urlscan.io logo urlscan.io
SecurityTrails logo

go.citi.vip Open in urlscan Pro
2606:4700:3034::ac43:8896  Public Scan

Go To Rescan Add Verdict Report
URL: https://go.citi.vip/
Submission: On September 03 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3034::ac43:8896, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.citi.vip.
TLS certificate: Issued by GTS CA 1P5 on August 4th 2023. Valid for: 3 months.
This is the only time go.citi.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.21.13.130 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
17 4
Apex Domain
Subdomains		 Transfer
11 citi.vip
go.citi.vip
2 MB
3 vircadia.com
metaverse.vircadia.com
5 KB
2 gstatic.com
fonts.gstatic.com
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
17 4
Domain Requested by
11 go.citi.vip go.citi.vip
3 metaverse.vircadia.com go.citi.vip
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com go.citi.vip
17 4

This site contains no links.

Subject Issuer Validity Valid
citi.vip
GTS CA 1P5		 2023-08-04 -
2023-11-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-25 -
2024-02-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://go.citi.vip/
Frame ID: BF4A44E420DF9627CAC3D962914A7650
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CITI Fediverse

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

17
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1881 kB
Transfer

6903 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
go.citi.vip/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcfef7ada27d51779e833250c4c71a343f7c671198c69adf17f64aba2e49bf0b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
800b7e4dba5f2bc7-FRA
content-encoding
gzip
content-type
text/html
date
Sun, 03 Sep 2023 05:11:40 GMT
last-modified
Mon, 21 Aug 2023 20:30:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noS%2BqLWFtE4gLro3buUaISOFrHk62EFaR4OeGuav7hrSGApCFLYH8dM%2FFVGYiWSeENxqtDorX2XLoY6XtdY2dqYo8zzww5xdn6duqrCDrVf3UQi6R3qFCFTPKB8R6tNqZlxifJL57HXdcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
index.f3990dec.js
go.citi.vip/assets/ 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/index.f3990dec.js
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc2789cd54004d4d1f96a20bdebf630597e31cda6b49308596c71860cf5ea979

Request headers

Referer
https://go.citi.vip/
Origin
https://go.citi.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 03 Sep 2023 04:57:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64f4122a-6202ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeTRs8C3AzLob1cEAoL0SBkKoxDVmUyKIXEY8WeSL0WO7D%2BHwXko%2BKVNMRHirZZKOk80M4WUYA2Z3%2FWuFSid27MGzkVeiuXvECRPi%2BF4lzM%2B5OfuSgmGV2i8JW3%2FwU5A96GqBPTUyfKkmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
800b7e50dd082bc7-FRA
alt-svc
h3=":443"; ma=86400
index.df7b8595.css
go.citi.vip/assets/ 		254 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/index.df7b8595.css
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6692df2e10e2189cdf443c54b77218c7d3b998fe4de60e444a0d5a06787bfcf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.citi.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-3f6df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiEWytWlL7I5AQtN3rpei%2BI3U0FNSejVr25Q56JAeM%2Bu%2FqH%2BagF7pXrmrqZxiH%2FNETpcQW3hUaPC9lLiRDBGZOYb4fOAld8aHHd30iIF%2BqhD1LWzrBCbnltNMfdbf3rDtCZ7ZXG2l0k3Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
800b7e50dd092bc7-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Cairo&family=Poppins:wght@100;300;400;600&display=swap
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.df7b8595.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6106f680bacd141ece6e09e5e6c96173767b2fb883c4dba5efd59ddde5235f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.citi.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Sep 2023 05:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Sep 2023 05:11:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Sep 2023 05:11:41 GMT
global-components.1ec80d03.js
go.citi.vip/assets/ 		192 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/global-components.1ec80d03.js
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c66f70f526f5bd65701c79da63df99c7c5b55a882df2d077898c8818f229051

Request headers

Referer
Origin
https://go.citi.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-2ffdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqShe3liUuEtRMgBPNH9Dy1S5nAeKJrW175bft5lNR%2F5i1hp8ui91xt0iXt7FGRbYelE3j7j%2FDM9wYRy3wKV4t3sMJoWk0Eb2mSqVeHqGlokvjAMlHd5PKBgssUpW24qI58dW2CWUbW1qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
800b7e5e2d311952-FRA
alt-svc
h3=":443"; ma=86400
global-components.64d45c0b.css
go.citi.vip/assets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/global-components.64d45c0b.css
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90781571c9cf0daa309122c67405eed9d8a92a261b97523136ba77c236b5329

