christmas-spactacular-radio-city-2024-xqxekf.jpg
cititour.com/NYC_Tour/homepage/images/ 99 KB
99 KB 293ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1christmas-spactacular-radio-city-2024-xqxekf.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 93bda3a476867ac7c9f754c96431523fc5e5b9eaa12358c85557fb70e9c598b2

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Thu, 25 Jul 2024 21:06:00 GMT
Server: Apache
ETag: "18bcd-61e18c3075116"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 101325

GET
H/1.1 200
OK 1hells-kitchen-broadway-b-hidxel.jpg
cititour.com/NYC_Tour/homepage/images/ 92 KB
92 KB 103ms
103ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1hells-kitchen-broadway-b-hidxel.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 7042f0dd4a75da3085caf91ee3f49dfd319df4f686eed20d9dcea8af9fff51ba

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Wed, 24 Jul 2024 22:47:54 GMT
Server: Apache
ETag: "16e2f-61e0611989e1c"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 93743

GET
H/1.1 200
OK 1figure-eight-janice-sung-pastry-chef-gliovg.jpg
cititour.com/NYC_Tour/homepage/images/ 80 KB
81 KB 102ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1figure-eight-janice-sung-pastry-chef-gliovg.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 6217eb13247403dc69db1d6335c69812fb99c01a27b47af7177f44656741af8d

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Wed, 24 Jul 2024 16:29:41 GMT
Server: Apache
ETag: "14173-61e00c90914b0"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 82291

GET
H/1.1 200
OK 1upscale-jello-shots-for-brat-summer-qyzx2w.jpg
cititour.com/NYC_Tour/homepage/images/ 95 KB
95 KB 102ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1upscale-jello-shots-for-brat-summer-qyzx2w.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 909b016a0d5ab08bc19392ec2b1abf897f64e1b922dc8fc1ca5416d4b959362d

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Tue, 23 Jul 2024 22:11:47 GMT
Server: Apache
ETag: "17bd2-61df17297e40f"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 97234

GET
H/1.1 200
OK 1chica-the-don-nyc-empanadas-39m6du.jpg
cititour.com/NYC_Tour/homepage/images/ 106 KB
106 KB 102ms
101ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1chica-the-don-nyc-empanadas-39m6du.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 656e9238e7a81fb11397a4cd47b3894e647c40bf05af3ca4745910c8781563a6

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Wed, 24 Jul 2024 14:47:44 GMT
Server: Apache
ETag: "1a62e-61dff5c63c59b"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 108078

GET
H/1.1 200
OK 1sereneco-summer-restaurant-week-nyc-h38in1.jpg
cititour.com/NYC_Tour/homepage/images/ 89 KB
89 KB 102ms
102ms Image
image/jpeg 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Tour/homepage/images/1sereneco-summer-restaurant-week-nyc-h38in1.jpg
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 02adebfe50ae37c8c7531c588386cc65f9efdaaf3b0d9f7b2b3dd9ec1506c768

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Mon, 22 Jul 2024 05:24:31 GMT
Server: Apache
ETag: "16245-61dcf42882d81"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 90693

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
52 KB 78ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74c4964cb8b991eeccb5c990e0bebec6d92580e30eaa64b683a7aa6df2a9cff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 09:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53696
x-xss-protection: 0
server: cafe
etag: 2745455821873757665
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 31 Jul 2024 09:59:31 GMT

GET
H/1.1 200
OK newsletter.png
cititour.com/assets/img/ 2 KB
2 KB 101ms
101ms Image
image/png 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/assets/img/newsletter.png
Requested by: Host: cititour.com
URL: https://cititour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 6efbe8b033996d9e8ca854c5070983b213a624d90aef79eba5fa150f669f7b76

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:31 GMT
Last-Modified: Sat, 15 Jun 2024 07:12:57 GMT
Server: Apache
ETag: "645-61ae87622f040"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1605

GET
H3 200 sienna.min.js Show response
website-widgets.pages.dev/dist/ 70 KB
22 KB 75ms
47ms Script
application/javascript 2606:4700:310c::ac42:2f70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://website-widgets.pages.dev/dist/sienna.min.js

