www.promo.citizengreentech.com Open in urlscan Pro
35.206.103.210  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.promo.citizengreentech.com/	8 KB 8 KB	737ms 138ms	Document text/html	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash 94212cacf1e0e9ee5affec179d67ac0ec26b9f7f8c0d47ede6b57765e5deec9e Request headers :method GET :authority www.promo.citizengreentech.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 server nginx date Thu, 02 Apr 2020 08:27:43 GMT content-type text/html content-length 8322 last-modified Sun, 24 Jun 2018 10:23:40 GMT etag "2082-56f60a8a3f2d7" host-header 192fc2e7e50945beb8231a492d6a8024 5d77dd967d63c3104bced1db0cace49c alt-svc quic=":443"; ma=86400; v="43,39" x-proxy-cache MISS accept-ranges bytes
GET H2	200	CGLPv2.css www.promo.citizengreentech.com/	8 KB 8 KB	330ms 329ms	Stylesheet text/css	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://www.promo.citizengreentech.com/CGLPv2.css Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash 65936985f8f17d18931d5d5b22929938d3d8328a11b5315a0cb016259e8a32d7 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 02 Apr 2020 08:27:43 GMT last-modified Sun, 24 Jun 2018 08:51:09 GMT server nginx etag "205a-56f5f5dc01940" content-type text/css status 200 host-header 192fc2e7e50945beb8231a492d6a8024, 5d77dd967d63c3104bced1db0cace49c accept-ranges bytes alt-svc quic=":443"; ma=86400; v="43,39" content-length 8282 x-proxy-cache MISS
GET H/1.1	200 OK	classic-10_7.css cdn-images.mailchimp.com/embedcode/	4 KB 2 KB	67ms 24ms	Stylesheet text/css	13.225.79.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-images.mailchimp.com/embedcode/classic-10_7.css Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.79.169 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-79-169.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Thu, 02 Apr 2020 05:52:39 GMT Content-Encoding gzip Last-Modified Thu, 17 Dec 2015 16:52:30 GMT Server AmazonS3 Age 9305 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css Via 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront) Transfer-Encoding chunked X-Amz-Cf-Pop FRA2-C2 Connection keep-alive X-Amz-Cf-Id nSKlUkrbf5hgfCTtzUC2y11pClbT8IoLRXBBKmKZOFVPt4UX3vy5dQ==
GET H2	200	Group.png www.promo.citizengreentech.com/img/	185 KB 185 KB	140ms 139ms	Image image/png	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Show image Full URL https://www.promo.citizengreentech.com/img/Group.png Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash c11e183fca8b73d3d6524c2372b4df559fa85ab2e74d93d0053c8bef096b872c Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 08:27:43 GMT last-modified Sun, 10 Jun 2018 15:49:32 GMT server nginx etag "2e2aa-56e4b943a3b00" content-type image/png status 200 host-header 192fc2e7e50945beb8231a492d6a8024, 5d77dd967d63c3104bced1db0cace49c accept-ranges bytes alt-svc quic=":443"; ma=86400; v="43,39" content-length 189098 x-proxy-cache MISS
GET H2	200	google-play-badge.svg cdn.worldvectorlogo.com/logos/	5 KB 2 KB	35ms 7ms	Image image/svg+xml	2600:9000:20eb:f000:c:4c33:9b40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.worldvectorlogo.com/logos/google-play-badge.svg Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:f000:c:4c33:9b40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 29b23a4a68ce535b419e9c0b6f6943cbddd4711900aa1e33d8f8654263e4fa27 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 18:59:04 GMT content-encoding gzip last-modified Wed, 11 Jan 2017 17:00:59 GMT server AmazonS3 age 2640520 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml status 200 cache-control max-age=31536000,public x-amz-cf-pop FRA2-C1 x-amz-cf-id yQ4qFPWpEhTUsI55Mu3bI1cifXcCfpXH2T6ocIkzeMgm_ndOq2ONiA== via 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront) expires Thu, 11 Jan 2018 17:00:58 GMT
GET H/1.1	200 OK	app-store-logo.png www.madbeerweek.com/wp-content/uploads/2017/04/	16 KB 17 KB	454ms 424ms	Image image/png	192.124.249.60 SUCURI-SEC
