citimenus.com Open in urlscan Pro
64.130.1.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.citimenus.com/
Effective URL:
https://citimenus.com/
Submission: On March 24 via automatic, source certstream-suspicious (March 24th 2023, 9:44:53 am UTC) — Scanned from DE

Summary HTTP 84 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 84 HTTP transactions. The main IP is 64.130.1.157, located in United States and belongs to PAIR-NETWORKS, US. The main domain is citimenus.com.
TLS certificate: Issued by R3 on January 22nd 2023. Valid for: 3 months.

This is the only time citimenus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 26	64.130.1.157 64.130.1.157	7859 (PAIR-NETW...) (PAIR-NETWORKS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
84	13

26 64.130.1.157 (United States) 2 redirects

ASN7859 (PAIR-NETWORKS, US)
PTR: cititour.com

www.citimenus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
citimenus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cititour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	398 KB
20	citimenus.com 2 redirects www.citimenus.com citimenus.com	139 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	94 KB
6	cititour.com cititour.com	126 KB
5	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	146 KB
2	gstatic.com p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com	3 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8820	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	607 B
1	google-analytics.com www.google-analytics.com Failed region1.google-analytics.com — Cisco Umbrella Rank: 2368	252 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	77 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 309 fonts.googleapis.com Failed	85 KB
0	singleplatform.co Failed menus.singleplatform.co Failed
84	13

	Domain	Requested by
19	citimenus.com	1 redirects citimenus.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	citimenus.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	cititour.com	citimenus.com
4	www.google.com	3 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	citimenus.com
1	ajax.googleapis.com	citimenus.com
1	www.citimenus.com	1 redirects
0	www.google-analytics.com Failed	citimenus.com
0	menus.singleplatform.co Failed	citimenus.com
0	fonts.googleapis.com Failed	citimenus.com
84	18

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
bigcityinteractive.com

Subject Issuer	Validity	Valid
citimenus.com R3	`2023-01-22` - `2023-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
cititour.com R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://citimenus.com/
Frame ID: 6E8BB36C0F9F10750C8A1B5D87A5CD33
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: 49EB6D35D5518BF496BBB7029F2C6D91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088852&bpp=4&bdt=921&idt=232&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&correlator=5545534332500&frm=20&pv=2&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iFJsR1F3ng&p=https%3A//citimenus.com&dtd=256
Frame ID: 818D1D5B59C2C7BA96416C17E98104B5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265
Frame ID: 50A75559A5D096734D9555014ADC19FC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651089&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088857&bpp=1&bdt=927&idt=267&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MJG6LkSr2G&p=https%3A//citimenus.com&dtd=270
Frame ID: DC5279C0F2D66C5E9CB7B41C2D534D14
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&adk=1812271804&adf=3025194257&lmt=1679651089&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fcitimenus.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088879&bpp=2&bdt=948&idt=253&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=269
Frame ID: B8C29D81585B4FD7CC8E7BC0525901CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6DAAD7CB918EED7C776661A71FDB0C02
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C163E4E5D0EF9D93E0B143603442915B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A02BA338F7449919A650E98F1D1B31C4
Requests: 2 HTTP requests in this frame

Frame: https://p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 26A2D3AD7C1F679803CF1D6EE8C48180
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: F130BC8A04B494E79B0A2E5C9F51D0AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 78CEA4576A1ECA99F9152EF75D5E01CA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 5D1E8266E7ED439C86D8A3A441809E13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7BF05702519238ADE50365F1FE04C8F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E081B81EE03D8E7A38AA1E2606A29269
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citimenus Guide to NYC Restaurants, Menus and Reviews

Page URL History Show full URLs

https://www.citimenus.com/ HTTP 301
http://citimenus.com/ HTTP 301
https://citimenus.com/ Page URL

Detected technologies

DreamWeaver (Editors) Expand

Overall confidence: 100%
Detected patterns

<!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

94 %
HTTPS

83 %
IPv6

13
Domains

18
Subdomains

13
IPs

2
Countries

1070 kB
Transfer

2251 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/Cititourcom

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/Cititourcom/111674692238151

Search URL Search Domain Scan URL

URL: http://bigcityinteractive.com/
Title: BigCityInteractive.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.citimenus.com/ HTTP 301
http://citimenus.com/ HTTP 301
https://citimenus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

84 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
citimenus.com/
Redirect Chain

https://www.citimenus.com/
http://citimenus.com/
https://citimenus.com/

13 KB
13 KB

913ms
692ms

Document
text/html

64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: cfe1c1e71e93322c61cc6e92b0a860b65e2f53f332c19d4d10b23e89cb5d6d8e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Mar 2023 09:44:46 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 24 Mar 2023 09:44:46 GMT
Keep-Alive: timeout=5, max=100
Location: https://citimenus.com/
Server: Apache

GET
H/1.1 200
OK styles.css
citimenus.com/ 320 B
587 B 109ms
108ms Stylesheet
text/css 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/styles.css
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 0bb57a7dae3ec88ad24c1a771e66fb23056b2ba93a0eb2328969bef8fa781519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:47 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:21 GMT
Server: Apache
ETag: "140-54ce6ffc76540"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 320

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 84 KB
85 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