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a37a410a4dacdc605329259736da37dcbc519b8dc45977e8f9dab645503112a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 09:59:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a5a2204d57ca0657ffee59dc01494a66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GkQ8U0xaR0IWzhzoOGn%2ByawxUa7SKs2Jqv%2BZpwWGTWJngo2Bji0CN%2BjnoNSYf5AHhakEbLDNM%2BuW%2Fx%2FElBjAuix%2FlMFB4yRJZfDfE1strOSZLHKBMpxogr%2BdVo2cDZowgELxM0PZoGnGE22dBp45Xj0bKTQMdG8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abcbc72dd339b67-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 35ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E63XBZJTV8&gtm=45je47t0v885880048za200&_p=1722419970781&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=779716192.1722419971&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722419970&sct=1&seg=0&dl=https%3A%2F%2Fcititour.com%2F&dt=Home%20%7C%20NYC%20Home%20%7C%20Cititour.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1196
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E63XBZJTV8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 09:59:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cititour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 38ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cititour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 11:48:15 GMT
x-content-type-options: nosniff
age: 79876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 11:48:15 GMT

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 22 KB
22 KB 41ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cititour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:49:17 GMT
x-content-type-options: nosniff
age: 69014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22768
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:50:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 14:49:17 GMT

GET
H2 200 wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
fonts.gstatic.com/s/barlowsemicondensed/v15/ 22 KB
22 KB 33ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@200;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ec7aa456249a38fb4826bd398c5ceb4fc82469ca304492a70af2b8500db605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cititour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 11:58:09 GMT
x-content-type-options: nosniff
age: 79282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22356
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 11:58:09 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cititour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 11:47:41 GMT
x-content-type-options: nosniff
age: 79910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 11:47:41 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/ 424 KB
143 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0331841528289462&plah=cititour.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

150b67323bcd2a38ea245fc289ab9878fa4599469328aa68b31bdbfc58ee53f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 09:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146647
x-xss-protection: 0
server: cafe
etag: 13868566545909943528
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jul 2024 09:59:31 GMT

GET
H2 200 ca-pub-0331841528289462 Show response
fundingchoicesmessages.google.com/i/ 202 KB
67 KB 86ms
37ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-0331841528289462?href=https%3A%2F%2Fcititour.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0331841528289462&plah=cititour.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15b5ea2875d36da9700bcbd470361bc94f674b616a15b8a3acc96b8b7c76eddb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OqlfnITPmsPKWb9-0E56-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 09:59:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-OqlfnITPmsPKWb9-0E56-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgNlS4xOoMxEI8HM3TVmxlEzhw881lRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA3MjSz0D0_gCAwC8_jx6"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVhCVwXbVyFwF-ZNsfXwiznNlBc-akSnYTC1Gr4QUJCM4AaJ2GRklUHLl92NqzwFpRN6bwPNoKyNyLemJdUjxACCL0z4qtYOmI_P2_usYKHmIzOYF335W7zeVD3FmnmFSocfg9c8g== Show response
fundingchoicesmessages.google.com/f/ 422 KB
63 KB 105ms
105ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVhCVwXbVyFwF-ZNsfXwiznNlBc-akSnYTC1Gr4QUJCM4AaJ2GRklUHLl92NqzwFpRN6bwPNoKyNyLemJdUjxACCL0z4qtYOmI_P2_usYKHmIzOYF335W7zeVD3FmnmFSocfg9c8g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNDE5OTcxLDQ5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jaXRpdG91ci5jb20vIixudWxsLFtbOCwiTkNwM2hJdUNzV3MiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTg5XSxudWxsLDhdIl0sWzE5LCIxIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NCp3hIuCsWs.es5.O/am=Phg/d=1/rs=AJlcJMyg6Zp5A5rWC-wA-utaIKXCBMDHIw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4b23580ffd30820bc6e8aa769972505fa9c0148d141cf4decbe394fcf65d2a6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DZg4XesMk2GnjMePEpRanw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 09:59:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DZg4XesMk2GnjMePEpRanw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw15BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgNlS4xOoMxEI8HM3TVmxlE5ixYvIMJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA3MjSz0D0_gCAwCYsjuY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NCp3hIuCsWs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy3h1mLL4jygIXqvYKiz8UWts1ofw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4dafdd94f789a13c39c29335b6cee9a513669c60d779ffb1f19c50f4b1b0c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 09:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 09:59:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 09:59:31 GMT

