citimenus.com Open in urlscan Pro
64.130.1.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.citimenus.com/
Effective URL:
https://citimenus.com/
Submission: On March 24 via automatic, source certstream-suspicious (March 24th 2023, 9:44:54 am UTC) — Scanned from DE

Summary HTTP 84 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 84 HTTP transactions. The main IP is 64.130.1.157, located in United States and belongs to PAIR-NETWORKS, US. The main domain is citimenus.com.
TLS certificate: Issued by R3 on January 22nd 2023. Valid for: 3 months.

This is the only time citimenus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 26	64.130.1.157 64.130.1.157	7859 (PAIR-NETW...) (PAIR-NETWORKS)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
84	14

26 64.130.1.157 (United States) 2 redirects

ASN7859 (PAIR-NETWORKS, US)
PTR: cititour.com

www.citimenus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
citimenus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cititour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	419 KB
20	citimenus.com 2 redirects www.citimenus.com citimenus.com	139 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	96 KB
6	cititour.com cititour.com	126 KB
5	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	146 KB
2	gstatic.com p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com	3 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8820	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	607 B
1	google-analytics.com www.google-analytics.com Failed region1.google-analytics.com — Cisco Umbrella Rank: 2368	243 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	77 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 309 fonts.googleapis.com Failed	30 KB
0	singleplatform.co Failed menus.singleplatform.co Failed
84	13

	Domain	Requested by
19	citimenus.com	1 redirects citimenus.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	citimenus.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	cititour.com	citimenus.com
4	www.google.com	3 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	citimenus.com
1	ajax.googleapis.com	citimenus.com
1	www.citimenus.com	1 redirects
0	www.google-analytics.com Failed	citimenus.com
0	menus.singleplatform.co Failed	citimenus.com
0	fonts.googleapis.com Failed	citimenus.com
84	18

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
bigcityinteractive.com

Subject Issuer	Validity	Valid
citimenus.com R3	`2023-01-22` - `2023-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
cititour.com R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://citimenus.com/
Frame ID: 13659F8FAA0BD310466E266F32669839
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: 49C166615263DBD8177567F07B58C76C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088220&bpp=6&bdt=622&idt=167&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=8325310698348&frm=20&pv=2&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P3uejq4HKy&p=https%3A//citimenus.com&dtd=182
Frame ID: 845BF8CC4B5961DA352C10E0FED3D1E9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184
Frame ID: 5E82E9E4A66400AE97F9AB1F8D183A90
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651088&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088227&bpp=1&bdt=629&idt=185&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=J4innFXCFa&p=https%3A//citimenus.com&dtd=187
Frame ID: DE6829D4B8235A2776E6E23967E61E3D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&adk=1812271804&adf=3025194257&lmt=1679651088&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fcitimenus.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088242&bpp=1&bdt=644&idt=174&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=182
Frame ID: A81AEDA907435C012FFCFA0B6564D119
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3A3AC2DC876F88E457D1786B4F5E451D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 75B76AD86CB6DFDF10ECCF0777DF9D72
Requests: 2 HTTP requests in this frame

Frame: https://p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 3938798148C967290741B1F9C100C28B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js
Frame ID: 4B8D61E1A892D7607AFA9055EEA7401C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js
Frame ID: C119B0B7A3BCEBE9B95B6112329C40D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A2ABC16B7F5C924AAA9D8BCD94558F74
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js
Frame ID: 14A47F713BC7A54BC034E750F44162F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 97C3B245899FEFE3E1F8E7AC5BC51D4A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A2CB905DCBB2A905559A281E627FD5EF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citimenus Guide to NYC Restaurants, Menus and Reviews

Page URL History Show full URLs

https://www.citimenus.com/ HTTP 301
http://citimenus.com/ HTTP 301
https://citimenus.com/ Page URL

Detected technologies

DreamWeaver (Editors) Expand

Overall confidence: 100%
Detected patterns

<!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

94 %
HTTPS

85 %
IPv6

13
Domains

18
Subdomains

14
IPs

2
Countries

1038 kB
Transfer

2276 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/Cititourcom

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/Cititourcom/111674692238151

Search URL Search Domain Scan URL

URL: http://bigcityinteractive.com/
Title: BigCityInteractive.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.citimenus.com/ HTTP 301
http://citimenus.com/ HTTP 301
https://citimenus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

84 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
citimenus.com/
Redirect Chain

https://www.citimenus.com/
http://citimenus.com/
https://citimenus.com/

13 KB
13 KB

896ms
682ms

Document
text/html

64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: cfe1c1e71e93322c61cc6e92b0a860b65e2f53f332c19d4d10b23e89cb5d6d8e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Mar 2023 09:44:46 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 24 Mar 2023 09:44:46 GMT
Keep-Alive: timeout=5, max=100
Location: https://citimenus.com/
Server: Apache