Requested by

Host: citimenus.com
URL: https://citimenus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 00:26:13 GMT
x-content-type-options: nosniff
age: 206315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85925
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Mar 2024 00:26:13 GMT

GET
H/1.1 200
OK jquery.colorbox-min.js Show response
citimenus.com/assets/colorbox/ 10 KB
10 KB 327ms
108ms Script
application/javascript 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/colorbox/jquery.colorbox-min.js
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 55ee2aac76aa092bf492b175a401dc5a4af09ef0ef5b4960e61d41a5f48cb6df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:55 GMT
Server: Apache
ETag: "2659-54ce6fe3aaac0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9817

GET
H/1.1 200
OK colorbox.css
citimenus.com/assets/colorbox/ 5 KB
5 KB 324ms
215ms Stylesheet
text/css 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/colorbox/colorbox.css
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: f2eb50d183cf0b187b1b316220c2e72dcf11dc2497ecdc56f781f992780ea9b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:50 GMT
Server: Apache
ETag: "1347-54ce6fdee5f80"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4935

GET
H/1.1 200
OK common.js Show response
citimenus.com/assets/js/ 6 KB
6 KB 434ms
108ms Script
application/javascript 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/js/common.js
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: d60f865a23a53565dd30dd074e47a311462849db1f3634b985a63d2491f32e83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:09 GMT
Server: Apache
ETag: "1815-54ce6ff104a40"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6165

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 345ms
66ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0RT3E9C7BG

Requested by

Host: citimenus.com
URL: https://citimenus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c7ca514620c50b9aa6102f32866a574254f104c2547fc54cce6900c2246b24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78769
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Mar 2023 09:44:48 GMT

GET
H/1.1 200
OK twitter_16x16.png
citimenus.com/assets/img/icons/ 603 B
871 B 109ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/icons/twitter_16x16.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 77af687b0495d737cb9c18a7c48a37d6a5f626eb6ba8d4c276d013cb9de6a595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:08 GMT
Server: Apache
ETag: "25b-54ce6ff010800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 603

GET
H/1.1 200
OK facebook_16x16.png
citimenus.com/assets/img/icons/ 578 B
846 B 109ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/icons/facebook_16x16.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 65b4ad06f5fcd3dbdff65ce137a22f1384cef41c53a499edd6ce0974ac972d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:08 GMT
Server: Apache
ETag: "242-54ce6ff010800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 578

GET
H/1.1 200
OK email.png
citimenus.com/assets/img/icons/ 641 B
909 B 112ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/icons/email.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: a24928edf1879f7e3ca1e6b8213f12a7b8d229d1a134a5413299c86b31d53552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:08 GMT
Server: Apache
ETag: "281-54ce6ff010800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 641

GET
H/1.1 200
OK cm_logo.png
citimenus.com/assets/img/ 15 KB
15 KB 112ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/cm_logo.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 30caef1568bffd6c686cc89301d4a3184746795f632421c8644ba182a095493e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:06 GMT
Server: Apache
ETag: "3a40-54ce6fee28380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 14912

GET
H/1.1 200
OK 18766_8282,%20Korean,%20LES,%20NYC,%20Food%20x.jpg
cititour.com/NYC_Restaurants/logos/ 16 KB
16 KB 450ms
110ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/18766_8282,%20Korean,%20LES,%20NYC,%20Food%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 251377000ff77eab8584234645847dba5064b1bd5e391e7ac16512409e5b2a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Wed, 26 Oct 2022 01:06:06 GMT
Server: Apache
ETag: "3f8d-5ebe5a116b883"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16269

GET
H/1.1 200
OK 18748_Ainslee%20to%20Open%20on%20the%20Bowery,%20NYC%20x.jpg
cititour.com/NYC_Restaurants/logos/ 27 KB
27 KB 449ms
109ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/18748_Ainslee%20to%20Open%20on%20the%20Bowery,%20NYC%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: c8b523b0a9245f8184f616b0d2f69c5108feac77543af1be9d5cc85d1a76325a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Mon, 26 Sep 2022 23:35:17 GMT
Server: Apache
ETag: "6aad-5e99cfaf13f00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27309

GET
H/1.1 200
OK 18747_Masalawala,%20Indian,%20Brooklyn,%20NYC,%20Interior%20x.jpg
cititour.com/NYC_Restaurants/logos/ 22 KB
22 KB 464ms
124ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/18747_Masalawala,%20Indian,%20Brooklyn,%20NYC,%20Interior%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 290fb4c8234674a64208892256046f0e99913ede12244cb18cf3b5c61443af8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Fri, 23 Sep 2022 22:59:47 GMT
Server: Apache
ETag: "562c-5e960226bb149"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22060

GET
H/1.1 200
OK 18767_Ferdi,%20Italian,%20West%20Village,%20NYC%20x.jpg
cititour.com/NYC_Restaurants/logos/ 21 KB
21 KB 461ms
121ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/18767_Ferdi,%20Italian,%20West%20Village,%20NYC%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 1917b63546261205a90bcd1b4038e60613b00017d7803dfb37f607c5addf0b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Wed, 26 Oct 2022 18:47:21 GMT
Server: Apache
ETag: "52ab-5ebf4746ce470"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21163

