urlscan.io logo urlscan.io
SecurityTrails logo

auth.citnow.com Open in urlscan Pro
2606:4700::6813:9813  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.arnoldclarkcarpreview.com/
Effective URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE...
Submission: On March 06 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6813:9813, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.citnow.com. The Cisco Umbrella rank of the primary domain is 448806.
TLS certificate: Issued by E1 on February 19th 2024. Valid for: 3 months.
This is the only time auth.citnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 35.179.2.35 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:235... 16509 (AMAZON-02)
5 2a05:d014:275... 16509 (AMAZON-02)
1 18.135.108.232 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 9
3    35.179.2.35 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: acg-primary.citnow.com
www.arnoldclarkcarpreview.com
2    2606:4700::6813:9813 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.citnow.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2359:5a00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
5    2a05:d014:275:cb00::c8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
dashboard.citnow.com
1    18.135.108.232 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-108-232.eu-west-2.compute.amazonaws.com
video.citnow.com
1    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 citnow.com
auth.citnow.com — Cisco Umbrella Rank: 448806
dashboard.citnow.com — Cisco Umbrella Rank: 514226
video.citnow.com — Cisco Umbrella Rank: 209985
58 KB
3 arnoldclarkcarpreview.com
www.arnoldclarkcarpreview.com — Cisco Umbrella Rank: 386568
1 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
4 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 709
15 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6663
63 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
12 7
Domain Requested by
5 dashboard.citnow.com auth.citnow.com
cdn.jsdelivr.net
3 www.arnoldclarkcarpreview.com 3 redirects
2 auth.citnow.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net auth.citnow.com
1 unpkg.com auth.citnow.com
1 video.citnow.com auth.citnow.com
1 cdn.auth0.com auth.citnow.com
1 fonts.googleapis.com auth.citnow.com
12 9

This site contains links to these domains. Also see Links.

Domain
www.citnow.com
Subject Issuer Validity Valid
auth.citnow.com
E1		 2024-02-19 -
2024-05-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
dashboard.citnow.com
R3		 2024-01-25 -
2024-04-24		 3 months crt.sh
*.citnow.com
Amazon RSA 2048 M03		 2023-11-09 -
2024-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Frame ID: E4E105DDDC4E5E63C9D2787BF01E08A2
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CitNOW Dashboard - Login

Page URL History Show full URLs

  1. http://www.arnoldclarkcarpreview.com/ HTTP 302
    http://www.arnoldclarkcarpreview.com/dashboard/user/login HTTP 301
    https://www.arnoldclarkcarpreview.com/dashboard/user/login HTTP 302
    https://auth.citnow.com/authorize?scope=openid%20profile%20email&response_mode=query&response_type=c... HTTP 302
    https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

159 kB
Transfer

411 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.arnoldclarkcarpreview.com/ HTTP 302
    http://www.arnoldclarkcarpreview.com/dashboard/user/login HTTP 301
    https://www.arnoldclarkcarpreview.com/dashboard/user/login HTTP 302
    https://auth.citnow.com/authorize?scope=openid%20profile%20email&response_mode=query&response_type=code&redirect_uri=https%3A%2F%2Fwww.arnoldclarkcarpreview.com%2Fdashboard%2Fuser%2Fcallback%3Fcontinue%3D%2Fdashboard%2F&connection=citnow&state=65e8d2a24a3096.33770936&client_id=DF9HRksnyGQ5IiusTfvLmg2f9WsAphWE HTTP 302
    https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
auth.citnow.com/u/
Redirect Chain
  • http://www.arnoldclarkcarpreview.com/
  • http://www.arnoldclarkcarpreview.com/dashboard/user/login
  • https://www.arnoldclarkcarpreview.com/dashboard/user/login
  • https://auth.citnow.com/authorize?scope=openid%20profile%20email&response_mode=query&response_type=code&redirect_uri=https%3A%2F%2Fwww.arnoldclarkcarpreview.com%2Fdashboard%2Fuser%2Fcallback%3Fcont...
  • https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1Rmdkx...
46 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d340371a98b2ba10d6eb9e8bd470391590bf06cafc3a1f27e601e00bf2db5d3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
86051c193e16dd7e-LHR
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 20:31:31 GMT
etag
W/"b678-RLhYeiJ1aJuErgyVamGwWAcnhLs"
expires
Wed, 06 Mar 2024 20:31:30 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
115
x-auth0-requestid
06de5917f12e8a4764e2
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1709757097
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
86051c174b9cdd7e-LHR
content-length
424
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 20:31:30 GMT
location
/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
5b32f32f00aee242ad1f
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1709757091
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 20:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 19:34:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 20:31:31 GMT
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.85.72/css/ 		271 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.85.72/css/main.cdn.min.css
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:5a00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37e8de409157227ddb6fd02a12d136be2c8270ba05fbe5176215d99604501a93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
2oaGJgIdhiuvynWsxlnMZE3Uwzg.rHe6
content-encoding
gzip
via
1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
date
Wed, 06 Mar 2024 02:03:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P10
age
66484
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Fri, 23 Feb 2024 16:05:08 GMT
server
AmazonS3
etag
W/"1cf2bcfe240b3f8eedfe6bd084b91a9b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
x-robots-tag
noindex
x-amz-cf-id
T77Ewumv7xM8AiXOj6yqW5uEQWivyv5ZFOCwlILprnqQOpKkrXTfMg==
logo-acg.png
dashboard.citnow.com/assets/images/login/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.citnow.com/assets/images/login/logo-acg.png
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
0800d36d66b28a8ad4b1a93f7a53efb77a502131e93e9c6d5b626f1bc4595af1
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id
01HRAQDKB6119N91XG3HJG8XE1
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
date
Wed, 06 Mar 2024 20:31:31 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
35093
content-length
1458
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
cache-status
"Netlify Edge"; hit
etag
"4fb40347adad21a4253bc8266df90929-ssl"
x-frame-options
deny
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
logo.png
video.citnow.com/staff/themes/citnow/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.citnow.com/staff/themes/citnow/images/logo.png
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.108.232 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-108-232.eu-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1791d2f3144a6973fe88452e5e8780c50e34a1fcf285201fbef6e3afa4327ec9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 20:31:31 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains;
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Feb 2019 15:40:15 GMT
Server
Apache
ETag
"420196-eab-582552c8fb5c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3755
circle-solid-red-gradient.svg
dashboard.citnow.com/assets/images/login/ 		709 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.citnow.com/assets/images/login/circle-solid-red-gradient.svg
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
d644442536b75884bff5012b1b4518f1c0859fee22d62ef7dc4d8e092489e0df
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id
01HRAQDKB6ABGEXWJ2NAN3P61A
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
date
Wed, 06 Mar 2024 20:31:31 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
38853
content-length
709
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
cache-status
"Netlify Edge"; hit
etag
"8ea4e624622ab7173d2e93453a6d4451-ssl"
x-frame-options
deny
content-type
image/svg+xml
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
circle-ring-purple-gradient.svg
dashboard.citnow.com/assets/images/login/ 		892 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.citnow.com/assets/images/login/circle-ring-purple-gradient.svg
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
b8c68eb94eb942fea4e837377aa8647109c66164fe86727f2892803a3452d6f4
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id
01HRAQDKB6MSMPCVG7X6A4APM3
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
date
Wed, 06 Mar 2024 20:31:31 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
38853
content-length
892
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
cache-status
"Netlify Edge"; hit
etag
"1be3c091d1d92b2d5a01767e5df30602-ssl"
x-frame-options
deny
content-type
image/svg+xml
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
i18next.min.js
unpkg.com/i18next@21.6.13/dist/umd/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/i18next@21.6.13/dist/umd/i18next.min.js
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d89568b489658df4cd2e2dee16b78d70df8c9ba47a2c09e0329db85153e4e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 20:31:31 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8583844
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGAX7EGQKADY6AQBA196AC2C-lhr
server
cloudflare
etag
W/"d501-Dr6nCgusSkK8QK7netng0RVXtX8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86051c1b7aa200a7-LHR
i18nextHttpBackend.min.js
cdn.jsdelivr.net/npm/i18next-http-backend@1.3.1/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/i18next-http-backend@1.3.1/i18nextHttpBackend.min.js
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36cfc9d9fcca943f0c314760b29b33589a5bc54f83729eccc15f35b8f5be505b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 20:31:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4800653
x-jsd-version
1.3.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220076-FRA, cache-lga21975-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"22d9-l4mdi15ui/zZbU1PixpWPHbIhGQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HezseNMp9E7XKCvdlTpZjRZzU%2BRl%2Brq2%2BxlbWLIRax676X1%2FloCLrbEfuXUhMxtEa4QJXW2gjBVA0zlo4Y4eu58sK7lSyYwKy6vMremP0umkPTGU2TcCHQVZ71CzPV8IyEupm%2BPdrthARREa8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
86051c1b7c647327-LHR
translations-login.js
dashboard.citnow.com/assets/scripts/ 		1 KB
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.citnow.com/assets/scripts/translations-login.js
Requested by
Host: auth.citnow.com
URL: https://auth.citnow.com/u/login?state=hKFo2SBmUFlOVWc3VzdYc25nQWQ5dkpUZDNhc1JMS3lqeGF4V6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE5vM2xYWGtydUpRV2d2a1IwbEJwRzZOSTJ4NW0zWU02o2NpZNkgREY5SFJrc255R1E1SWl1c1RmdkxtZzJmOVdzQXBoV0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
8a2af4cf3efe0e4572f8812d781192b9636c46f3bd6e48af8274b061dc59137e
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id
01HRAQDKB6JFEBC7W4NYP4VNNK
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
content-encoding
br
x-content-type-options
nosniff
date
Wed, 06 Mar 2024 20:31:31 GMT
strict-transport-security
max-age=31536000
age
20782
content-length
523
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
cache-status
"Netlify Edge"; hit
etag
"fbb7b379373599b5e49ae139ae6d7512-ssl-df"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://auth.citnow.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.citnow.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 02:41:41 GMT
x-content-type-options
nosniff
age
64190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Mar 2025 02:41:41 GMT
login.en.json
dashboard.citnow.com/locales/en/ 		417 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dashboard.citnow.com/locales/en/login.en.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/i18next-http-backend@1.3.1/i18nextHttpBackend.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
1a43d1a34505112fd594cdcf490fa265100ff1862b6a1ae90ac567e6b54a01c0
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id
01HRAQDKGQA7RA2WWR00E5CQGD
content-security-policy
base-uri 'self' https://*.citnow.com; default-src 'self' 'unsafe-inline' https://*.citnow.com https://*.web1on1.chat; style-src 'self' 'unsafe-inline' https://*.citnow.com https://fonts.googleapis.com https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com https://*.hotjar.com; script-src 'self' 'unsafe-inline' https://*.citnow.com https://*.googletagmanager.com https://*.google-analytics.com https://*.newrelic.com https://*.nr-data.net https://*.hotjar.com https://*.adyen.com https://*.payments-amazon.com https://*.paypal.com https://*.google.com https://*.cdn-apple.com; img-src 'self' blob: data: https://*.citnow.com https://*.wp.com https://*.gravatar.com https://*.github.io https://*.google-analytics.com https://*.googletagmanager.com https://*.nr-data.net https://*.adyen.com https://*.media-amazon.com https://*.paypal.com https://*.gstatic.com https://*.cdn-apple.com https://*.hotjar.com; media-src 'self' blob: https://*.citnow.com; font-src 'self' data: https://*.citnow.com https://fonts.gstatic.com https://*.hotjar.com; connect-src 'self' https://*.citnow.com https://*.nr-data.net https://*.unleash-hosted.com https://*.google-analytics.com https://*.adyen.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; worker-src 'self' blob: https://*.citnow.com; frame-src 'self' https://*.citnow.com https://*.adyen.com https://pay.google.com https://*.hotjar.com https://*.web1on1.chat
date
Wed, 06 Mar 2024 20:31:31 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
38853
content-length
417
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
cache-status
"Netlify Edge"; hit
etag
"a501b23523bf39362dfc75692927e6e4-ssl"
x-frame-options
deny
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ulpFlags object| i18next function| i18nextHttpBackend number| versionNumber string| domain function| getValidLanguage string| validLanguage

6 Cookies

Domain/Path Name / Value
www.arnoldclarkcarpreview.com/dashboard/ Name: PHPSESSID_DASH
Value: 1qqjh7mia2qvnv54e7hmkjr377
auth.citnow.com/ Name: did
Value: s%3Av0%3A83e920d0-dbf8-11ee-83e5-cbb2bf845bd1.oue4XsnS%2BQDrqLFUMOp1TOiJHHfgDb3UQHtUty3rMZo
auth.citnow.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQJN3s6kkf_MFaCfAgLI_sEWhy5b9u0d1PfAXwDCi6HeU-qkqmBmpc4tfV7TiI6dyGDIqDJrrmNPKfdqgl7hUJO6mY29va2llg6dleHBpcmVz1_-nIaUAZezHIq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7INeR8VhT1mvY9ysr6QVM5wt8jRkKXb2%2Fv0NzVv51XU
auth.citnow.com/ Name: did_compat
Value: s%3Av0%3A83e920d0-dbf8-11ee-83e5-cbb2bf845bd1.oue4XsnS%2BQDrqLFUMOp1TOiJHHfgDb3UQHtUty3rMZo
auth.citnow.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQJN3s6kkf_MFaCfAgLI_sEWhy5b9u0d1PfAXwDCi6HeU-qkqmBmpc4tfV7TiI6dyGDIqDJrrmNPKfdqgl7hUJO6mY29va2llg6dleHBpcmVz1_-nIaUAZezHIq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7INeR8VhT1mvY9ysr6QVM5wt8jRkKXb2%2Fv0NzVv51XU
.auth.citnow.com/ Name: __cf_bm
Value: GHdHhGKElanuRzg0s1mh6T6V..RmBc38SwK8WuhHSl8-1709757090-1.0.1.1-NzC9FRrseQrJNgl.ZlgfawyrwXqFE0ZYbwg674vNXkbTiArXJ6_Kg5RRW0gQrkyG

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block