POST
H3 204 AGSKWxXIUUG5cWKf-USdIROJxbM25xz5vQ1N-dS9_WiHne55UL9QeJrUDTztuN5SBYjAIn34OX5t8UwhkGy73Y2wmrNGMf8L1IldM98tnDlTl-p4CXDoaPaMwjl4haQ_z9nWmdCm1kZm0A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
21ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIUUG5cWKf-USdIROJxbM25xz5vQ1N-dS9_WiHne55UL9QeJrUDTztuN5SBYjAIn34OX5t8UwhkGy73Y2wmrNGMf8L1IldM98tnDlTl-p4CXDoaPaMwjl4haQ_z9nWmdCm1kZm0A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_dHzR0PyDIplAluiSJtrVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jul 2024 09:59:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_dHzR0PyDIplAluiSJtrVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoAxJ8fn2P9DcTuWhdZ_YF4ScRF1gOJF1mFeDiap63YyiZwYteVI0xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA3MhSz8A8vsAAAIvVLlE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cititour.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXIUUG5cWKf-USdIROJxbM25xz5vQ1N-dS9_WiHne55UL9QeJrUDTztuN5SBYjAIn34OX5t8UwhkGy73Y2wmrNGMf8L1IldM98tnDlTl-p4CXDoaPaMwjl4haQ_z9nWmdCm1kZm0A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
18ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIUUG5cWKf-USdIROJxbM25xz5vQ1N-dS9_WiHne55UL9QeJrUDTztuN5SBYjAIn34OX5t8UwhkGy73Y2wmrNGMf8L1IldM98tnDlTl-p4CXDoaPaMwjl4haQ_z9nWmdCm1kZm0A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CPCYWtptzIr-Aq4dl514lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jul 2024 09:59:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-CPCYWtptzIr-Aq4dl514lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoAxJ8fn2P9DcRLIi6yHki8yCrEw9E8bcVWNoEHFxccYVJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmRpZ6BubxBQYARIorrA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cititour.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
Origin: https://cititour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 12:26:16 GMT
x-content-type-options: nosniff
age: 77595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 12:26:16 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: cititour.com
URL: https://cititour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cititour.com/
Origin: https://cititour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 07:51:59 GMT
x-content-type-options: nosniff
age: 94052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 07:51:59 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cititour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:43:08 GMT
x-content-type-options: nosniff
age: 69383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 14:43:08 GMT

GET
H/1.1 200
OK favicon.ico
cititour.com/assets/img/ 15 KB
3 KB 102ms
102ms Other
image/x-icon 216.92.109.8
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cititour.com/assets/img/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.109.8 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 2e31dae5b5bac7e83a4d083c628911ff2e6a89beb9eed4b9dec9597371ce8713

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 09:59:33 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Jun 2024 07:12:57 GMT
Server: Apache
ETag: "3c2e-61ae87622f040-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2309