GET
H/1.1 200
OK 2769_Porter%20House%20Restaurant,%20NYC,%20Cocktail%20x.jpg
cititour.com/NYC_Restaurants/logos/ 19 KB
19 KB 450ms
110ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/2769_Porter%20House%20Restaurant,%20NYC,%20Cocktail%20x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 53a7c284fe5d6deabacb311facb25d04c8a8a2d38d72d090ced47444d6c4dc54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Wed, 26 Oct 2022 02:25:42 GMT
Server: Apache
ETag: "4bee-5ebe6bdcdbeef"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19438

GET
H/1.1 200
OK 17448_Ten%20Hope%20Restaurant,%20Mediterranean,%20Williamsburg,%20Brooklyn,%20NYC,%202x.jpg
cititour.com/NYC_Restaurants/logos/ 20 KB
21 KB 414ms
108ms Image
image/jpeg 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cititour.com/NYC_Restaurants/logos/17448_Ten%20Hope%20Restaurant,%20Mediterranean,%20Williamsburg,%20Brooklyn,%20NYC,%202x.jpg
Requested by: Host: citimenus.com
URL: https://citimenus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 67c637f7ca18f85c2fd2b024d1c5f5bde6d43b70ca463c4d98398ca3cd83b2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Fri, 18 Oct 2019 21:58:04 GMT
Server: Apache
ETag: "5174-595366dad8218"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20852

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 330ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: citimenus.com
URL: https://citimenus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ae92e0826559ae11264e1be99deca8f95f5d726c535d22a2ad1024a7eaf7cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48847
x-xss-protection: 0
server: cafe
etag: 3037931548512927129
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:48 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H/1.1 200
OK reset.css
citimenus.com/assets/css/ 1 KB
2 KB 215ms
108ms Stylesheet
text/css 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/css/reset.css
Requested by: Host: citimenus.com
URL: https://citimenus.com/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 4a0531ef5d293bf3a5efa038c52d65208428c5af379293f11f634d402cc654e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:57 GMT
Server: Apache
ETag: "53b-54ce6fe592f40"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1339

GET
H/1.1 200
OK global.css
citimenus.com/assets/css/ 14 KB
14 KB 216ms
108ms Stylesheet
text/css 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/css/global.css
Requested by: Host: citimenus.com
URL: https://citimenus.com/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 48c8f97c55ba839dce32a57fcd2aee6b53eace35a30cbe98f07fbdfe693c2803

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:56 GMT
Server: Apache
ETag: "3657-54ce6fe49ed00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13911

GET jsload
menus.singleplatform.co/ 0
0

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET urchin.js
www.google-analytics.com/ 0
0

GET
H/1.1 200
OK cm_navglow_light.png
citimenus.com/assets/img/ 1 KB
2 KB 109ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/cm_navglow_light.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/css/global.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: e13ab54f438f15cda9abbf6f162626bceb841f53b968eed0863363ed3c678c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:06 GMT
Server: Apache
ETag: "555-54ce6fee28380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1365

GET
H/1.1 200
OK cm_notch.png
citimenus.com/assets/img/ 3 KB
3 KB 180ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/img/cm_notch.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/css/global.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 2ea7d471f3d72659aef2e46f49dc428592ac46212bb8c1ec68cbd6ea0ac950a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:58:07 GMT
Server: Apache
ETag: "b12-54ce6fef1c5c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2834

GET
H/1.1 200
OK museo_slab_300-webfont.ttf
citimenus.com/assets/fonts/ 54 KB
54 KB 108ms
108ms Font
application/x-font-ttf 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://citimenus.com/assets/fonts/museo_slab_300-webfont.ttf
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/css/global.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 8e30476ee03f027b7073c5b27f718a2a62da2914768867a1f1499c54975fd5c0

Request headers

Referer: https://citimenus.com/assets/css/global.css
Origin: https://citimenus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:59 GMT
Server: Apache
ETag: "d7b0-54ce6fe77b3c0"
Content-Type: application/x-font-ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 55216

GET
H/1.1 200
OK controls.png
citimenus.com/assets/colorbox/images/ 1 KB
1 KB 181ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/colorbox/images/controls.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/colorbox/colorbox.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 34c01d510e0bc7481ac8ff885b7b8db5f8a024b62e8b99eaffea565503255cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/colorbox/colorbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:52 GMT
Server: Apache
ETag: "4e1-54ce6fe0ce400"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1249

GET
H/1.1 200
OK border.png
citimenus.com/assets/colorbox/images/ 112 B
379 B 212ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/colorbox/images/border.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/colorbox/colorbox.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 11bd83f6446a1b41b0d88ddb2e271fcc9912b210d77f40e34e5e31e1a9af174a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/colorbox/colorbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:51 GMT
Server: Apache
ETag: "70-54ce6fdfda1c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 112

GET
H/1.1 200
OK loading_background.png
citimenus.com/assets/colorbox/images/ 157 B
424 B 181ms
108ms Image
image/png 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/colorbox/images/loading_background.png
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/colorbox/colorbox.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 959eccc6b71befee67657392e7f22be26cab408483657fb32a218fed6ffe016b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/colorbox/colorbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:55 GMT
Server: Apache
ETag: "9d-54ce6fe3aaac0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 157

GET
H/1.1 200
OK loading.gif
citimenus.com/assets/colorbox/images/ 9 KB
9 KB 177ms
108ms Image
image/gif 64.130.1.157
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citimenus.com/assets/colorbox/images/loading.gif
Requested by: Host: citimenus.com
URL: https://citimenus.com/assets/colorbox/colorbox.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.130.1.157 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: cititour.com
Software: Apache /
Resource Hash: 34ef55242fc24c94f0790902c09601d228e9074bf7a1f88c4de6a39b40ce38fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/assets/colorbox/colorbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 09:44:48 GMT
Last-Modified: Tue, 11 Apr 2017 16:57:54 GMT
Server: Apache
ETag: "24d3-54ce6fe2b6880"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9427

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 57ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0RT3E9C7BG&gtm=45je33m0&_p=426451432&cid=207189452.1679651089&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679651088&sct=1&seg=0&dl=https%3A%2F%2Fcitimenus.com%2F&dt=Citimenus%20Guide%20to%20NYC%20Restaurants%2C%20Menus%20and%20Reviews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0RT3E9C7BG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:44:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citimenus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303200101/ 350 KB
117 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303200101/show_ads_impl_with_ama_fy2021.js?client=pub-0331841528289462&plah=citimenus.com&bust=31073310

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb0711c10d8235b4c133d7869103c8e917ae5c498d910f8ffef8a5ec9d6ae015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119513
x-xss-protection: 0
server: cafe
etag: 8158906865283974401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame 49EB 10 KB
5 KB 125ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:09:01 GMT
etag: 2378337311435320485
expires: Fri, 07 Apr 2023 09:09:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 135ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=citimenus.com&callback=_gfp_s_&client=pub-0331841528289462

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303200101/show_ads_impl_with_ama_fy2021.js?client=pub-0331841528289462&plah=citimenus.com&bust=31073310

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aec022cf4436dfa39226d8c88a27da70aa37af34c59cf4adb45e9968486d5669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 133ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=citimenus.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 148ms
48ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=citimenus.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 818D 74 KB
30 KB 520ms
519ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088852&bpp=4&bdt=921&idt=232&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&correlator=5545534332500&frm=20&pv=2&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iFJsR1F3ng&p=https%3A//citimenus.com&dtd=256

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25604371559ccff96dc5aa1a0722cda1dfa8b28699804ace7fe14779e0258a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30122
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50A7 74 KB
30 KB 731ms
731ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c51670feeb4bfe1928bf329225dc02d513bb66f3fd04d6a566c0c7208aa077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC52 74 KB
29 KB 537ms
536ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651089&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088857&bpp=1&bdt=927&idt=267&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MJG6LkSr2G&p=https%3A//citimenus.com&dtd=270

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0fa1c3037ff333ed3d24981da03bd4573373bd39e0d371464f0b3278253093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30013
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B8C2 0
188 B 207ms
207ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&adk=1812271804&adf=3025194257&lmt=1679651089&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fcitimenus.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088879&bpp=2&bdt=948&idt=253&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=269

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:49 GMT
expires: Fri, 24 Mar 2023 09:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 818D 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEcBLEXEdZLjSCIHob_aJr7ALusWNjW-ZneHc_hAUEAEgvaH0AWCV4pCCoAegAc-U1ZICyAECqAMByAPJBKoE4AFP0OC1VJrE5X4LqPCV6iNZJ_9vkRowO2ncob2nynzoaaYgxKuj297_Nqlnc2M3HknwU3h0-bBkbsVP9SgO9jiPxU6SD8vKX9bZCq1Ih_nnuOrKJCGP5Yr2t8w4kJJ2Xx179xyVR9r2QnslewsVghXdzP_VTDgFdbtj89NAvvgudWTN8813Ca_Q9M3WiwJ6NiyIvXyhjutQSKRlDQcW_c2m7MXAYBpjLt3rAe1anXqyzAHVmG14Yqyt9I7yo2FFdDt_t1KDnI4LLh3_nFLMqIWWOR_kI_qQtvaAFTuXZi8rhcAE9cKC9ZkEkgUECAQYAZIFBAgFGASgBgKAB5nrqu0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQiocC0ggRCIDhgBAQARhfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMDMzMTg0MTUyODI4OTQ2MhgA&sigh=StDlffCbZr8&uach_m=[UACH]&cid=CAQSGwDUE5ymAy2Zs8c8bg7koz4-OeLYXbHHUGMp5xgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088852&bpp=4&bdt=921&idt=232&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&correlator=5545534332500&frm=20&pv=2&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iFJsR1F3ng&p=https%3A//citimenus.com&dtd=256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088852&bpp=4&bdt=921&idt=232&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&correlator=5545534332500&frm=20&pv=2&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iFJsR1F3ng&p=https%3A//citimenus.com&dtd=256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 09:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H2 200 14532779066115781370
tpc.googlesyndication.com/simgad/ Frame 818D 22 KB
23 KB 227ms
121ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14532779066115781370?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkc_0-Gdb_k5MKlA9lyLiTJdRlytw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0192600bf798b9c69c5b32cdf784530a3b78eb815eabcab5a84455bf3b5d3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:48 GMT
x-content-type-options: nosniff
age: 142741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22771
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 14:51:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:05:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 818D 22 KB
9 KB 144ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 818D 3 KB
1 KB 223ms
119ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Apr 2023 06:49:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 818D 20 KB
9 KB 157ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 818D 158 KB
49 KB 157ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 818D 34 KB
14 KB 260ms
157ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 12056988738142335449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:59:38 GMT