General Check archive.org Show headers Download Go to Show image Full URL http://www.madbeerweek.com/wp-content/uploads/2017/04/app-store-logo.png Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol HTTP/1.1 Server 192.124.249.60 , United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10060.sucuri.net Software Sucuri/Cloudproxy / Resource Hash 85256aa630404e8deb67527c256c5b8479b4bcab52db99ab56be3184fd26f825 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 02 Apr 2020 08:27:43 GMT X-Content-Type-Options nosniff, nosniff X-Cacheable YES X-Backend all_requests Age 588011 X-Cache cached X-Sucuri-Cache MISS Connection keep-alive Content-Length 16882 X-XSS-Protection 1; mode=block, 1; mode=block Last-Modified Thu, 14 Mar 2019 20:28:03 GMT Server Sucuri/Cloudproxy Cache-Control max-age=315360000 X-Frame-Options SAMEORIGIN ETag "41f2-58413c25b84a4" Strict-Transport-Security max-age=300 Content-Type image/png X-Cache-Hit HIT X-Sucuri-ID 19010 Accept-Ranges bytes Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	graphic003new.gif www.promo.citizengreentech.com/img/	5 MB 5 MB	165ms 164ms	Image image/gif	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Show image Full URL https://www.promo.citizengreentech.com/img/graphic003new.gif Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash 19067f569a5cdc1000867732b62d0eddcae51918b2982c22700dc40af2b95aab Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 08:27:43 GMT last-modified Sun, 10 Jun 2018 13:27:14 GMT server nginx etag "50ab49-56e499752b080" content-type image/gif status 200 host-header 192fc2e7e50945beb8231a492d6a8024, 5d77dd967d63c3104bced1db0cace49c accept-ranges bytes alt-svc quic=":443"; ma=86400; v="43,39" content-length 5286729 x-proxy-cache MISS
GET H2	200	pics3.png www.promo.citizengreentech.com/img/	50 KB 50 KB	160ms 158ms	Image image/png	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Show image Full URL https://www.promo.citizengreentech.com/img/pics3.png Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash 981861feee0b641c725593114fb9d8c8561fe1dba6c14930873ebea4ca2b69da Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 08:27:43 GMT last-modified Sun, 10 Jun 2018 16:10:43 GMT server nginx etag "c867-56e4bdffc26c0" content-type image/png status 200 host-header 192fc2e7e50945beb8231a492d6a8024, 5d77dd967d63c3104bced1db0cace49c accept-ranges bytes alt-svc quic=":443"; ma=86400; v="43,39" content-length 51303 x-proxy-cache MISS
GET H2	200	CG.png www.promo.citizengreentech.com/img/	6 KB 7 KB	148ms 147ms	Image image/png	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Show image Full URL https://www.promo.citizengreentech.com/img/CG.png Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash 629adaa776197e208611fb6892cd2ba942bd5e4f3e973df4819328012d2ec3c5 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 08:27:43 GMT last-modified Tue, 12 Jun 2018 13:44:25 GMT server nginx etag "1950-56e7210754040" content-type image/png status 200 host-header 192fc2e7e50945beb8231a492d6a8024, 5d77dd967d63c3104bced1db0cace49c accept-ranges bytes alt-svc quic=":443"; ma=86400; v="43,39" content-length 6480 x-proxy-cache MISS
GET H2	200	GCAC.svg www.promo.citizengreentech.com/img/	1 KB 1 KB	152ms 151ms	Image image/svg+xml	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Show image Full URL https://www.promo.citizengreentech.com/img/GCAC.svg Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash 9991ff7c8cde369b318fe87126c8cb3fe613fb15d0628c4154e1b18edaf38ec0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 08:27:43 GMT last-modified Tue, 12 Jun 2018 14:44:28 GMT server nginx etag "444-56e72e736ab00" content-type image/svg+xml status 200 host-header 192fc2e7e50945beb8231a492d6a8024, 5d77dd967d63c3104bced1db0cace49c accept-ranges bytes alt-svc quic=":443"; ma=86400; v="43,39" content-length 1092 x-proxy-cache MISS