GET
H/1.1 200
OK styles.css
citimenus.com/ 320 B
587 B 206ms
105ms Stylesheet
text/css 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/styles.css
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 0bb57a7dae3ec88ad24c1a771e66fb23056b2ba93a0eb2328969bef8fa781519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:47 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:21 GMT
Server: Apache
ETag: "140-54ce6ffc76540"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 320

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 84 KB
30 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

Requested by

Host: citimenus.com
URL: https://citimenus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 14:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30082
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:17:45 GMT

GET
H/1.1 200
OK jquery.colorbox-min.js Show response
citimenus.com/assets/colorbox/ 10 KB
10 KB 318ms
106ms Script
application/javascript 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/colorbox/jquery.colorbox-min.js
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 55ee2aac76aa092bf492b175a401dc5a4af09ef0ef5b4960e61d41a5f48cb6df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:47 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:55 GMT
Server: Apache
ETag: "2659-54ce6fe3aaac0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9817

GET
H/1.1 200
OK colorbox.css
citimenus.com/assets/colorbox/ 5 KB
5 KB 311ms
105ms Stylesheet
text/css 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/colorbox/colorbox.css
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: f2eb50d183cf0b187b1b316220c2e72dcf11dc2497ecdc56f781f992780ea9b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:47 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:50 GMT
Server: Apache
ETag: "1347-54ce6fdee5f80"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4935

GET
H/1.1 200
OK common.js Show response
citimenus.com/assets/js/ 6 KB
6 KB 318ms
106ms Script
application/javascript 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/js/common.js
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: d60f865a23a53565dd30dd074e47a311462849db1f3634b985a63d2491f32e83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:47 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:09 GMT
Server: Apache
ETag: "1815-54ce6ff104a40"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6165

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 47ms
26ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0RT3E9C7BG

Requested by

Host: citimenus.com
URL: https://citimenus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8b2ca11be9bb961dcfec7e35b2687dec11d6f9e8f6c2dcf115b0e988e443457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Mar 2023 09:44:47 GMT

GET
H/1.1 200
OK twitter_16x16.png
citimenus.com/assets/img/icons/ 603 B
871 B 105ms
105ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/icons/twitter_16x16.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 77af687b0495d737cb9c18a7c48a37d6a5f626eb6ba8d4c276d013cb9de6a595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:08 GMT
Server: Apache
ETag: "25b-54ce6ff010800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 603

GET
H/1.1 200
OK facebook_16x16.png
citimenus.com/assets/img/icons/ 578 B
846 B 105ms
105ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/icons/facebook_16x16.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 65b4ad06f5fcd3dbdff65ce137a22f1384cef41c53a499edd6ce0974ac972d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:08 GMT
Server: Apache
ETag: "242-54ce6ff010800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 578

GET
H/1.1 200
OK email.png
citimenus.com/assets/img/icons/ 641 B
909 B 113ms
112ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/icons/email.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: a24928edf1879f7e3ca1e6b8213f12a7b8d229d1a134a5413299c86b31d53552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:08 GMT
Server: Apache
ETag: "281-54ce6ff010800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 641

GET
H/1.1 200
OK cm_logo.png
citimenus.com/assets/img/ 15 KB
15 KB 106ms
105ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/cm_logo.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 30caef1568bffd6c686cc89301d4a3184746795f632421c8644ba182a095493e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:06 GMT
Server: Apache
ETag: "3a40-54ce6fee28380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 14912

GET
H/1.1 200
OK 18766_8282,%20Korean,%20LES,%20NYC,%20Food%20x.jpg
cititour.com/NYC_Restaurants/logos/ 16 KB
16 KB 1324ms
106ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/18766_8282,%20Korean,%20LES,%20NYC,%20Food%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 251377000ff77eab8584234645847dba5064b1bd5e391e7ac16512409e5b2a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:49 GMT
Last-Modified: Wed, 26 Oct 2022 01:06:06 GMT
Server: Apache
ETag: "3f8d-5ebe5a116b883"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16269

GET
H/1.1 200
OK 18748_Ainslee%20to%20Open%20on%20the%20Bowery,%20NYC%20x.jpg
cititour.com/NYC_Restaurants/logos/ 27 KB
27 KB 1325ms
107ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/18748_Ainslee%20to%20Open%20on%20the%20Bowery,%20NYC%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: c8b523b0a9245f8184f616b0d2f69c5108feac77543af1be9d5cc85d1a76325a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:49 GMT
Last-Modified: Mon, 26 Sep 2022 23:35:17 GMT
Server: Apache
ETag: "6aad-5e99cfaf13f00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27309

GET
H/1.1 200
OK 18747_Masalawala,%20Indian,%20Brooklyn,%20NYC,%20Interior%20x.jpg
cititour.com/NYC_Restaurants/logos/ 22 KB
22 KB 1325ms
106ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/18747_Masalawala,%20Indian,%20Brooklyn,%20NYC,%20Interior%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 290fb4c8234674a64208892256046f0e99913ede12244cb18cf3b5c61443af8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:49 GMT
Last-Modified: Fri, 23 Sep 2022 22:59:47 GMT
Server: Apache
ETag: "562c-5e960226bb149"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22060