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.citi.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-1a4f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yqWitNwuST3tXLuRHvE4Sylk1wkbYxfpGamEZ00Iab6pMt03xdPGbLR%2BVmP8Vx6MnfnjF%2BL9iAZ6aC5kojLHaO8hVaXuosTrCE0Zfk%2F4ZirDw2fQERdJdxE7kd5w9Iq86GfVp39FjW%2B5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
800b7e5e2d321952-FRA
alt-svc
h3=":443"; ma=86400
audioIO.03810489.js
go.citi.vip/assets/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/audioIO.03810489.js
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be09bc76de8c0c499f964b5ab51bf11af4c5a37cc7e7eb038dd596492fd112bc

Request headers

Referer
Origin
https://go.citi.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-8993"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FMdBRpDu610zLeaD3Ky0EzZUIf4aqsm91V8SKX6WTrvI2qzZcHyeKtO5RnIXfX9HNH0%2BYRTgNDuztw2wtKV3rPONXcrDLPCFe4BQ6tQaeRCsYZckaozLb49GUFUUZQT50Vq21IQ1lJH2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
800b7e5e2d331952-FRA
alt-svc
h3=":443"; ma=86400
index.6d651b31.js
go.citi.vip/assets/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/index.6d651b31.js
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c478c59960b6ea0d716f327b770ade18dfd33a0a5979d89b80e0fa682a475a42

Request headers

Referer
Origin
https://go.citi.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-b090"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gunBfa5QSr8m3sSvr3tOZK1O8MKfTTsYqAE3RNWqv8thC6%2F%2BNMFEJTsxRXEDFxDdTrKYNmfb5Zk62ImjjhdQHGf%2FpjXCJynO0hQk9DwcZYj0%2FBTp2uT3RFuMn11iWshx5I%2BjdXq%2BxF0kzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
800b7e5e2d341952-FRA
alt-svc
h3=":443"; ma=86400
JitsiContainer.3b5c0169.js
go.citi.vip/assets/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/JitsiContainer.3b5c0169.js
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734662b3e3b722de9571636201e62fe280d0330b3a3336e03d8990bc2ae7a60b

Request headers

Referer
Origin
https://go.citi.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-34f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RG8OdtX%2FfhJR6kRmD%2Fi%2F11ZnWvHlvuPTqAHsxWJtllYXDdjs%2FL6%2Bo%2F0WHihH7ffy3CfksihqjREf894ebG%2FLMyQczWn%2BXwrZfK%2BCxBL71vb9bvQs60eC1fhrrJvKPpnCN%2FfYLYqvCdzXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
800b7e5e2d351952-FRA
alt-svc
h3=":443"; ma=86400
JitsiContainer.ba5e6709.css
go.citi.vip/assets/ 		50 B
564 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/JitsiContainer.ba5e6709.css
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ed0b5cee643fc524745b543b4809e02bacd79e0063c1089fc6274c92d3520e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.citi.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-32"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njdzOlr4FG0Yz7jCAn4oP2ZHFQ9Yjsd0zU70sADpnRCNpl5sd%2BIRPR%2BOneLwDIUTULV3f1fmgsd2XJLY%2FEtKXf2ae%2ByaxHTOL8ySHhVw26k3iLyu%2BB%2B%2Foew59gsxbgtR5o9nNgetyBXaUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
800b7e5e2d361952-FRA
alt-svc
h3=":443"; ma=86400
metaverse_info
metaverse.vircadia.com/live/api/ 		271 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metaverse.vircadia.com/live/api/metaverse_info
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.130 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5775bd553f58facb97bee56b090e9dce683abc22773181a43ffd1a89acc33dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.citi.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
gzip
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"10f-TVOkaM21sC/segVjeFFmd8ApFmc"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, DELETE
access-control-expose-headers
Content-Length,Content-Range,Authorization
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b15mf%2B6ER%2FcBsZVUPtKYcUv6tMCWTRfr95NAERu7QCcPcl%2BnsPkb7nMiNvFCUyr9fMoTxEa%2BcsYOOb7GGGS9qjAd09RAjIgQqUuYhLhSkl%2FyTEVjreux5TmRoI%2FWxa8c9a5pAAn8otn5"}],"group":"cf-nel","max_age":604800}
cf-ray
800b7e64b9e839e5-FRA
access-control-allow-headers
x-vircadia-error-handle,Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,hfm-sessionid
FirstTimeSetup.80096287.js
go.citi.vip/assets/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/FirstTimeSetup.80096287.js
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a5cab902b9e00993cb6c5ef7fbeb72492b85a37d98c9874b13542cac038b1a