GET H2	200	app.js Show response www.promo.citizengreentech.com/	792 B 1 KB	295ms 294ms	Script text/html	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://www.promo.citizengreentech.com/app.js Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash aceaa130e2cbd06c7c204c0932e21691995fdab2d75223320d5b4f28e5c2d795 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 02 Apr 2020 08:27:43 GMT last-modified Wed, 04 Jul 2018 14:11:46 GMT server nginx etag "318-5702d02c72c80" content-type text/html status 200 host-header 192fc2e7e50945beb8231a492d6a8024, 5d77dd967d63c3104bced1db0cace49c accept-ranges bytes alt-svc quic=":443"; ma=86400; v="43,39" content-length 792 x-proxy-cache MISS
GET H/1.1	200 OK	mc-validate.js Show response s3.amazonaws.com/downloads.mailchimp.com/js/	140 KB 140 KB	581ms 257ms	Script application/javascript	52.216.206.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.206.77 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 02 Apr 2020 08:27:45 GMT Last-Modified Mon, 20 Aug 2018 17:42:38 GMT Server AmazonS3 x-amz-request-id CC415E0144A7E936 ETag "6465dd4a8331265e6629cd069e03504c" Content-Type application/javascript Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 143249 x-amz-id-2 fKH6EHqC2kk+BAWkJwPv9p2j43rkxnumdzgRnoQt0nBQGX8bWcNDq6cmAtusGbcY3kDAm2/4HzQ=
GET H2	200	conversion.js Show response www.googleadservices.com/pagead/	26 KB 10 KB	72ms 32ms	Script text/javascript	172.217.23.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s18-in-f2.1e100.net Software cafe / Resource Hash 6a1b1ac854ffe11eaeb3350bc3848bc697e0e8c86584143e1077f22a3a4a2298 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 02 Apr 2020 08:27:43 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 9938 x-xss-protection 0 server cafe etag 14709318539200932769 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 02 Apr 2020 08:27:43 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	76 KB 28 KB	41ms 40ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-113251538-3 Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e9b219a22495ff83635188f58872867cedb23185b2454980cf7002debde20ae2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 02 Apr 2020 08:27:43 GMT content-encoding br status 200 strict-transport-security max-age=31536000; includeSubDomains alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 29062 x-xss-protection 0 last-modified Thu, 02 Apr 2020 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 02 Apr 2020 08:27:43 GMT
GET H2	200	1.css fast.fonts.net/lt/	0 212 B	34ms 6ms	Stylesheet text/css	2606:2800:234:660:118e:28f:1d8a:2522 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://fast.fonts.net/lt/1.css?apiType=css&c=82cc6cb7-11a1-497e-a167-17d330fd3f94&fontids=692079,%20692082,%20692085,%20692088 Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (fcn/40E4) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 02 Apr 2020 08:27:43 GMT content-encoding gzip last-modified Wed, 27 Feb 2013 16:37:27 GMT server ECS (fcn/40E4) age 630878 etag "4223536118" vary Accept-Encoding x-cache HIT content-type text/css status 200 cache-control max-age=604800 accept-ranges bytes access-control-allow-origin * content-length 20 expires Thu, 09 Apr 2020 08:27:43 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	126 KB 30 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=3600 content-length 30466 x-xss-protection 0 pragma public x-fb-debug WJVRo4JXKS7n4JGmXVLILHR72JgdXIfmn1yytSJFtgUqOeZmF/Y+UCcBnVLb5Qa3kA38M+1KNocHEojhazbiTA== x-fb-trip-id 420120009 date Thu, 02 Apr 2020 08:27:43 GMT, Thu, 02 Apr 2020 08:27:43 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	invitebox-landing.js Show response invitebox.com/invitation-camp/21225/	114 B 422 B	352ms 130ms	Script text/javascript	67.205.173.93 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://invitebox.com/invitation-camp/21225/invitebox-landing.js?hash= Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 67.205.173.93 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash b317c7de438a14e11c123ab221ccaa06e7cc9c90b0e646ecbd40eee4d876ff30 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Thu, 02 Apr 2020 08:27:44 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Vary Accept-Encoding, Cookie P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Transfer-Encoding chunked Connection keep-alive Content-Type text/javascript