GET
H/1.1 200
OK 18767_Ferdi,%20Italian,%20West%20Village,%20NYC%20x.jpg
cititour.com/NYC_Restaurants/logos/ 21 KB
21 KB 1326ms
108ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/18767_Ferdi,%20Italian,%20West%20Village,%20NYC%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 1917b63546261205a90bcd1b4038e60613b00017d7803dfb37f607c5addf0b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:49 GMT
Last-Modified: Wed, 26 Oct 2022 18:47:21 GMT
Server: Apache
ETag: "52ab-5ebf4746ce470"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21163

GET
H/1.1 200
OK 2769_Porter%20House%20Restaurant,%20NYC,%20Cocktail%20x.jpg
cititour.com/NYC_Restaurants/logos/ 19 KB
19 KB 1326ms
107ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/2769_Porter%20House%20Restaurant,%20NYC,%20Cocktail%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 53a7c284fe5d6deabacb311facb25d04c8a8a2d38d72d090ced47444d6c4dc54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:49 GMT
Last-Modified: Wed, 26 Oct 2022 02:25:42 GMT
Server: Apache
ETag: "4bee-5ebe6bdcdbeef"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19438

GET
H/1.1 200
OK 17448_Ten%20Hope%20Restaurant,%20Mediterranean,%20Williamsburg,%20Brooklyn,%20NYC,%202x.jpg
cititour.com/NYC_Restaurants/logos/ 20 KB
21 KB 1327ms
109ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/17448_Ten%20Hope%20Restaurant,%20Mediterranean,%20Williamsburg,%20Brooklyn,%20NYC,%202x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 67c637f7ca18f85c2fd2b024d1c5f5bde6d43b70ca463c4d98398ca3cd83b2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:49 GMT
Last-Modified: Fri, 18 Oct 2019 21:58:04 GMT
Server: Apache
ETag: "5174-595366dad8218"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20852

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 130ms
102ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: citimenus.com
URL: https://citimenus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8225cbe0eb21802e0e65beb69259ee57a3fd1a4140cc08e20a3af756b5adc13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48849
x-xss-protection: 0
server: cafe
etag: 16249137468825376512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:48 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H/1.1 200
OK reset.css
citimenus.com/assets/css/ 1 KB
2 KB 109ms
105ms Stylesheet
text/css 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/css/reset.css
Requested by: Host: citimenus.com
URL: https://citimenus.com/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 4a0531ef5d293bf3a5efa038c52d65208428c5af379293f11f634d402cc654e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:47 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:57 GMT
Server: Apache
ETag: "53b-54ce6fe592f40"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1339

GET
H/1.1 200
OK global.css
citimenus.com/assets/css/ 14 KB
14 KB 110ms
106ms Stylesheet
text/css 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/css/global.css
Requested by: Host: citimenus.com
URL: https://citimenus.com/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 48c8f97c55ba839dce32a57fcd2aee6b53eace35a30cbe98f07fbdfe693c2803

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:47 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:56 GMT
Server: Apache
ETag: "3657-54ce6fe49ed00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13911

GET jsload
menus.singleplatform.co/ 0
0

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET urchin.js
www.google-analytics.com/ 0
0

GET
H/1.1 200
OK cm_navglow_light.png
citimenus.com/assets/img/ 1 KB
2 KB 153ms
153ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/cm_navglow_light.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/css/global.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: e13ab54f438f15cda9abbf6f162626bceb841f53b968eed0863363ed3c678c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:06 GMT
Server: Apache
ETag: "555-54ce6fee28380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1365

GET
H/1.1 200
OK cm_notch.png
citimenus.com/assets/img/ 3 KB
3 KB 157ms
105ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/cm_notch.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/css/global.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 2ea7d471f3d72659aef2e46f49dc428592ac46212bb8c1ec68cbd6ea0ac950a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:07 GMT
Server: Apache
ETag: "b12-54ce6fef1c5c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2834

GET
H/1.1 200
OK museo_slab_300-webfont.ttf
citimenus.com/assets/fonts/ 54 KB
54 KB 115ms
115ms Font
application/x-font-ttf 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/fonts/museo_slab_300-webfont.ttf
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/css/global.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 8e30476ee03f027b7073c5b27f718a2a62da2914768867a1f1499c54975fd5c0

Request headers

Referer: https://citimenus.com/assets/css/global.css
Origin: https://citimenus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:59 GMT
Server: Apache
ETag: "d7b0-54ce6fe77b3c0"
Content-Type: application/x-font-ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 55216

GET
H/1.1 200
OK controls.png
citimenus.com/assets/colorbox/images/ 1 KB
1 KB 246ms
176ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/colorbox/images/controls.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/colorbox/colorbox.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 34c01d510e0bc7481ac8ff885b7b8db5f8a024b62e8b99eaffea565503255cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/colorbox/colorbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:52 GMT
Server: Apache
ETag: "4e1-54ce6fe0ce400"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1249