GET
H2 200 16541800534822951648
tpc.googlesyndication.com/daca_images/simgad/ Frame DC52 13 KB
13 KB 185ms
125ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16541800534822951648

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651089&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088857&bpp=1&bdt=927&idt=267&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MJG6LkSr2G&p=https%3A//citimenus.com&dtd=270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9b36bb02a4076c313815c6edf8e64cf98c1becc09f20cf8212747baa41bcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:09:26 GMT
x-content-type-options: nosniff
age: 142523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12943
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 14:01:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:09:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame DC52 22 KB
9 KB 109ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame DC52 3 KB
1 KB 210ms
162ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Apr 2023 06:49:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame DC52 20 KB
8 KB 167ms
117ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC52 158 KB
48 KB 183ms
134ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame DC52 34 KB
14 KB 168ms
119ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 12056988738142335449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:59:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC52 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtWoIEXEdZOqBDbbPxtYPmI2TCI3ji79vxoaUkrkQh7KF0pQOEAEgvaH0AWDVBaABy_jx5gLIAQKoAwHIA8kEqgToAU_QwjwMF8wmTRog4UHoQAKP6sESTxy67HMAszjiX2ftAwKP7MN22DhZscAZN1y1hAGITNUhqZ_nBReB1VOSjo9oPYMbkeVSz_37XgaZLYxXF2JHI5inAAlg9PJ9ruLHhRT1sfrpIEvG4SwOLYSlxuXvQgGkMr6javnUMsV0UQjq56-Zy3OTew1XA4k-0NBQFLa-KvCAYu2AXRrlmf1dUZlmKVbOYP0xnlaAG-T8mor2Xk5tczSMBfKUPhvmsjN6Egsg-qN75ryftgeK5SOjkvvkZkRroYA0bHCPfAoDfKHDt_bzX_W5uObABM6w6-6VBJIFBAgEGAGSBQQIBRgEoAYCgAedh46ZAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPjrJ9IIEQiA4YAQEAEYXzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTAzMzE4NDE1MjgyODk0NjIYAA&sigh=Ak68JlJT5TA&uach_m=[UACH]&cid=CAQSGwDUE5ymWI71Db5Lpzdfdd88Cg81GmfzRq5bYRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651089&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088857&bpp=1&bdt=927&idt=267&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MJG6LkSr2G&p=https%3A//citimenus.com&dtd=270
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 09:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DAA 143 B
166 B 49ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3344809801&adf=143413618&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088852&bpp=4&bdt=921&idt=232&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&correlator=5545534332500&frm=20&pv=2&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iFJsR1F3ng&p=https%3A//citimenus.com&dtd=256
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 08:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C163 143 B
166 B 45ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=90&slotname=8644272297&adk=2224393769&adf=3914693464&pi=t.ma~as.8644272297&w=728&lmt=1679651089&format=728x90&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088857&bpp=1&bdt=927&idt=267&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MJG6LkSr2G&p=https%3A//citimenus.com&dtd=270
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 08:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14532779066115781370
tpc.googlesyndication.com/simgad/ Frame 50A7 22 KB
22 KB 65ms
64ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14532779066115781370?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkc_0-Gdb_k5MKlA9lyLiTJdRlytw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0192600bf798b9c69c5b32cdf784530a3b78eb815eabcab5a84455bf3b5d3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:48 GMT
x-content-type-options: nosniff
age: 142741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22771
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 14:51:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:05:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 50A7 22 KB
9 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 50A7 3 KB
1 KB 67ms
34ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Apr 2023 06:49:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 50A7 20 KB
8 KB 64ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50A7 158 KB
48 KB 79ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:44:49 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 50A7 34 KB
14 KB 76ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 12056988738142335449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:59:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50A7 0
0 104ms
83ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTE_9EXEdZLuDCZaE9fgP6_uFuAq6xY2Nb5md4dz-EBQQASC9ofQBYJXikIKgB6ABz5TVkgLIAQKoAwHIA8kEqgTjAU_Q-H38QVzhk46HpBgSrSS4a35FAgP8XgqhSZHjpKoDCdkTcASR5V3mm4IvqoAoXj66iyegswN0AVQOvOZx-aNFkFhNW1PagMvCY6_a77vOtSnZdSzpdd9z1r5rn_zUU0JQwhkbDxXZZNgSMn11NQ5A_23ujjrN7ISVbXXg8b3sIQ0AezuAe0Nxfiu_-ASuvhAssuDsTppTQAdaRqAXvKS-ZGB5ElhAGcQNB9aWHTrNZ5O91ks5QqlAtIdQ_fXsP4YFZY-uQKpQwY9cQ205F8NzRU_3KzHAojdhAWVv2DiX8UQXwAT1woL1mQSSBQQIBBgBkgUECAUYBKAGAoAHmeuq7QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCtzAnSCBEIgOGAEBABGF8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wMzMxODQxNTI4Mjg5NDYyGAA&sigh=fidI0BEY0hE&uach_m=[UACH]&cid=CAQSGwDUE5ymL_31ynNtVb9OFERtQa8QXOHI3V1cIRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 09:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 818D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4366ef99ff0a815038bc4ed2ee87cf3c489ded02cbfcf961998fe5814eefcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DAA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
expires: Fri, 24 Mar 2023 09:44:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C163
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
expires: Fri, 24 Mar 2023 09:44:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DC52 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fe81581fe371304a8e95cc3a245ecb9169118df6bc611538eacbf92d1539156