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 15ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E63XBZJTV8&gtm=45je47t0v885880048za200&_p=1722419970781&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=779716192.1722419971&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722419970&sct=1&seg=0&dl=https%3A%2F%2Fcititour.com%2F&dt=Home%20%7C%20NYC%20Home%20%7C%20Cititour.com&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6200
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E63XBZJTV8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://cititour.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 09:59:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cititour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cititour.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: f7oia3hbddsaipeapmmvtdka3v
.cititour.com/	1970-01-21 08:02:59	Name: _ga Value: GA1.1.779716192.1722419971
.cititour.com/	1970-01-21 08:02:59	Name: _ga_E63XBZJTV8 Value: GS1.1.1722419970.1.0.1722419970.0.0.0
cititour.com/	1969-12-31 23:59:59	Name: asw Value: {"lang":"de-DE"}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cititour.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
region1.google-analytics.com
website-widgets.pages.dev
www.googletagmanager.com
www.m.cititour.com
2001:4860:4802:34::36
216.92.109.8
2606:4700:310c::ac42:2f70
2a00:1450:4001:806::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:830::200a
2a04:4e42:400::649
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02adebfe50ae37c8c7531c588386cc65f9efdaaf3b0d9f7b2b3dd9ec1506c768
03e6f809882086d8728f0902458f158b64ec6b8149aa91c03743e8e23e2f983f
0a37a410a4dacdc605329259736da37dcbc519b8dc45977e8f9dab645503112a
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
150b67323bcd2a38ea245fc289ab9878fa4599469328aa68b31bdbfc58ee53f8
15b5ea2875d36da9700bcbd470361bc94f674b616a15b8a3acc96b8b7c76eddb
1c7510cd1ecdcdbaf8d47f7e32f1ef6d2606f379c10cc95581e302cb148d95a6
22dbfe7e1e15b993ad6fb08f7217b51b2dd399e8bb0f8c09abee5241d954e32c
2320d11002168923a34cbb754f66dc7f413d0cf780af6a8e24656f815245e304
23d7fe6bd1e0697efe519f328505caf295660397acfd6da5574e9fb58e0744c7
2e31dae5b5bac7e83a4d083c628911ff2e6a89beb9eed4b9dec9597371ce8713
31d475705b8491194c9bc19f7d27a477dbc153037aeb50269b6f56a33fe6e3ce
32866cf16082e1b250e686ac652ab604bcdeb5f05a0caee8daf3f9d5aaa791ab
3bf00a081eb3ba29e57569c077638caab56c484ddd5b585489259250e1b09ee7
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4623bf3b3a8fdddbaa4009f8a916aa1816cd5a54019a94b83ea50e3c2783fba3
4e0e20ad38df787103d0cd7437ac4b78c0fcecd21ba05def0cc25abc8ae8a877
52dbe99f28a47683421782eae0552a120b59aaeb6d539262949feb36a29e9b63
5996981e8ab9031efac2a09bbb5733a3d57b0df7065f995a3919dd45c3509339
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
6217eb13247403dc69db1d6335c69812fb99c01a27b47af7177f44656741af8d
656e9238e7a81fb11397a4cd47b3894e647c40bf05af3ca4745910c8781563a6
68c7c414bd6a05324faf62cfb073eb92acbb8531f5825862f70aba9ab7816910
6efbe8b033996d9e8ca854c5070983b213a624d90aef79eba5fa150f669f7b76
7042f0dd4a75da3085caf91ee3f49dfd319df4f686eed20d9dcea8af9fff51ba
70aaa71d40f901edac76dc7e100130759d5d3a570356301e0160056fdb11f0f1
74c4964cb8b991eeccb5c990e0bebec6d92580e30eaa64b683a7aa6df2a9cff1
74ec7aa456249a38fb4826bd398c5ceb4fc82469ca304492a70af2b8500db605
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ead3845eadd223dcbfdf97a688f06e8f2f7c8f794c759e1bbcfd9ecc0e9068c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83ebf62330c5e8104f688ea0ae855b3c19542123b30946f4753d1530c72b99c8
888bc502721f7c046e5d251f5046e7096cc402ad35387978f52f95e7cb1b7eac
909b016a0d5ab08bc19392ec2b1abf897f64e1b922dc8fc1ca5416d4b959362d
93bda3a476867ac7c9f754c96431523fc5e5b9eaa12358c85557fb70e9c598b2
9470d566bcd989389980c3bb0f1e308258ccb122043b12959174b5028577573b
9702de357f88d85f6f6b9fbca6869526a9a5cbf13781ba281236646f84e5174f
a2f550d6b6e570ade30344d59b0c811fb2970c5c448637e189532e13a642dad6
a68723afa122aeb90702975e2eff5da033b766ad9c4ae70b18bebf16aa3333ff
b4b23580ffd30820bc6e8aa769972505fa9c0148d141cf4decbe394fcf65d2a6
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb8a7ecd5d1f8c7d88d643b77a253fecd27b222bb0d88ea04594b688a8145177
d2cd2e291160c2dfcf52ca45e02000f2161e519773679d78c6f1b6549efc1d11
d9b7bd1a5017d815dbf81c642cf2d39e32ee6b05b75c94265957cd19d2d84426
e05fe37dbd431b949ec19066170c5c22beeebcad17c34de7cb87d5aad91dda94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3b2f591d29a32a844fb264bdd0704275a600267eaed1403c125e2e4902dc638
f4dafdd94f789a13c39c29335b6cee9a513669c60d779ffb1f19c50f4b1b0c3e
f92e045942b5b4f3e5d295b9321521f122cb1f6c2575fa4afbae2dfb66b4cf30
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

cititour.com Open in urlscan Pro 216.92.109.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

90 %IPv6

9 Domains

11 Subdomains

10 IPs

2 Countries

2578 kBTransfer

3948 kBSize

4 Cookies

6 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cititour.com Open in urlscan Pro
216.92.109.8 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

2578 kB
Transfer

3948 kB
Size

4
Cookies

54 HTTP transactions
0 data transactions