GET
H/1.1 200
OK border.png
citimenus.com/assets/colorbox/images/ 112 B
379 B 245ms
163ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/colorbox/images/border.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/colorbox/colorbox.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 11bd83f6446a1b41b0d88ddb2e271fcc9912b210d77f40e34e5e31e1a9af174a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/colorbox/colorbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:51 GMT
Server: Apache
ETag: "70-54ce6fdfda1c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 112

GET
H/1.1 200
OK loading_background.png
citimenus.com/assets/colorbox/images/ 157 B
424 B 246ms
169ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/colorbox/images/loading_background.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/colorbox/colorbox.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 959eccc6b71befee67657392e7f22be26cab408483657fb32a218fed6ffe016b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/colorbox/colorbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:55 GMT
Server: Apache
ETag: "9d-54ce6fe3aaac0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 157

GET
H/1.1 200
OK loading.gif
citimenus.com/assets/colorbox/images/ 9 KB
9 KB 247ms
105ms Image
image/gif 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/colorbox/images/loading.gif
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/colorbox/colorbox.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 34ef55242fc24c94f0790902c09601d228e9074bf7a1f88c4de6a39b40ce38fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/colorbox/colorbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:54 GMT
Server: Apache
ETag: "24d3-54ce6fe2b6880"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9427

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0RT3E9C7BG&gtm=45je33m0&_p=335502157&cid=779335260.1679651088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679651088&sct=1&seg=0&dl=https%3A%2F%2Fcitimenus.com%2F&dt=Citimenus%20Guide%20to%20NYC%20Restaurants%2C%20Menus%20and%20Reviews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0RT3E9C7BG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:44:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citimenus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 350 KB
117 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=pub-0331841528289462&plah=citimenus.com&bust=31073311

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3defc12c29dde1b0e2ac9c8fe72fe9081d94289cf7ca367e0f89f1e81d2292f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119750
x-xss-protection: 0
server: cafe
etag: 5790903937420872536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame 49C1 10 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:09:01 GMT
etag: 2378337311435320485
expires: Fri, 07 Apr 2023 09:09:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 49ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=citimenus.com&callback=_gfp_s_&client=pub-0331841528289462

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=pub-0331841528289462&plah=citimenus.com&bust=31073311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c66f3a0d6d791e6e00f786a5d058bc852c5d8e58f1b78f8e02a81c0db3b7e7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 49ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=citimenus.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=citimenus.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 845B 74 KB
30 KB 645ms
644ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088220&bpp=6&bdt=622&idt=167&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=8325310698348&frm=20&pv=2&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P3uejq4HKy&p=https%3A//citimenus.com&dtd=182

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af5dc45388ecb2c62933d4af2232f04285b6469974f852a99245346ccbc8b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30108
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E82 75 KB
30 KB 809ms
808ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f07abf0f49d355685693a867ee88ebe180a8d87de08e9ca5931dddc99074a333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30442
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE68 77 KB
31 KB 482ms
481ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651088&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088227&bpp=1&bdt=629&idt=185&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=J4innFXCFa&p=https%3A//citimenus.com&dtd=187

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8daa367b4b1a136468987e28a017a871c8a98cc5fdd6a43644ca86475e8f0378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31794
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:48 GMT
expires: Fri, 24 Mar 2023 09:44:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A81A 0
19 B 165ms
165ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&adk=1812271804&adf=3025194257&lmt=1679651088&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fcitimenus.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088242&bpp=1&bdt=644&idt=174&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:48 GMT
expires: Fri, 24 Mar 2023 09:44:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 16541800534822951648
tpc.googlesyndication.com/daca_images/simgad/ Frame DE68 13 KB
13 KB 39ms
11ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16541800534822951648

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651088&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088227&bpp=1&bdt=629&idt=185&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=J4innFXCFa&p=https%3A//citimenus.com&dtd=187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9b36bb02a4076c313815c6edf8e64cf98c1becc09f20cf8212747baa41bcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:08:00 GMT
x-content-type-options: nosniff
age: 142608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12943
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 14:01:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:08:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame DE68 22 KB
9 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame DE68 3 KB
1 KB 30ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame DE68 20 KB
9 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE68 158 KB
49 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame DE68 34 KB
14 KB 32ms
12ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 12056988738142335449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:40:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3A3A 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651088&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088227&bpp=1&bdt=629&idt=185&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=J4innFXCFa&p=https%3A//citimenus.com&dtd=187
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 08:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DE68 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b2102b3831d0b663040c098226d8d656ff44a3915800b5004c195b2ab18ef77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3A3A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

15ms
15ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DE68 0
23 B 50ms
50ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWCbXEHEdZNuvHYK9hAaq2aPoD43ji79vxoaUkrkQh7KF0pQOEAEgvaH0AWCV4pCCoAegAcv48eYCyAECqAMByAPJBKoE6AFP0B9gn4nJbUc8tp0FQYfVPUVh6yHo4jlOLXtYGnnmgO_WKCAaPHJxISCbENGeO5eEYwResC_B4C3x-ACkJtVksEfFULYIgpX3E12WH8Mf82QtGxuKJrMkEH0gxnBpb62HF3y_S1grwuo7tSc-8PPiytyE7k3wGUB96y_mHUjtOfCwlv8eY9IbOejDYjcaUo49zqTGZmHT9MRF8K8ksg14DBRMddp_dibnFhx1YJn2pzKcc0BXzHjx9uvCuWcbNXf04_mues5Dnpy2ALypYofVtGLFNBmme7SslErRld4F7PENkqMine1FwATOsOvulQSSBQQIBBgBkgUECAUYBKAGAoAHnYeOmQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDAox_SCBEIgOGAEBABGF8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0wMzMxODQxNTI4Mjg5NDYyGAA&sigh=RWNBZ14s9gY&uach_m=[UACH]&cid=CAQSGwDUE5ym-Non0ubbBwWIM_cLPomautP2P90-hBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651088&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088227&bpp=1&bdt=629&idt=185&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=J4innFXCFa&p=https%3A//citimenus.com&dtd=187
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 09:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H2 200 9659181513832981179
tpc.googlesyndication.com/daca_images/simgad/ Frame 845B 12 KB
13 KB 8ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9659181513832981179

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088220&bpp=6&bdt=622&idt=167&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=8325310698348&frm=20&pv=2&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P3uejq4HKy&p=https%3A//citimenus.com&dtd=182

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3090370d287de6cfa1e906f64ca4bb524ebdc1784edece26182e9ad9ef2acf9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 10:06:04 GMT
x-content-type-options: nosniff
age: 171525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12727
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 18:26:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 10:06:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 845B 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 845B 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 845B 20 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 845B 158 KB
49 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 845B 34 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 12056988738142335449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:40:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 845B 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbXLNEHEdZIHWGeyJ9fgP_NCDGI3ji79v7oaUkrkQh7KF0pQOEAEgvaH0AWCV4pCCoAegAcv48eYCyAECqAMByAPJBKoE7AFP0N8Zc4MHXWel3TNC1x0Lj2wUs3kFIhN1ihaSjCqaiuaL8wq6og8tnse_R5p-AtWB0M7YBz7qGj_IamtXk_3NhXFS3IVd5x7y-dJ40q4ogyydS9qLt1a3KDK6j4X1m8jawAYLujTCEosSdG5Um5--0z5WEkLEMwsOUtHWGNPAzraXbA7vAN3iXkN21atIHMiz_dr4hNKmfSnndk5Qf-Jr5OW3yEuZVbTVW2o70HNxTBdr4RI9EswzNgIRbde7T0XTpgg98B69dmGBE4to7TdP1sBqgTFv_s8fP2LQihMjbpcPtClT4iuMo-MelMAEzrDr7pUEkgUECAQYAZIFBAgFGASgBgKAB52HjpkBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-qUu0ggRCIDhgBAQARhfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMDMzMTg0MTUyODI4OTQ2MhgA&sigh=XdDf8StkeIM&uach_m=[UACH]&cid=CAQSGwDUE5ymfZrrYF8VgHVxTf8Ol2ZoVDALhF4roxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088220&bpp=6&bdt=622&idt=167&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=8325310698348&frm=20&pv=2&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P3uejq4HKy&p=https%3A//citimenus.com&dtd=182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 09:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75B7 143 B
166 B 8ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088220&bpp=6&bdt=622&idt=167&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=8325310698348&frm=20&pv=2&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P3uejq4HKy&p=https%3A//citimenus.com&dtd=182
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 08:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3938 247 B
871 B 93ms
22ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

ec9505ad76f6faddf6a75d227bf01a468e08160deaf179129c47b887991eca51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 206
content-security-policy-report-only: script-src 'nonce-v3_ksOC9h6KSkuX11QV0GA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 845B 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d52923273fe0082fd193bea2469e145f2008183f36c4c139c917f45b63d25052

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B8D 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 09:42:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75B7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
18ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3938 5 KB
2 KB 22ms
22ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

36ce9a3eaab62a16067c5cc475fd72b71f99747b9ac5b3b9a16406ce4c16dd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-OUTWGhGFIwHMqa6w36aAGg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js Show response
pagead2.googlesyndication.com/bg/ Frame C119 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 09:42:37 GMT

GET
H3 200 3552030442047011578
tpc.googlesyndication.com/simgad/ Frame 5E82 53 KB
53 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3552030442047011578?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkvGf2ckBxP-jNgrRPgMp_73jrIdQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c8e2f2c84102e0220f49c2b49d4510d84b1afb4bf8ad4c857a7c66c560e8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 10:06:00 GMT
x-content-type-options: nosniff
age: 171529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53791
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 06:20:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 10:06:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 5E82 22 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5E82 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5E82 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:18:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E82 158 KB
48 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5E82 34 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 12056988738142335449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:40:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5E82 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8aKoEHEdZJaTGvCD9fgP7PS3-And_ovXb9W3r9rpENrZHhABIL2h9AFgleKQgqAHoAGHg7_3A8gBAqgDAcgDyQSqBOsBT9BEjfvYZgwpbPyLs0wzsCe7LLuDY7mPz0Xer56YLPFrvN1LEdXsjyP5eDFbnhLSCN_9kETKFBtCkj-UGnQVi-JRZNhROqFSg-SahBxAxV5tp3-1IsI8W-c7pR9p2XCN_X723PN4ScRhwf_hk7VMrloQm6wUZrgt-ekC1jYM6I8tgFchMpwRv_iEweWNyaPzgzvLOHOJuc_ftji5koc6JoSC4EIjKgsaxb1PDlKVw-pEcQQkixpTn5azjwe4PzFh0Dy3bNZdB0JPWgmt2V5Ov2Zdn9X9A0LxmP2sRkV4qwczgAVhBCUfZrxELsAEpMHowJgEkgUECAQYAZIFBAgFGASgBgKAB6a7_oUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqeAQ0ggRCIDhgBAQARhfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMDMzMTg0MTUyODI4OTQ2MhgA&sigh=AkMB6LymK9A&uach_m=[UACH]&cid=CAQSGwDUE5ymue9hYNOY0b1D5TBdRFaBwsxe-DSMrRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 09:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A2AB 143 B
166 B 9ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 08:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5E82 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a2c3969e1c2277288bcc6e62f2b08489ba45ac687493c0ba54d335c9201c06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A2AB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
16ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js Show response
pagead2.googlesyndication.com/bg/ Frame 14A4 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651088&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088226&bpp=1&bdt=627&idt=182&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=8325310698348&frm=20&pv=1&ga_vid=779335260.1679651088&ga_sid=1679651088&ga_hid=335502157&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C42532090%2C31073311&oid=2&pvsid=3041489559678223&tmod=409017673&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=d3VTiOfDFE&p=https%3A//citimenus.com&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 09:42:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 69ms
54ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc9f8ec30848c16ed4317a5803b1b0a7fc06666e40fd1bd975ae12f108ac9951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11336
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 97C3 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:01:31 GMT
expires: Sat, 23 Mar 2024 09:01:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A2CB 783 B
535 B 17ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba007de22442fb2ba249301c13c86902acb78b0d009bb17e3b6e4febebc9dee5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GaMsQNMCIG6DSGrSSYwFTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-GaMsQNMCIG6DSGrSSYwFTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js Show response
pagead2.googlesyndication.com/bg/ Frame 97C3 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 09:42:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A2CB 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230322&jk=3041489559678223&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 97C3 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QVIyIg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 845B 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIEtcg20Szx7G6_JxoJYAO16C2VO1CLxqDn_Q5sMVaiy-3nBuLYK1njQVzsd_sygUBj3CMPU44TIaXRWlWMXVFoZFXz2oBHp34_J2VqyA2S2x-u8ByEU5w123yznTks23Bw8sVfA&sai=AMfl-YR7NIW-tBb_3uJ59TJOby4aghg183dShh40VWVm9oslZD83d4f27JlKO6_O02eCKnTxPQgClHjwRJK0&sig=Cg0ArKJSzPvkRJnpVFogEAE&cid=CAQSGwDUE5ymfZrrYF8VgHVxTf8Ol2ZoVDALhF4roxgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3344809801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679651088404&rpt=717&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:44:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230322&jk=3041489559678223&bg=!VFelVwPNAAbO2UOH7tk7ADkAdvg8WmtmSndmhmHhesyB0tFKIbJq_m6cXAPK6FhapJfLy4i4m5kdprcROuzoHzFdNm_PjMr097gCAAAARFIAAAAJaAEHmQKjcJnOfOgkIbMo-lk2aJkmOQye5wjEBNLScP_XIv0RtmCSX-E7QWP_qm196i_x38jrNf5gguHbMb-5S__GeDBZeIUr1idwKZydpRQIAeriIxXj9Eu-8OiCyjggRExpirHBUhum-_vOVxTBfYN6fS8KgxgIlCBfDuh8w1SYvehRhM_LJH5eK282k1pFamw2j8Mw0XBVNAznLzZ0WwH52xblTLpY5RokR9uoJOHcVIV52Ko46yRlq5b6FwX_5KSlEho3ONGDWETbxnK3nkRFhTtF7Hl_Bezwk-lzjhUmN12coAOHBcxzTbJKsrn3IpdiluXA8r-w0aW02jxtt1p7XyF8XmyHV5s7pYxSKsT5QFmGXhMlOnamgyOM3y3u24VYEe7iYddyLXlBBhyDNWgAOwuwkAGi-UAst4U2b2hRkqXkLGuCyPVoCmh0qYAmUbCczbjjzNcZvxB_xLJWx_UiYthRnRBu6siJu-HVVQHUyAbjYTBjKpAuhc5y7Fhh-ZxhQOLkvOcMxu7RsJfofT6qSGY9doAt7BATrjdaB2SPGLzz5t77_ghRpU6aK-RFrcAx5lxYXcXXmvLLFT-BXCEWMS4FoUXwopMf3CwLRWSpLwDwja2WxT64i_zArzaB0okLmVKYd40WrpfR7n-ifLLesi7TWjAbGgPrjuLrjFOKckbQw6PGu9SmOKMr0xqTO0tJtzvwUZEiIqmP_wkl9VKgyO29aiEphbFfBUUGu7-5JU-5wbjIxUlB3_zJ3X2aJ3B14_Gqrw3cwpwFbS64joEmC8nhVlYVBbM4qcIzcUOTNWEpAsrYzobnyUs8o2hsrac1nP60p1FzRSN7f_gyTSi2tazHidPNfFNElmynLdIssUoMvBUmV_rbHn-XvVBaO07_ROUTWGAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E82 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1ADAMrGaixmrs1V1hEG9Jj_SEieHjOiwULx8sJLiZ-IaHIEzyvxNG954p8GiJcS78KOC2npnvz-G2rzyDYpbBf1gfmta59ysNGoMa2ouGQbgLSj_zqHWy2W--YbS8y_zMAm1gSw&sai=AMfl-YTftYchK5Yf2gCRKZs6V8SvzlrVOvuPjDnQRFqwb7KZJJOquBfDFoSqsG4AdvH5sbrjqLTOX7hzY4Zb&sig=Cg0ArKJSzFZ5o1h9vQ2KEAE&cid=CAQSGwDUE5ymue9hYNOY0b1D5TBdRFaBwsxe-DSMrRgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3266976500&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679651088411&rpt=958&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:44:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Serif:regular,italic,bold,bolditalic