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A02B 143 B
166 B 39ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 08:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 26A2 247 B
867 B 153ms
43ms Document
text/html 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

78e722f390e55b6bb1e1bae8fad9a7d347ad8f402d11ffd822c61842561601bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-b2IaNnpbP0eWetkwV_N0XA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 50A7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 746a7a69aeb554873e9529f38abdd91f4c546fa8252c2098008aa8abacc0847d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A02B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
expires: Fri, 24 Mar 2023 09:44:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame F130 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 08:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 08:53:31 GMT

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 78CE 36 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 08:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 08:53:31 GMT

GET
H2 200 iframe.html Show response
p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 26A2 5 KB
2 KB 48ms
44ms Document
text/html 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

890a1b156bcc03494a466dac14db6893dc5789993bc634918d5f62fcdd82f4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-Aty68bZjJ5Xg-iH_lgXK8g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 157ms
82ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92262ad7c5c7e83951839daeebbbc95d50ceb1fb8cb0b56bd7f337b2fa5633c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11246
x-xss-protection: 0

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D1E 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0331841528289462&output=html&h=280&slotname=7752540294&adk=3266976500&adf=3229086673&pi=t.ma~as.7752540294&w=336&lmt=1679651089&format=336x280&url=https%3A%2F%2Fcitimenus.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679651088856&bpp=1&bdt=926&idt=262&shv=r20230322&mjsv=m202303200101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5545534332500&frm=20&pv=1&ga_vid=207189452.1679651089&ga_sid=1679651089&ga_hid=426451432&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=920&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777877%2C44759837%2C31073263%2C31073310%2C31073379&oid=2&pvsid=4086310263176623&tmod=1770491999&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=24JpNXhLyj&p=https%3A//citimenus.com&dtd=265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 08:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 08:53:31 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 09:44:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F7BF 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 06:49:40 GMT
expires: Sat, 23 Mar 2024 06:49:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E081 783 B
535 B 49ms
49ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

732bd62b183d8acb3943091b1ebdcc58d3d80f4b83afc5054003e62fe515335f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LO7wNE_4mwOr9-f6_h15Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://citimenus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LO7wNE_4mwOr9-f6_h15Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:50 GMT
expires: Fri, 24 Mar 2023 09:44:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E081 0
0 69ms
69ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230322&jk=4086310263176623&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame F7BF 36 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 08:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 08:53:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F7BF 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GBrgiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:44:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 818D 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv88NtCre4H75zA3Waf1yhNeDpQQsQezf6SEKwCqf5q4_ELz-G4sRyNMIVt5QnezeLzYPwjLLcvOcPH580uZF0vUIG_4Sl8VPBmi64x805xKdPxnxURAqtA9DcE1auJM2d0QMp2TA&sai=AMfl-YRoIlrdkGSm8oYI3Esc5OUeqFCbe7lDwbMidRhUbUvT3ISsYtN8w9UAPl-dkZLj4u7iWOyVaY-Uhady&sig=Cg0ArKJSzIAyiNzrxE6oEAE&cid=CAQSGwDUE5ymAy2Zs8c8bg7koz4-OeLYXbHHUGMp5xgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3344809801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679651089111&rpt=868&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:44:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50A7 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfo0fctkLONOd_faPIw0f1TkMoUrUgxO8Dga8Um3qfNljp227LYSx50XKkvgV3Ur2Ilqc1H3fnLHCbuaUVIJlIncbh_BAYd9_Fqs9xqKUjrchZdPyWfG7z4GwsbP_LDDa_1_3-5Q&sai=AMfl-YTVlyix5zM111NqzJgaaG7CAOcW7tHPxQYSlenlHCPHtZlYN2HSf_n8CWaZ420C-oi6DSEE3lqMEZxj&sig=Cg0ArKJSzFq94cHrgYdaEAE&cid=CAQSGwDUE5ymL_31ynNtVb9OFERtQa8QXOHI3V1cIRgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3266976500&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679651089122&rpt=1026&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:44:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230322&jk=4086310263176623&bg=!29il2IzNAAbO2UOH7tk7ADkAdvg8WgtCGgS94rdqLaSERDQysnkFYurEvqdR9FJGpkZpNgQasJQZItwyT2D_56ZIBzpCt4LgiuICAAAAX1IAAAADaAEHCgCZLMU95cTkz21mHzxEjsy7aJ_JefiZbEawDRKAiLToRzZxGrUcH6RKhjn-i8hJSERwxSAO9kWQMjbLXoffAxkBPfObCASHcG6XM0Th4ayUkWAsxSm_ewWBnWnCwIEYjG_UyxAIZBvErEM9L-2JsSeRZK1T6EsgWYLdtUmYB5yZD8bKLFOy0exMHZqleaazdzZ2g-QOXRlV2nkfmQKgzNEt2QAtT1gyvzHXb_1DlaW-VN5sKyt6_ZLWLRsXUhfnyE-6kpoBjpXAje_7Mpw5mNHHuaQgk8tYq5pjbuiyMys0dJJ4IspYK5vX9EJDa4qd7DFBfL5zGFrjqFt-vLC_e_FPrgqf31ybo8YxhenEjCV2FRtH6QgbgYdXX7UP1h-855hqZX1ZBTuDQ_BNaq7oWGp8s75DWYZla3vjp6nRxRZibpymY06j5N3YeaiCbBLD1H-xBqNBMPUJlObmGND-nfXmMZve5Vm7r7ZuTxX4w5FEtRalVeRHSHMYqwcMnnezmWnv0YM79EyxJhs2QWdjMI95lnTKu_V-fvBJ2GTJiMWhE1R1PZXaobneqGDadXswqsq5-t52wagwMOj42s95G2luXQis-CV6AgVbJBkE51Ds5Q5mtj2jZ0sEpas9LW23Erz8sMincAq8LbcRws4G6BC8K7rp6ABazGyBhoowJ5Stv_RntJt23icQhzgBbnWpHQWcKRQWEhLE1qxD1tBF-jkUYS7U1Bn_gDCyVj-QqdJHaxtnwaKeH2YXX_0sPKRlzT_l-AQ1ZigfTAeAducHUrOTG1A6ALCj2Gaf1v-rofl7sDHGMeHLwxJg1coTOTXFixGKNqoqhsHE8FtAZHUXb8LGlsHrS5EWUDnWBw7A14jcMuGN0KpiNwyb8P6yuigGuUxeyt8eMMEU4m1l1QnBKzWAHwY9H4wF2ilU5Mbwe-dn5ZKnr1LYIMUjYdQ6r6fEMANhRn3Y5dXbaNwtJiweqWOxkrHWicFj2xDTZBi3fB4PbVMuA68uFT1Z7wx-sNi7saOz-N7Zb-NlQDHwnWDes5NDf47eW4vwmD4kPlS5sOWznms80bkxV7ezLc1yh8O8a9e8uyKBZU0siWO6fSA0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citimenus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Serif:regular,italic,bold,bolditalic