GET H2	200	700cfd4c-3384-4654-abe1-aa1a6e8058e4.woff2 www.promo.citizengreentech.com/cgt/Fonts/692088/	29 KB 29 KB	153ms 153ms	Font application/octet-stream	35.206.103.210 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://www.promo.citizengreentech.com/cgt/Fonts/692088/700cfd4c-3384-4654-abe1-aa1a6e8058e4.woff2 Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.206.103.210 Mountain View, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 210.103.206.35.bc.googleusercontent.com Software nginx / Resource Hash bcb5e2e6310512e6a1ab24b8b40d662fb5ecb7b277bce1d11020effd6fbb839b Request headers Referer https://www.promo.citizengreentech.com/CGLPv2.css Origin https://www.promo.citizengreentech.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 02 Apr 2020 08:27:43 GMT last-modified Tue, 12 Jun 2018 01:50:18 GMT server nginx etag "7210-56e681693ea80" status 200 host-header 192fc2e7e50945beb8231a492d6a8024, 5d77dd967d63c3104bced1db0cace49c accept-ranges bytes alt-svc quic=":443"; ma=86400; v="43,39" content-length 29200 x-proxy-cache MISS
GET H2	200	1889919721307230 Show response connect.facebook.net/signals/config/	447 KB 113 KB	70ms 70ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1889919721307230?v=2.9.15&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 38be4ba87ad0d6248ab9aa58172a528776a358ed351293fe27322b05d424da5e Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug G/9jl3XUlMhm930P18Q3AqRPDTxLcOsfz435RCcCicuLUTUZc0RmdF+nLS9EevsQzU7xIeixbZ1FJ028+ejsXg== x-fb-trip-id 420120009 date Thu, 02 Apr 2020 08:27:43 GMT, Thu, 02 Apr 2020 08:27:43 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 249 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1889919721307230&ev=PageView&dl=https%3A%2F%2Fwww.promo.citizengreentech.com%2F&rl=&if=false&ts=1585816063927&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585816063926.1755328698&it=1585816063826&coo=false&rqm=GET Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 08:27:43 GMT, Thu, 02 Apr 2020 08:27:43 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-27=":443"; ma=3600 content-length 44 expires Thu, 02 Apr 2020 08:27:43 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/800875769/	2 KB 1 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/800875769/?random=1585816064667&cv=9&fst=1585816064667&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.promo.citizengreentech.com%2F&tiba=CitizenGreen&hn=www.googleadservices.com&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88e97003fb8f5405dc4592ec2dd9190e921873aaac44dd4e9bb51354f3774ee7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers pragma no-cache date Thu, 02 Apr 2020 08:27:44 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 976 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-113251538-3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 6549 date Thu, 02 Apr 2020 06:38:35 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 18174 expires Thu, 02 Apr 2020 08:38:35 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/800875769/	42 B 122 B	20ms 20ms	Image image/gif	2a00:1450:4001:81e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/800875769/?random=1585816064667&cv=9&fst=1585814400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.promo.citizengreentech.com%2F&tiba=CitizenGreen&fmt=3&is_vtc=1&random=460041918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 02 Apr 2020 08:27:44 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/800875769/	42 B 110 B	18ms 18ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/800875769/?random=1585816064667&cv=9&fst=1585814400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.promo.citizengreentech.com%2F&tiba=CitizenGreen&fmt=3&is_vtc=1&random=460041918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 