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Cabin:bold

Domain: menus.singleplatform.co
URL: http://menus.singleplatform.co/jsload?load=menus.2&apiKey=kaoz5mhlv7wxhbghyvbcozq1b

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/urchin.js

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citimenus.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: m48ja28h3kul1afi1jvnkfpfb1
.citimenus.com/	1970-01-20 20:10:11	Name: _ga_0RT3E9C7BG Value: GS1.1.1679651088.1.0.1679651088.0.0.0
.citimenus.com/	1970-01-20 20:10:11	Name: _ga Value: GA1.1.779335260.1679651088
.citimenus.com/	1970-01-20 19:55:47	Name: __gads Value: ID=4477f2eaf6733eeb-221b3bc3dfde006a:T=1679651088:RT=1679651088:S=ALNI_MbqmbjZYPC4fX8qsz7-nKOqTukmKA
.citimenus.com/	1970-01-20 19:55:47	Name: __gpi Value: UID=00000bcb3364bb67:T=1679651088:RT=1679651088:S=ALNI_MaUuhm7tMwXoo5SdXPZNZ0VL2NSFQ
.doubleclick.net/	1970-01-20 10:34:14	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 19:55:47	Name: IDE Value: AHWqTUm5QQD91usAqhlJpoYzqWmA4UMGN0OWXAmiDQlV98-zJISJmVPMC5HMwVRw2s0
.doubleclick.net/	1970-01-20 10:34:11	Name: test_cookie Value: CheckForPermission

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18766_8282,%20Korean,%20LES,%20NYC,%20Food%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18748_Ainslee%20to%20Open%20on%20the%20Bowery,%20NYC%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18747_Masalawala,%20Indian,%20Brooklyn,%20NYC,%20Interior%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18767_Ferdi,%20Italian,%20West%20Village,%20NYC%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/2769_Porter%20House%20Restaurant,%20NYC,%20Cocktail%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/17448_Ten%20Hope%20Restaurant,%20Mediterranean,%20Williamsburg,%20Brooklyn,%20NYC,%202x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Droid+Serif:regular,italic,bold,bolditalic'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Cabin:bold'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure script 'http://menus.singleplatform.co/jsload?load=menus.2&apiKey=kaoz5mhlv7wxhbghyvbcozq1b'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18766_8282,%20Korean,%20LES,%20NYC,%20Food%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18748_Ainslee%20to%20Open%20on%20the%20Bowery,%20NYC%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18747_Masalawala,%20Indian,%20Brooklyn,%20NYC,%20Interior%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18767_Ferdi,%20Italian,%20West%20Village,%20NYC%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/2769_Porter%20House%20Restaurant,%20NYC,%20Cocktail%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/17448_Ten%20Hope%20Restaurant,%20Mediterranean,%20Williamsburg,%20Brooklyn,%20NYC,%202x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure script 'http://www.google-analytics.com/urchin.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
citimenus.com
cititour.com
fonts.googleapis.com
googleads.g.doubleclick.net
menus.singleplatform.co
p4-h2wm2n4k6664m-tsnqjqlcghgxf66z-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.citimenus.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
fonts.googleapis.com
menus.singleplatform.co
pagead2.googlesyndication.com
www.google-analytics.com
142.250.186.99
2001:4860:4802:32::36
2a00:1450:4001:803::2008
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
64.130.1.157
0bb57a7dae3ec88ad24c1a771e66fb23056b2ba93a0eb2328969bef8fa781519
10a2c3969e1c2277288bcc6e62f2b08489ba45ac687493c0ba54d335c9201c06
11bd83f6446a1b41b0d88ddb2e271fcc9912b210d77f40e34e5e31e1a9af174a
15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf
164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1917b63546261205a90bcd1b4038e60613b00017d7803dfb37f607c5addf0b0d
1b2102b3831d0b663040c098226d8d656ff44a3915800b5004c195b2ab18ef77
251377000ff77eab8584234645847dba5064b1bd5e391e7ac16512409e5b2a73
290fb4c8234674a64208892256046f0e99913ede12244cb18cf3b5c61443af8c
2ea7d471f3d72659aef2e46f49dc428592ac46212bb8c1ec68cbd6ea0ac950a8
3090370d287de6cfa1e906f64ca4bb524ebdc1784edece26182e9ad9ef2acf9c
30caef1568bffd6c686cc89301d4a3184746795f632421c8644ba182a095493e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34c01d510e0bc7481ac8ff885b7b8db5f8a024b62e8b99eaffea565503255cc2
34ef55242fc24c94f0790902c09601d228e9074bf7a1f88c4de6a39b40ce38fa
36ce9a3eaab62a16067c5cc475fd72b71f99747b9ac5b3b9a16406ce4c16dd8b
3defc12c29dde1b0e2ac9c8fe72fe9081d94289cf7ca367e0f89f1e81d2292f2
48c8f97c55ba839dce32a57fcd2aee6b53eace35a30cbe98f07fbdfe693c2803
4a0531ef5d293bf3a5efa038c52d65208428c5af379293f11f634d402cc654e7
53a7c284fe5d6deabacb311facb25d04c8a8a2d38d72d090ced47444d6c4dc54
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee2aac76aa092bf492b175a401dc5a4af09ef0ef5b4960e61d41a5f48cb6df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b4ad06f5fcd3dbdff65ce137a22f1384cef41c53a499edd6ce0974ac972d83
67c637f7ca18f85c2fd2b024d1c5f5bde6d43b70ca463c4d98398ca3cd83b2eb
77af687b0495d737cb9c18a7c48a37d6a5f626eb6ba8d4c276d013cb9de6a595
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
8225cbe0eb21802e0e65beb69259ee57a3fd1a4140cc08e20a3af756b5adc13f
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
8daa367b4b1a136468987e28a017a871c8a98cc5fdd6a43644ca86475e8f0378
8e30476ee03f027b7073c5b27f718a2a62da2914768867a1f1499c54975fd5c0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
959eccc6b71befee67657392e7f22be26cab408483657fb32a218fed6ffe016b
a24928edf1879f7e3ca1e6b8213f12a7b8d229d1a134a5413299c86b31d53552
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8b2ca11be9bb961dcfec7e35b2687dec11d6f9e8f6c2dcf115b0e988e443457
ad9b36bb02a4076c313815c6edf8e64cf98c1becc09f20cf8212747baa41bcf2
af5dc45388ecb2c62933d4af2232f04285b6469974f852a99245346ccbc8b1a8
ba007de22442fb2ba249301c13c86902acb78b0d009bb17e3b6e4febebc9dee5
c66f3a0d6d791e6e00f786a5d058bc852c5d8e58f1b78f8e02a81c0db3b7e7fd
c8b523b0a9245f8184f616b0d2f69c5108feac77543af1be9d5cc85d1a76325a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc9f8ec30848c16ed4317a5803b1b0a7fc06666e40fd1bd975ae12f108ac9951
cfe1c1e71e93322c61cc6e92b0a860b65e2f53f332c19d4d10b23e89cb5d6d8e
d52923273fe0082fd193bea2469e145f2008183f36c4c139c917f45b63d25052
d60f865a23a53565dd30dd074e47a311462849db1f3634b985a63d2491f32e83
e13ab54f438f15cda9abbf6f162626bceb841f53b968eed0863363ed3c678c86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9505ad76f6faddf6a75d227bf01a468e08160deaf179129c47b887991eca51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07abf0f49d355685693a867ee88ebe180a8d87de08e9ca5931dddc99074a333
f2eb50d183cf0b187b1b316220c2e72dcf11dc2497ecdc56f781f992780ea9b8
f7c8e2f2c84102e0220f49c2b49d4510d84b1afb4bf8ad4c857a7c66c560e8d1
fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

citimenus.com Open in urlscan Pro 64.130.1.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

94 %HTTPS

85 %IPv6

13 Domains

18 Subdomains

14 IPs

2 Countries

1038 kBTransfer

2276 kBSize

8 Cookies

3 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

citimenus.com Open in urlscan Pro
64.130.1.157 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

94 %
HTTPS

85 %
IPv6

13
Domains

18
Subdomains

14
IPs

2
Countries

1038 kB
Transfer

2276 kB
Size

8
Cookies

84 HTTP transactions
3 data transactions