citiventsinc.com
Open in
urlscan Pro
35.215.117.66
Public Scan
Effective URL: https://citiventsinc.com/new-years-eve-in-washington-heights/
Submission Tags: phishingrod
Submission: On July 25 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.
This is the only time citiventsinc.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 44.230.85.241 44.230.85.241 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 35.215.117.66 35.215.117.66 | 15169 (GOOGLE) (GOOGLE) | |
16 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-241.us-west-2.compute.amazonaws.com
newyearsintheheights.org |
ASN15169 (GOOGLE, US)
PTR: 66.117.215.35.bc.googleusercontent.com
citiventsinc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
citiventsinc.com
citiventsinc.com |
696 KB |
1 |
newyearsintheheights.org
1 redirects
newyearsintheheights.org |
139 B |
16 | 2 |
Domain | Requested by | |
---|---|---|
16 | citiventsinc.com |
citiventsinc.com
|
1 | newyearsintheheights.org | 1 redirects |
16 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.citiventsinc.com R3 |
2023-05-31 - 2023-08-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://citiventsinc.com/new-years-eve-in-washington-heights/
Frame ID: CC601F27761BEBA7A3B6EEE7BB10972D
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
New Year’s Eve in Washington Heights – CitiVents, Inc.Page URL History Show full URLs
-
https://newyearsintheheights.org/
HTTP 307
https://citiventsinc.com/new-years-eve-in-washington-heights/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
UIKit (Web Frameworks) Expand
Detected patterns
- <[^>]+class="[^"]*(?:uk-container|uk-section)
- uikit.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://newyearsintheheights.org/
HTTP 307
https://citiventsinc.com/new-years-eve-in-washington-heights/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
citiventsinc.com/new-years-eve-in-washington-heights/ Redirect Chain
|
37 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteground-optimizer-combined-css-cb3213036b096bb984815d80742e940f.css
citiventsinc.com/wp-content/uploads/siteground-optimizer-assets/ |
517 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
citiventsinc.com/wp-includes/js/jquery/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
citiventsinc.com/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uikit.min.js
citiventsinc.com/wp-content/themes/yootheme/vendor/assets/uikit/dist/js/ |
132 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uikit-icons-yard.min.js
citiventsinc.com/wp-content/themes/yootheme/vendor/assets/uikit/dist/js/ |
67 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.js
citiventsinc.com/wp-content/themes/yootheme/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Citivents-logo-white.svg
citiventsinc.com/wp-content/uploads/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Citivents-logo-black.svg
citiventsinc.com/wp-content/uploads/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitiVents-Logo.svg
citiventsinc.com/wp-content/uploads/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazysizes.min.js
citiventsinc.com/wp-content/plugins/sg-cachepress/assets/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quform.min.js
citiventsinc.com/wp-content/uploads/siteground-optimizer-assets/ |
96 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsletter.min.js
citiventsinc.com/wp-content/themes/yootheme/vendor/yootheme/builder-newsletter/app/ |
611 B 591 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-76b017f4.woff2
citiventsinc.com/wp-content/themes/yootheme/fonts/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-d4f3ab8e.woff2
citiventsinc.com/wp-content/themes/yootheme/fonts/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 42 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
United_Palace_-_Panorama-scaled-725fde09.webp
citiventsinc.com/wp-content/themes/yootheme/cache/72/ |
472 KB 473 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| UIkit function| UIkitYard object| $theme object| quformL10n undefined| $ function| jQuery object| lazySizes function| Quform1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
citiventsinc.com/ | Name: quform_session_d33d8679af8523fbcb445509bc2b973e Value: lNvexuCjrcbtNn0ugSFscWDkzWscyGCVY2a1vn7k |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
citiventsinc.com
newyearsintheheights.org
35.215.117.66
44.230.85.241
210334e1bc718a563069695a11dbda47a9092f978df5cb5b13b6f2f97eaf0022
2761f1c34d9535a6c31ebfdfd28eaad9c3e43af682a36cbe40aca17fbece0174
2bf6b0a53c73d85d85650c001f0e881e588483ea019c7cbac41da1bc1c5d337f
3c0524c28e6df227a53a26a961f11668069f27e32abc7039164b167b4d643269
4bc345dac9ab81eec2a4e4cc2f1e6c0ee7de371619ca33ef347c396ebae67efe
73cb19a5c0924c8086d59dbf1ed6a16549c47d9b4937e3ba0f1e9abed5910878
8b9e99f5856ff56c7fdeb720849ad211052ce2fed7c54f8c18f3c8a1ea90f398
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a25da21fa46f9ef2ca9d169f57fbf9f605c976f9dfe924a27706900dc3228a8b
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b0a64871ef08449e7c708eda406ce2200d001e6ce4213a567bda2849425b1348
b6a527fbef6c620c3fc529e3c0a6cbdb6c3bf83b25f47a1757778a3de02f1697
be7028ca8a416322c3b5c4f947522736476470e54dd2a4ad6efa3c1ac68858d9
cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac
db1b5122f97857059fd46d167085920c8d21d78980d718a72162de468952956d
ea60a5244235b2aa952b67ea55c660528b359496d23b58ba052857aaf07d245c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629