02 Apr 2020 08:27:44 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 108 B	15ms 15ms	Image image/gif	2a00:1450:4001:817::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j81&a=777035493&t=pageview&_s=1&dl=https%3A%2F%2Fwww.promo.citizengreentech.com%2F&ul=en-us&de=UTF-8&dt=CitizenGreen&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=527018556&gjid=884419339&cid=1960279127.1585816065&tid=UA-113251538-3&_gid=675162786.1585816065&_r=1&gtm=2ou3p1&z=1008558671 Requested by Host: www.promo.citizengreentech.com URL: https://www.promo.citizengreentech.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Thu, 02 Apr 2020 08:27:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 147 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1889919721307230&ev=Microdata&dl=https%3A%2F%2Fwww.promo.citizengreentech.com%2F&rl=&if=false&ts=1585816065431&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22CitizenGreen%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585816063926.1755328698&it=1585816063826&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.promo.citizengreentech.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 08:27:45 GMT, Thu, 02 Apr 2020 08:27:45 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-27=":443"; ma=3600 content-length 44 expires Thu, 02 Apr 2020 08:27:45 GMT

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| fbq function| _fbq function| checkForm undefined| $ undefined| jQuery object| mc function| $mcj object| fnames object| ftypes object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.citizengreentech.com/	1970-01-19 08:30:16	Name: _gat_gtag_UA_113251538_3 Value: 1
			.citizengreentech.com/	1970-01-20 02:01:28	Name: _ga Value: GA1.2.1960279127.1585816065
			.citizengreentech.com/	1970-01-19 08:31:42	Name: _gid Value: GA1.2.675162786.1585816065
			.citizengreentech.com/	1970-01-19 10:39:52	Name: _fbp Value: fb.1.1585816063926.1755328698

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
cdn.worldvectorlogo.com
connect.facebook.net
fast.fonts.net
googleads.g.doubleclick.net
invitebox.com
s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.madbeerweek.com
www.promo.citizengreentech.com
13.225.79.169
172.217.23.130
192.124.249.60
2600:9000:20eb:f000:c:4c33:9b40:93a1
2606:2800:234:660:118e:28f:1d8a:2522
2a00:1450:4001:800::2008
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81e::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.206.103.210
52.216.206.77
67.205.173.93
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19067f569a5cdc1000867732b62d0eddcae51918b2982c22700dc40af2b95aab
29b23a4a68ce535b419e9c0b6f6943cbddd4711900aa1e33d8f8654263e4fa27
38be4ba87ad0d6248ab9aa58172a528776a358ed351293fe27322b05d424da5e
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
629adaa776197e208611fb6892cd2ba942bd5e4f3e973df4819328012d2ec3c5
65936985f8f17d18931d5d5b22929938d3d8328a11b5315a0cb016259e8a32d7
6a1b1ac854ffe11eaeb3350bc3848bc697e0e8c86584143e1077f22a3a4a2298
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85256aa630404e8deb67527c256c5b8479b4bcab52db99ab56be3184fd26f825
88e97003fb8f5405dc4592ec2dd9190e921873aaac44dd4e9bb51354f3774ee7
94212cacf1e0e9ee5affec179d67ac0ec26b9f7f8c0d47ede6b57765e5deec9e
981861feee0b641c725593114fb9d8c8561fe1dba6c14930873ebea4ca2b69da
9991ff7c8cde369b318fe87126c8cb3fe613fb15d0628c4154e1b18edaf38ec0
aceaa130e2cbd06c7c204c0932e21691995fdab2d75223320d5b4f28e5c2d795
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b317c7de438a14e11c123ab221ccaa06e7cc9c90b0e646ecbd40eee4d876ff30
bcb5e2e6310512e6a1ab24b8b40d662fb5ecb7b277bce1d11020effd6fbb839b
c11e183fca8b73d3d6524c2372b4df559fa85ab2e74d93d0053c8bef096b872c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b219a22495ff83635188f58872867cedb23185b2454980cf7002debde20ae2
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629