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Cabin:bold

Domain: menus.singleplatform.co
URL: http://menus.singleplatform.co/jsload?load=menus.2&apiKey=kaoz5mhlv7wxhbghyvbcozq1b

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/urchin.js

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citimenus.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: g145bgcejeqi67r6eokpnogb13
.citimenus.com/	1970-01-20 20:10:11	Name: _ga_0RT3E9C7BG Value: GS1.1.1679651088.1.0.1679651088.0.0.0
.citimenus.com/	1970-01-20 20:10:11	Name: _ga Value: GA1.1.207189452.1679651089
.citimenus.com/	1970-01-20 19:55:47	Name: __gads Value: ID=147c16db82d39541-2269eb6266dd00f2:T=1679651089:RT=1679651089:S=ALNI_MaKpYYu3jE1atSMPa0I3h04xkBNzg
.citimenus.com/	1970-01-20 19:55:47	Name: __gpi Value: UID=00000bcb33fb75c6:T=1679651089:RT=1679651089:S=ALNI_MbF3iXWOH0t7mOa1FPtxKRhnLMxpw
.doubleclick.net/	1970-01-20 19:55:47	Name: IDE Value: AHWqTUkODpdLNWm6paQ5v8Vw34s_BCcOLGJWW8PCd7_AGXMDTcsGjt3BN4fPgxaBNs4
.doubleclick.net/	1970-01-20 10:34:11	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 10:34:14	Name: DSID Value: NO_DATA

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18766_8282,%20Korean,%20LES,%20NYC,%20Food%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18748_Ainslee%20to%20Open%20on%20the%20Bowery,%20NYC%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18747_Masalawala,%20Indian,%20Brooklyn,%20NYC,%20Interior%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18767_Ferdi,%20Italian,%20West%20Village,%20NYC%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/2769_Porter%20House%20Restaurant,%20NYC,%20Cocktail%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/17448_Ten%20Hope%20Restaurant,%20Mediterranean,%20Williamsburg,%20Brooklyn,%20NYC,%202x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Droid+Serif:regular,italic,bold,bolditalic'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Cabin:bold'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure script 'http://menus.singleplatform.co/jsload?load=menus.2&apiKey=kaoz5mhlv7wxhbghyvbcozq1b'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18766_8282,%20Korean,%20LES,%20NYC,%20Food%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18748_Ainslee%20to%20Open%20on%20the%20Bowery,%20NYC%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18747_Masalawala,%20Indian,%20Brooklyn,%20NYC,%20Interior%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/18767_Ferdi,%20Italian,%20West%20Village,%20NYC%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/2769_Porter%20House%20Restaurant,%20NYC,%20Cocktail%20x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://citimenus.com/(Line 202) Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure element 'http://cititour.com/NYC_Restaurants/logos/17448_Ten%20Hope%20Restaurant,%20Mediterranean,%20Williamsburg,%20Brooklyn,%20NYC,%202x.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://citimenus.com/ Message: Mixed Content: The page at 'https://citimenus.com/' was loaded over HTTPS, but requested an insecure script 'http://www.google-analytics.com/urchin.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
citimenus.com
cititour.com
fonts.googleapis.com
googleads.g.doubleclick.net
menus.singleplatform.co
p4-a7nd34tszfeu2-tgwk2ea76n64ekjq-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.citimenus.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
fonts.googleapis.com
menus.singleplatform.co
pagead2.googlesyndication.com
www.google-analytics.com
142.250.185.67
2001:4860:4802:32::36
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:831::2001
64.130.1.157
0bb57a7dae3ec88ad24c1a771e66fb23056b2ba93a0eb2328969bef8fa781519
11bd83f6446a1b41b0d88ddb2e271fcc9912b210d77f40e34e5e31e1a9af174a
15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1917b63546261205a90bcd1b4038e60613b00017d7803dfb37f607c5addf0b0d
251377000ff77eab8584234645847dba5064b1bd5e391e7ac16512409e5b2a73
25604371559ccff96dc5aa1a0722cda1dfa8b28699804ace7fe14779e0258a0d
290fb4c8234674a64208892256046f0e99913ede12244cb18cf3b5c61443af8c
2a0fa1c3037ff333ed3d24981da03bd4573373bd39e0d371464f0b3278253093
2ea7d471f3d72659aef2e46f49dc428592ac46212bb8c1ec68cbd6ea0ac950a8
30caef1568bffd6c686cc89301d4a3184746795f632421c8644ba182a095493e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34c01d510e0bc7481ac8ff885b7b8db5f8a024b62e8b99eaffea565503255cc2
34ef55242fc24c94f0790902c09601d228e9074bf7a1f88c4de6a39b40ce38fa
3ae92e0826559ae11264e1be99deca8f95f5d726c535d22a2ad1024a7eaf7cb8
48c8f97c55ba839dce32a57fcd2aee6b53eace35a30cbe98f07fbdfe693c2803
4a0531ef5d293bf3a5efa038c52d65208428c5af379293f11f634d402cc654e7
53a7c284fe5d6deabacb311facb25d04c8a8a2d38d72d090ced47444d6c4dc54
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee2aac76aa092bf492b175a401dc5a4af09ef0ef5b4960e61d41a5f48cb6df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b4ad06f5fcd3dbdff65ce137a22f1384cef41c53a499edd6ce0974ac972d83
67c637f7ca18f85c2fd2b024d1c5f5bde6d43b70ca463c4d98398ca3cd83b2eb
6c7ca514620c50b9aa6102f32866a574254f104c2547fc54cce6900c2246b24d
6fe81581fe371304a8e95cc3a245ecb9169118df6bc611538eacbf92d1539156
732bd62b183d8acb3943091b1ebdcc58d3d80f4b83afc5054003e62fe515335f
746a7a69aeb554873e9529f38abdd91f4c546fa8252c2098008aa8abacc0847d
77af687b0495d737cb9c18a7c48a37d6a5f626eb6ba8d4c276d013cb9de6a595
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
78e722f390e55b6bb1e1bae8fad9a7d347ad8f402d11ffd822c61842561601bb
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
890a1b156bcc03494a466dac14db6893dc5789993bc634918d5f62fcdd82f4ef
8e30476ee03f027b7073c5b27f718a2a62da2914768867a1f1499c54975fd5c0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
92262ad7c5c7e83951839daeebbbc95d50ceb1fb8cb0b56bd7f337b2fa5633c4
959eccc6b71befee67657392e7f22be26cab408483657fb32a218fed6ffe016b
a24928edf1879f7e3ca1e6b8213f12a7b8d229d1a134a5413299c86b31d53552
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad9b36bb02a4076c313815c6edf8e64cf98c1becc09f20cf8212747baa41bcf2
aec022cf4436dfa39226d8c88a27da70aa37af34c59cf4adb45e9968486d5669
b0192600bf798b9c69c5b32cdf784530a3b78eb815eabcab5a84455bf3b5d3a3
b4c51670feeb4bfe1928bf329225dc02d513bb66f3fd04d6a566c0c7208aa077
c8b523b0a9245f8184f616b0d2f69c5108feac77543af1be9d5cc85d1a76325a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cfe1c1e71e93322c61cc6e92b0a860b65e2f53f332c19d4d10b23e89cb5d6d8e
d60f865a23a53565dd30dd074e47a311462849db1f3634b985a63d2491f32e83
e13ab54f438f15cda9abbf6f162626bceb841f53b968eed0863363ed3c678c86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2eb50d183cf0b187b1b316220c2e72dcf11dc2497ecdc56f781f992780ea9b8
f4366ef99ff0a815038bc4ed2ee87cf3c489ded02cbfcf961998fe5814eefcbb
fb0711c10d8235b4c133d7869103c8e917ae5c498d910f8ffef8a5ec9d6ae015
fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

citimenus.com Open in urlscan Pro 64.130.1.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

94 %HTTPS

83 %IPv6

13 Domains

18 Subdomains

13 IPs

2 Countries

1070 kBTransfer

2251 kBSize

8 Cookies

3 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

citimenus.com Open in urlscan Pro
64.130.1.157 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

94 %
HTTPS

83 %
IPv6

13
Domains

18
Subdomains

13
IPs

2
Countries

1070 kB
Transfer

2251 kB
Size

8
Cookies

84 HTTP transactions
3 data transactions