Request headers

Referer
Origin
https://go.citi.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:44 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-8d75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irJcCwG%2BwiN%2FQW72nRNdSV3TzDofmgXt87%2BlwrMGbCcXM6J36iFd8cVtF0Qd7lC8%2FAfXp9%2BRI5dlY7yQx9vcAoq2vr1%2F%2FRNwVf3mQadAnDO86X5%2BVEARyDEecPIgLx3C6vSsVjLm0S%2FlGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
800b7e645a391952-FRA
alt-svc
h3=":443"; ma=86400
FirstTimeSetup.810e6571.css
go.citi.vip/assets/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.citi.vip/assets/FirstTimeSetup.810e6571.css
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6609f4ee87cc40c787cded7fc49e2de8c9eeed3e7d64ab60c09eb81313ce320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.citi.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:44 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 20:29:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e3c926-d97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cJDlxIjTdthxZxSOduhYdv8iirsrpsfOkH4to2vW8RKBD%2FwX9qmdAdF323dOlRT7Rk9BU0TG%2BRZOF2xLa%2BN1r%2BiPcT15W0Bq6ly27cYWW4kW3imJbPQnyr49E%2FP8QyXBFaB9k4vlhikhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
800b7e645a3b1952-FRA
alt-svc
h3=":443"; ma=86400
metaverse_info
metaverse.vircadia.com/live/api/ 		271 B
486 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metaverse.vircadia.com/live/api/metaverse_info
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.130 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5775bd553f58facb97bee56b090e9dce683abc22773181a43ffd1a89acc33dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.citi.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
gzip
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"10f-TVOkaM21sC/segVjeFFmd8ApFmc"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, DELETE
access-control-expose-headers
Content-Length,Content-Range,Authorization
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZsfiF9T0Pxho8KPJLL0cSnOx5if0Q6YNJ8h3AZJdXm67vCE0xm3KrcUvwtYVojBJed%2FvzTOX4d9eT1frfJuXODhgEdyz9zSlZXCAy3rZMV3DgNKmpUgWsXkqDfDomi7K4UJNq3AzDNN"}],"group":"cf-nel","max_age":604800}
cf-ray
800b7e68fd2a39e5-FRA
access-control-allow-headers
x-vircadia-error-handle,Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,hfm-sessionid
SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo&family=Poppins:wght@100;300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.citi.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 22:13:48 GMT
x-content-type-options
nosniff
age
370676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15040
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 22:13:48 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo&family=Poppins:wght@100;300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.citi.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 19:33:17 GMT
x-content-type-options
nosniff
age
121107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 19:33:17 GMT
places
metaverse.vircadia.com/live/api/v1/ 		17 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metaverse.vircadia.com/live/api/v1/places?status=online
Requested by
Host: go.citi.vip
URL: https://go.citi.vip/assets/index.f3990dec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.130 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ecc4031137bee69584b5045c55596abd4eb1d4905c381fc79b7100272096f96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.citi.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:11:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"4318-XnbGSZLUWCN209eFfxk0EYX/ZLY"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, DELETE
access-control-expose-headers
Content-Length,Content-Range,Authorization
allow
GET,POST,PATCH,PUT,DELETE
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieVNFq8v%2BHnCwp3rXo2ZFvnyvPWafRqxs6Mf5o0XMv%2BD4milWMMKawmq9I0eWqI53bZspAtSH2UU%2BMU7YOIquDHp1he40RQ66sLJBCvenojopw8JlqljL2QgzkILhIxQRc8G55XybxIy"}],"group":"cf-nel","max_age":604800}
vary
Accept, Accept-Encoding
cf-ray
800b7e6da8a139e5-FRA
access-control-allow-headers
x-vircadia-error-handle,Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,hfm-sessionid

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __VUE_INSTANCE_SETTERS__ object| __vueuse_ssr_handlers__ boolean| useIgloo function| IglooCamera boolean| __VUE__

0 Cookies

1 Console Messages

Source Level URL
Text
other warning URL: https://go.citi.vip/assets/audioIO.03810489.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu