URL: https://the-citizenry.xyz/
Submission: On March 04 via automatic, source certstream-suspicious

Summary

This website contacted 48 IPs in 6 countries across 32 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3035::6815:5bc9, located in United States and belongs to CLOUDFLARENET, US. The main domain is the-citizenry.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2021. Valid for: a year.
This is the only time the-citizenry.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 180.179.175.220 17439 (NETMAGIC-...)
1 180.179.175.143 17439 (NETMAGIC-...)
1 64.185.181.238 40009 (BITGRAVITY)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 180.179.187.70 17439 (NETMAGIC-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 34.249.46.6 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.209.31 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 180.179.168.163 17439 (NETMAGIC-...)
1 65.9.96.119 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.34 15169 (GOOGLE)
2 35.181.18.61 16509 (AMAZON-02)
1 1 34.255.166.243 16509 (AMAZON-02)
1 34.252.166.160 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2600:9000:214... 16509 (AMAZON-02)
1 142.250.185.70 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.142.114.176 8075 (MICROSOFT...)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 142.250.185.66 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 212.82.100.181 34010 (YAHOO-IRD)
1 199.232.136.157 54113 (FASTLY)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
1 2 2620:119:50e3... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
2 180.179.175.129 17439 (NETMAGIC-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 3.213.226.69 14618 (AMAZON-AES)
1 104.244.42.3 13414 (TWITTER)
1 2 34.102.206.241 15169 (GOOGLE)
85 48
Apex Domain
Subdomains
Transfer
12 shopclues.com
tracker.shopclues.com
cdn.shopclues.com
images.shopclues.com
www.shopclues.com
api.shopclues.com
112 KB
8 googlesyndication.com
pagead2.googlesyndication.com
0b39fa9ab255feefd62b92c0e037bc41.safeframe.googlesyndication.com
tpc.googlesyndication.com
28 KB
7 doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
googleads.g.doubleclick.net
111 KB
6 google-analytics.com
www.google-analytics.com
55 KB
4 google.de
www.google.de
adservice.google.de
1 KB
4 google.com
www.google.com
adservice.google.com
2 KB
4 demdex.net
dpm.demdex.net
shopclues.demdex.net
7 KB
4 the-citizenry.xyz
the-citizenry.xyz
37 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
3 atomex.net
cdn.atomex.net
datacdn.atomex.net
2 KB
3 omtrdc.net
cluesnetwork.sc.omtrdc.net
shopclues.tt.omtrdc.net
1 KB
3 moengage.com
cdn.moengage.com
sdk-01.moengage.com
45 KB
3 gstatic.com
fonts.gstatic.com
33 KB
3 adobedtm.com
assets.adobedtm.com
132 KB
2 googleadservices.com
www.googleadservices.com
14 KB
2 facebook.com
www.facebook.com
520 B
2 googletagmanager.com
www.googletagmanager.com
78 KB
2 bing.com
bat.bing.com
9 KB
2 facebook.net
connect.facebook.net
94 KB
2 googletagservices.com
www.googletagservices.com
53 KB
2 shopclues.net
css.shopclues.net
js.shopclues.net
65 KB
1 twitter.com
analytics.twitter.com
650 B
1 t.co
t.co
448 B
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 yahoo.com
sp.analytics.yahoo.com
962 B
1 licdn.com
snap.licdn.com
2 KB
1 microsoft.com
g.microsoft.com
355 B
1 everesttech.net
cm.everesttech.net
517 B
1 qoo10.in
shopclues-log.qoo10.in
290 B
1 cloudflare.com
cdnjs.cloudflare.com
17 KB
1 googleapis.com
fonts.googleapis.com
773 B
0 ridgewallet.website Failed
ridgewallet.website Failed
85 32
Domain Requested by
7 images.shopclues.com the-citizenry.xyz
css.shopclues.net
6 www.google-analytics.com assets.adobedtm.com
www.google-analytics.com
the-citizenry.xyz
4 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 the-citizenry.xyz 1 redirects the-citizenry.xyz
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.google.de the-citizenry.xyz
3 www.google.com 1 redirects the-citizenry.xyz
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
3 fonts.gstatic.com fonts.googleapis.com
3 dpm.demdex.net assets.adobedtm.com
the-citizenry.xyz
3 assets.adobedtm.com the-citizenry.xyz
assets.adobedtm.com
2 datacdn.atomex.net 1 redirects
2 sdk-01.moengage.com cdn.moengage.com
2 api.shopclues.com cdn.shopclues.com
2 px.ads.linkedin.com 1 redirects the-citizenry.xyz
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.facebook.com the-citizenry.xyz
connect.facebook.net
2 www.googletagmanager.com assets.adobedtm.com
www.googletagmanager.com
2 bat.bing.com the-citizenry.xyz
2 connect.facebook.net the-citizenry.xyz
connect.facebook.net
2 cluesnetwork.sc.omtrdc.net assets.adobedtm.com
the-citizenry.xyz
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.googletagservices.com the-citizenry.xyz
ad.doubleclick.net
1 analytics.twitter.com static.ads-twitter.com
1 0b39fa9ab255feefd62b92c0e037bc41.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 t.co the-citizenry.xyz
1 www.linkedin.com 1 redirects
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 static.ads-twitter.com the-citizenry.xyz
1 sp.analytics.yahoo.com the-citizenry.xyz
1 snap.licdn.com the-citizenry.xyz
1 g.microsoft.com bat.bing.com
1 ad.doubleclick.net the-citizenry.xyz
1 cdn.atomex.net the-citizenry.xyz
1 shopclues.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 shopclues.demdex.net assets.adobedtm.com
1 cdn.moengage.com the-citizenry.xyz
1 www.shopclues.com cdn.shopclues.com
1 shopclues-log.qoo10.in the-citizenry.xyz
1 cdnjs.cloudflare.com the-citizenry.xyz
1 fonts.googleapis.com css.shopclues.net
1 js.shopclues.net the-citizenry.xyz
1 cdn.shopclues.com the-citizenry.xyz
1 tracker.shopclues.com the-citizenry.xyz
1 css.shopclues.net the-citizenry.xyz
0 ridgewallet.website Failed cdn.shopclues.com
85 49
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-04 -
2022-03-03
a year crt.sh
*.shopclues.net
Go Daddy Secure Certificate Authority - G2
2020-05-13 -
2021-06-01
a year crt.sh
*.shopclues.com
Go Daddy Secure Certificate Authority - G2
2020-05-13 -
2021-06-04
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-08 -
2021-09-30
9 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.qoo10.in
Thawte RSA CA 2018
2019-08-27 -
2021-08-26
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.moengage.com
Go Daddy Secure Certificate Authority - G2
2021-01-31 -
2022-03-04
a year crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA
2020-10-29 -
2021-11-29
a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA
2020-11-02 -
2021-11-09
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
*.atomex.net
Amazon
2020-12-28 -
2022-01-26
a year crt.sh
*.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-01-19 -
2021-07-19
6 months crt.sh
g.msn.com
Microsoft RSA TLS CA 01
2020-10-06 -
2021-10-06
a year crt.sh
www.googleadservices.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-12-29 -
2021-06-22
6 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2020-08-14 -
2021-08-19
a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-01-06 -
2021-07-05
6 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
www.google.de
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.google.de
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh

This page contains 3 frames:

Primary Page: https://the-citizenry.xyz/
Frame ID: C3001DFF59892D1FC748A3F295865D26
Requests: 82 HTTP requests in this frame

Frame: https://shopclues.demdex.net/dest5.html?d_nsid=0
Frame ID: 5CB6D99B5975FDF28E7B4CA1FCBEC76B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 86E0C8BD46C3EF12D4353EEF0E530FF9
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

85
Requests

99 %
HTTPS

51 %
IPv6

32
Domains

49
Subdomains

48
IPs

6
Countries

902 kB
Transfer

2766 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://the-citizenry.xyz/2n4p1.js?maxqzx=aUx5H0tbAlgRHgdABFAZfw9XGV9GAUcYChInWgRUXk55EVISIWdQaRJfBC8ABjEBWRFzHkQcVGULVjtYRkEBQwYcXQJQGXkmYD19Hk5YGVpXTnMVUlkBHVByWhxbHVQdVgdeARxaBUACHFgFUGJTCFUCWB1bB0cfAVgWXBMAXgZBHAJdGUAFZl8MSgMGVARBHwdeBioTHkwEUh0QIl0eREpOTEgHbVgAUh0QXwZAARBCFkEDAl4WXBNUD1gDVBBCFhZQXh1RUh0QGkYFVBBCFhZQXh1RUh0QTBhSBlodTB5YC1cDCgNFAw0cBwMUUkEJEDM= HTTP 302
  • https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js
Request Chain 33
  • https://cm.everesttech.net/cm/dd?d_uuid=34621130768806249993666057939748152939 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEElwQAAAKN80CkN
Request Chain 58
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1013387&time=1614882241920&url=https%3A%2F%2Fthe-citizenry.xyz%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1013387%26time%3D1614882241920%26url%3Dhttps%253A%252F%252Fthe-citizenry.xyz%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1013387&time=1614882241920&url=https%3A%2F%2Fthe-citizenry.xyz%2F&liSync=true
Request Chain 65
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783880167/?random=1037561414&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wSVBYOaoPIfExgKosaSABA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/783880167/?random=1037561414&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wSVBYOaoPIfExgKosaSABA&cid=CAQSKQCNIrLMAqkSmviTp8X1siAOttZL7ow_hMecRwAHpAe-bDRCMA3jzGpx&random=3948057546&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/783880167/?random=1037561414&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wSVBYOaoPIfExgKosaSABA&cid=CAQSKQCNIrLMAqkSmviTp8X1siAOttZL7ow_hMecRwAHpAe-bDRCMA3jzGpx&random=3948057546&resp=GooglemKTybQhCsO&ipr=y
Request Chain 78
  • https://datacdn.atomex.net/data/6062/1x1.gif?client_id=7103&t=r&channel=web&f=v HTTP 302
  • https://datacdn.atomex.net/data/6062/1x1.gif?client_id=7103&t=r&channel=web&f=v&sync_check=cbf426a1-7d16-11eb-b55e-42010a7d2858

85 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
the-citizenry.xyz/
131 KB
30 KB
Document
General
Full URL
https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49834fc746648d84e3b8976ea6748746c3dfa1ed453b2e90eaac24df56d15052

Request headers

:method
GET
:authority
the-citizenry.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:00 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d41ac7f59d43a11c13c1eee42752429301614882240; expires=Sat, 03-Apr-21 18:24:00 GMT; path=/; domain=.the-citizenry.xyz; HttpOnly; SameSite=Lax; Secure
age
577
cache-control
no-cache, no-store
grace
stale
pragma
no-cache
vary
Accept-Encoding
via
1.1 varnish-v4
x-varnish
243695937 242221163
cf-cache-status
DYNAMIC
cf-request-id
08a0148f3900004db254a57000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TxLAXi22Z4Nni%2FmgnQs%2BQSRIHF5r0sSjxBKQXUMSNbbaTAtvmcV%2BU%2FT2FIX3hzQBrdBxQryJEuuNmY2s5xos8ltMEpIhFsy89GjIlQTktKt28va2CvnLRNmX7q2NpQ%3D%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
62ad2391f84a4db2-FRA
content-encoding
br
home.css
css.shopclues.net/assets/css/
106 KB
16 KB
Stylesheet
General
Full URL
https://css.shopclues.net/assets/css/home.css?version=77
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.175.220 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
Apache /
Resource Hash
c169185a41d028f5b6df3ec6bd1230a7c02f386bc1a8cede489c2341204e11b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 18:22:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
72
grace
stale
Connection
keep-alive
Content-Length
16426
Last-Modified
Tue, 29 Sep 2020 16:20:30 GMT
Server
Apache
X-FRAME-OPTIONS
SAMEORIGIN
X-Varnish
245563878 201165621
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
text/css
Expires
Sat, 03 Apr 2021 18:22:49 GMT
tracker.js
tracker.shopclues.com/
9 KB
4 KB
Script
General
Full URL
https://tracker.shopclues.com/tracker.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.175.143 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
divolte /
Resource Hash
922f6986a270a423882dfb2327b5e4ac12527c5c219904547a3cbccd840c0551

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 18:24:01 GMT
Content-Encoding
gzip
Server
divolte
ETag
"gz+ki9phqJwpCOILfsjJ7XkrBJSfFwhmQRUejy8zYQMBVE="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Length
4139
sc_tracker.js
the-citizenry.xyz/assets/js/
1 KB
887 B
Script
General
Full URL
https://the-citizenry.xyz/assets/js/sc_tracker.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91cfc149ee0257d377394e42db492b41953403ebb6866bdf5f298d0318e97b3a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:02 GMT
via
1.1 varnish-v4
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
grace
stale
cf-ray
62ad23982c8b4db2-FRA
content-encoding
br
cf-request-id
08a014931e00004db272911000000001
last-modified
Wed, 28 Feb 2018 09:05:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CBxzm98D3%2BV0CiiuhKzxSClFFPoPuL784ec02k1GrsYwI3PF5jXLthL9Jsq1ReMrTjHABCT0A80q9kxum5nEJCBpekKVHFbfX0ATbEbAKC7uJluE2fWUWSFwqhPZzQ%3D%3D"}],"max_age":604800}
x-varnish
235569954 108630939
cache-control
public, max-age=14400
content-type
text/javascript
expires
Sat, 03 Apr 2021 13:47:04 GMT
common_header.js
cdn.shopclues.com/images/ui/js/
98 KB
34 KB
Script
General
Full URL
https://cdn.shopclues.com/images/ui/js/common_header.js?ver=67
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b.bitgravity.com
Software
v/6.4.3/6.4.7/v4ams1-www /
Resource Hash
f5b9b61fa562e6c0a59045f0e9611b49338b02471a55ed5342f4cb21562ad79d

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version
3.3
date
Mon, 22 Feb 2021 22:00:41 GMT
content-encoding
gzip
age
965502
grace
live
x-cache
HIT,v4ams1
content-length
34844
last-modified
Mon, 04 Sep 2017 07:57:11 GMT
server
v/6.4.3/6.4.7/v4ams1-www
etag
W/"59ad0757-18754"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
x-server
v/6.4.3/v4ams1-https
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
expires
Mon, 21 Feb 2022 14:12:17 GMT
satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/
442 KB
110 KB
Script
General
Full URL
https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ceb39ec4367246ce0e03edfd1364700a7cf17caf9beb037c2cff9db531b72dda

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:00 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 05:55:35 GMT
server
AkamaiNetStorage
etag
"2b22496036a1c7c5aff622e2f65b6ba9:1612763735.928952"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://the-citizenry.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
112606
expires
Thu, 04 Mar 2021 19:24:00 GMT
s_logo.png
images.shopclues.com/images/ui/
2 KB
3 KB
Image
General
Full URL
https://images.shopclues.com/images/ui/s_logo.png
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.187.70 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
3a5c69fb5f3521de2f6b49958452b62d680bc2af23cd868b8550ce9e9bb689a1

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 10:40:52 GMT
Content-Encoding
gzip
Age
27709
grace
stale
Connection
keep-alive
Content-Length
2342
Access-Control-Allow-Origin
*
Last-Modified
Wed, 03 Aug 2016 09:09:31 GMT
Server
nginx/1.8.1
ETag
"57a1b4cb-957"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
X-Varnish
493613420 490325520
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Expires
Fri, 04 Mar 2022 10:40:52 GMT
shopclues_logo@2x.png
images.shopclues.com/images/ui/
3 KB
4 KB
Image
General
Full URL
https://images.shopclues.com/images/ui/shopclues_logo@2x.png
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.187.70 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx/0.8.55 /
Resource Hash
3b3f25cffb25d06bc06ef9b6ee9b33126dc3197642607580484b1d79139d43c1

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:16:15 GMT
Content-Encoding
gzip
Age
18466
grace
stale
Connection
keep-alive
Content-Length
3318
Access-Control-Allow-Origin
*
Last-Modified
Thu, 21 May 2020 07:36:10 GMT
Server
nginx/0.8.55
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
X-Varnish
653230583 638856597
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Expires
Fri, 04 Mar 2022 13:16:15 GMT
madeinindia.png
images.shopclues.com/images/ui/
12 KB
13 KB
Image
General
Full URL
https://images.shopclues.com/images/ui/madeinindia.png
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.187.70 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
51c883cd371f58fc12e29d2f8f0fd52146e5b5c22fec30b6cb2e404c1a1bb8dc

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:14:52 GMT
Content-Encoding
gzip
Age
18469
grace
stale
Connection
keep-alive
Content-Length
12687
Access-Control-Allow-Origin
*
Last-Modified
Wed, 20 May 2020 13:30:26 GMT
Server
nginx/1.8.1
ETag
W/"5ec530f2-3173"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
X-Varnish
653230584 646915262
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Expires
Fri, 04 Mar 2022 13:14:52 GMT
banner_default.jpg
the-citizenry.xyz/assets/images/
5 KB
6 KB
Image
General
Full URL
https://the-citizenry.xyz/assets/images/banner_default.jpg
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2717c2562ee9ec4c44f4ecca5a7207b55728ec7de622b807b1226cf96521c72
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:02 GMT
via
1.1 varnish-v4
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
grace
stale
cf-ray
62ad23997ebd4db2-FRA
cf-request-id
08a01493e700004db202979000000001
last-modified
Wed, 28 Feb 2018 09:05:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ph%2FxRRk2UGjixUgYfwpADhNrUPC572SuyUq2%2BDPfJ1fhsj3y9TthpSJzEV6oF6EHLSzEXcsds2LftMr0rnX7H5MqcvsIimemh7W8hViavnSkwvx%2FueYBzh%2Bm0lvxLA%3D%3D"}],"max_age":604800}
x-varnish
244842965 137495900
cache-control
public, max-age=14400
content-type
image/jpeg
expires
Fri, 04 Mar 2022 13:47:48 GMT
pgateway_dkt@2x.png
images.shopclues.com/images/ui/
19 KB
20 KB
Image
General
Full URL
https://images.shopclues.com/images/ui/pgateway_dkt@2x.png
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.187.70 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx/1.0.15 /
Resource Hash
1a01db92dade62153ff6523dcdc855d68abae50942f6278c288e5fa64f1afa5a

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:16:13 GMT
Content-Encoding
gzip
Age
18469
grace
stale
Connection
keep-alive
Content-Length
19914
Access-Control-Allow-Origin
*
Last-Modified
Wed, 29 Jan 2020 09:14:39 GMT
Server
nginx/1.0.15
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
X-Varnish
653230585 635327147
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Expires
Fri, 04 Mar 2022 13:16:13 GMT
shopclues-logo_new.jpg
images.shopclues.com/images/ui/
6 KB
6 KB
Image
General
Full URL
https://images.shopclues.com/images/ui/shopclues-logo_new.jpg
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.187.70 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx/0.8.55 /
Resource Hash
dfbf27213b44e770477471ea4a3c33aaaa71696583560717e1b19eea8c06683c

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 10:17:09 GMT
Content-Encoding
gzip
Age
29212
grace
stale
Connection
keep-alive
Content-Length
5797
Access-Control-Allow-Origin
*
Last-Modified
Thu, 21 May 2020 06:48:56 GMT
Server
nginx/0.8.55
ETag
"5ec62458-17fb"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
X-Varnish
493613422 490277913
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
image/jpeg
Access-Control-Allow-Headers
X-Requested-With
Expires
Fri, 04 Mar 2022 10:17:09 GMT
sc_home.bundle.e9f1e02a5845257c910d.js
js.shopclues.net/assets/js/dest/
264 KB
48 KB
Script
General
Full URL
https://js.shopclues.net/assets/js/dest/sc_home.bundle.e9f1e02a5845257c910d.js?ver=67
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.175.220 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
Apache /
Resource Hash
2ab1e11e7e6d21754c2892a914c39a66526d8fb3f423ef0b1562380d26d1af76
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 18:14:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
564
grace
stale
Connection
keep-alive
Content-Length
48900
Last-Modified
Mon, 22 Feb 2021 11:46:00 GMT
Server
Apache
X-FRAME-OPTIONS
SAMEORIGIN
X-Varnish
218302920 229475010
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Sat, 03 Apr 2021 18:14:38 GMT
css
fonts.googleapis.com/
6 KB
773 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: css.shopclues.net
URL: https://css.shopclues.net/assets/css/home.css?version=77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d94ed7d8a6c7ebc74ee7f0c9484e3ea0d2574a2c45eaa151e2e2bc67b9c9b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://css.shopclues.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 18:07:05 GMT
server
ESF
date
Thu, 04 Mar 2021 18:24:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 18:24:01 GMT
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
2204
date
Thu, 04 Mar 2021 17:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 04 Mar 2021 19:47:17 GMT
id
dpm.demdex.net/
368 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=20CC138653C6496B0A490D45%40AdobeOrg&d_nsid=0&ts=1614882241480
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-46-6.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
70c875445314cc1423926753fbc1cd6df4797a4b4c6d4efcdea2a7407f49c887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v089-04cb6f232.edge-irl1.demdex.com 5.80.6.20210202104731 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
yftO0FLKQBw=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://the-citizenry.xyz
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 GMT
EX513a1fc176d7407f8c5cd585dad0347e-libraryCode_source.min.js
assets.adobedtm.com/d03e06705343/1176ae807ff0/9fc557967d6e/
60 KB
21 KB
Script
General
Full URL
https://assets.adobedtm.com/d03e06705343/1176ae807ff0/9fc557967d6e/EX513a1fc176d7407f8c5cd585dad0347e-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e662a85f7a53e4767451d9df2c8a5edc4aa847828e5714d3797b6c6f348c84b3

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 05:55:36 GMT
server
AkamaiNetStorage
etag
"4550cf95893d74c75ab86f2dc1c6bb39:1612763736.968419"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://the-citizenry.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
20876
expires
Thu, 04 Mar 2021 19:24:01 GMT
gpt.js
www.googletagservices.com/tag/js/
57 KB
20 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d73e972201222b95ce924b6b8a0ff7094f1cfebb2b74b407a31be61ef8dc2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"801 / 408 of 1000 / last-modified: 1614859934"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19574
x-xss-protection
0
expires
Thu, 04 Mar 2021 18:24:01 GMT
truncated
/
6 KB
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90d46f9c15ba52508bedeab0db63aa69899e5a5b43c482a6911ae92504c2d41e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/javascript
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/
Redirect Chain
  • https://the-citizenry.xyz/2n4p1.js?maxqzx=aUx5H0tbAlgRHgdABFAZfw9XGV9GAUcYChInWgRUXk55EVISIWdQaRJfBC8ABjEBWRFzHkQcVGULVjtYRkEBQwYcXQJQGXkmYD19Hk5YGVpXTnMVUlkBHVByWhxbHVQdVgdeARxaBUACHFgFUGJTCFUCWB1...
  • https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js
57 KB
17 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c58fd2f4fe6a45a6bc4324358819acf1ca53d29ef276013c2ddda8e369d666
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3099810
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16963
cf-request-id
08a014964100001f25c4097000000001
timing-allow-origin
*
last-modified
Thu, 18 Jun 2020 22:30:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eebeaf9-e5ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2qwZ9r8vcpAbDmgYtxsNMz899DzI%2FZ%2BCnXorkvLmvED8rDAT1QrTO2DeJKFYdfOujfkJSsx5PZJZK%2BOUbE6T2F1ZuphpwTKsewgx%2FCCinAeOTJjHba8i4o9MGddyeUHoAQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62ad239d3e151f25-FRA
expires
Tue, 22 Feb 2022 18:24:02 GMT

Redirect headers

date
Thu, 04 Mar 2021 18:24:02 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fLTjdVidozhPav1Eqz%2FHaI7R0gNU8Z1zoTB9B8Ys4Hb35XUmZKwaeE06TWUIdb7kSJtQexvQq6EeZuO2zHt7QvUIgSBpGoWKhCG8hJQvO%2B5vqRDR0HlVFnX903E7Cg%3D%3D"}],"max_age":604800}
content-type
text/html; charset=utf-8
location
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js
cache-control
no-cache, no-store
cf-ray
62ad23997ec14db2-FRA
cf-request-id
08a01493ea00004db217bf5000000001
setUserzone
ridgewallet.website/
0
0

/
shopclues-log.qoo10.in/log/shopclues/
0
290 B
Image
General
Full URL
https://shopclues-log.qoo10.in/log/shopclues/?v=1&prl=https%3A%2F%2Fthe-citizenry.xyz%2F&lg=&cn=&mac_address=&app_code=web&kv=&cv=1614882241523&mid=
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-31.fra53.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:23:54 GMT
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA53-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private
content-length
0
x-amz-cf-id
-vxLB2wn882t8rMOl7bUTIPIlXDUkpEktqfRPfTfwaUjTI4rzQTdHA==
dkt_sprite_v3.png
images.shopclues.com/images/ui/
14 KB
14 KB
Image
General
Full URL
https://images.shopclues.com/images/ui/dkt_sprite_v3.png
Requested by
Host: css.shopclues.net
URL: https://css.shopclues.net/assets/css/home.css?version=77
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.187.70 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
484e9bc715773c3171a52123b2e5517bf47a25cc864b33d102683dcaeccee660

Request headers

Referer
https://css.shopclues.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:16:13 GMT
Content-Encoding
gzip
Age
18469
grace
stale
Connection
keep-alive
Content-Length
13912
Access-Control-Allow-Origin
*
Last-Modified
Tue, 28 Aug 2018 08:31:52 GMT
Server
nginx/1.10.3
ETag
W/"5b850878-3693"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
X-Varnish
639333751 646915271
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Expires
Fri, 04 Mar 2022 13:16:13 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://the-citizenry.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 05:52:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
563487
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 26 Feb 2022 05:52:34 GMT
social-ico@2x.png
images.shopclues.com/images/ui/
2 KB
2 KB
Image
General
Full URL
https://images.shopclues.com/images/ui/social-ico@2x.png
Requested by
Host: css.shopclues.net
URL: https://css.shopclues.net/assets/css/home.css?version=77
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.187.70 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
2011a39490f7c9891c37472b498d5ad7e1dd7fa2f75787f46fb1638b23656caf

Request headers

Referer
https://css.shopclues.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:16:14 GMT
Content-Encoding
gzip
Age
18467
grace
stale
Connection
keep-alive
Content-Length
1890
Access-Control-Allow-Origin
*
Last-Modified
Tue, 28 Jan 2020 07:41:39 GMT
Server
nginx/1.10.3
ETag
W/"5e2fe5b3-74b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
X-Varnish
639333754 647564995
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
image/png
Access-Control-Allow-Headers
X-Requested-With
Expires
Fri, 04 Mar 2022 13:16:14 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://the-citizenry.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
570323
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 03:58:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://the-citizenry.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 16:23:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
180016
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Wed, 02 Mar 2022 16:23:45 GMT
slick.js
www.shopclues.com/assets/js/
49 KB
11 KB
Script
General
Full URL
https://www.shopclues.com/assets/js/slick.js?ver=60&_=1614882241457
Requested by
Host: cdn.shopclues.com
URL: https://cdn.shopclues.com/images/ui/js/common_header.js?ver=67
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.168.163 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
Apache /
Resource Hash
3b02737265ae1b4efd1863da0de02be0bcf090e4b81c0df1a9e5186f36f42041
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 18:24:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
0
grace
live
Connection
keep-alive
Content-Length
10698
Last-Modified
Wed, 28 Feb 2018 09:05:07 GMT
Server
Apache
X-FRAME-OPTIONS
SAMEORIGIN
X-Varnish
247857207 247857208
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Sat, 03 Apr 2021 18:24:02 GMT
moe_webSdk.min.latest.js
cdn.moengage.com/webpush/
149 KB
42 KB
Script
General
Full URL
https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd8baf04a1abab80d88af87312ddae12c6fc333d2e6bf7f205966e4e1c07cae6

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:20:04 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 09:49:56 GMT
server
AmazonS3
age
238
etag
W/"bddbb356e32a30c96135e4eeade2e0e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
cache-control
max-age=1800
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
QHLxhwqUJBmuQOzR8bF84D2Rw218AYJ0xkJTQATVXlR2yqQ_VoewWA==
ec.js
www.google-analytics.com/plugins/ua/
3 KB
2 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 17:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2143
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Thu, 04 Mar 2021 18:48:18 GMT
collect
www.google-analytics.com/j/
2 B
196 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=330325050&t=pageview&_s=1&dl=https%3A%2F%2Fthe-citizenry.xyz%2F&ul=en-us&de=UTF-8&dt=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAIJRAAAAC~&jid=560195358&gjid=696135991&cid=1677299670.1614882242&tid=UA-98255941-1&_gid=838391781.1614882242&_r=1&_slc=1&z=146564922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://the-citizenry.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021030101.js
securepubads.g.doubleclick.net/gpt/
282 KB
100 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 09:37:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101543
x-xss-protection
0
expires
Thu, 04 Mar 2021 18:24:01 GMT
Cookie set dest5.html
shopclues.demdex.net/ Frame 5CB6
7 KB
3 KB
Document
General
Full URL
https://shopclues.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-46-6.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
shopclues.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://the-citizenry.xyz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=34621130768806249993666057939748152939
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://the-citizenry.xyz/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 11 Feb 2021 14:59:52 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=34621130768806249993666057939748152939;Path=/;Domain=.demdex.net;Expires=Tue, 31-Aug-2021 18:24:01 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
L17136AdQzE=
Content-Length
2785
Connection
keep-alive
id
cluesnetwork.sc.omtrdc.net/
2 B
319 B
XHR
General
Full URL
https://cluesnetwork.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=20CC138653C6496B0A490D45%40AdobeOrg&mid=34596076021761063213668585473413395549&ts=1614882241638
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5955cb7dcf-2kd8z
vary
Origin
x-c
main-1422.I3bac54.M0-478
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://the-citizenry.xyz
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YEElwQAAAKN80CkN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=34621130768806249993666057939748152939
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEElwQAAAKN80CkN
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEElwQAAAKN80CkN
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-46-6.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v089-0af65bc10.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
MEDvJqNkSK8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEElwQAAAKN80CkN
Date
Thu, 04 Mar 2021 18:24:01 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
json
shopclues.tt.omtrdc.net/m2/shopclues/mbox/
464 B
631 B
XHR
General
Full URL
https://shopclues.tt.omtrdc.net/m2/shopclues/mbox/json?mbox=target-global-mbox&mboxSession=08a13598052b41debd7a393e6112f20b&mboxPC=&mboxPage=cd8ab216b0eb48b0a97521435bdb05ff&mboxRid=4d6b8a1da98446df9be109007b454959&mboxVersion=1.8.2&mboxCount=1&mboxTime=1614885841596&mboxHost=the-citizenry.xyz&mboxURL=https%3A%2F%2Fthe-citizenry.xyz%2F&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&test=2&PageName=Home&PageType=Home&gmvMaster=experienceAexperienceA&CategoryID=Home&BrowserTime=19&SubCategory=NA&LeafCategory=NA&MetaCategory=Home&categoryCount=0&searchKeyword=nosearch&categoryValues=NA&user.categoryId=Home&categoryRecomCount=0&mboxMCSDID=25019F81CF8DD696-15629A497E76DAD4&vst.trk=cluesnetwork.sc.omtrdc.net&mboxMCGVID=34596076021761063213668585473413395549&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.166.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-166-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
78d1427f34a7208b738bfb6e97ae3be95135a1c06ad6f6f30c3a8ea7197ca5b7

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://the-citizenry.xyz
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
4d6b8a1da98446df9be109007b454959
js
www.google-analytics.com/gtm/
86 KB
34 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NKVCX22&cid=1677299670.1614882242
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9048455550f8e22c98d1e68d09501f31e073ae715c8f732225b47c03783133fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34840
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Mar 2021 18:24:01 GMT
collect
www.google-analytics.com/j/
2 B
25 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=330325050&t=pageview&_s=1&dl=https%3A%2F%2Fthe-citizenry.xyz%2F&ul=en-us&de=UTF-8&dt=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEILRAAAAC~&jid=890278238&gjid=268016399&cid=1677299670.1614882242&tid=UA-27831792-1&_gid=838391781.1614882242&_r=1&_slc=1&z=1294731875
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://the-citizenry.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
xAsl7SbbMnzKDTzphx3UxNj3sm6T5Ix8qFD3Mf3BPB0HLy6d6TdIWdXEAxl5HSkk33M1+S0rFXg5SksHnT2YQw==
x-fb-trip-id
2070227774
x-frame-options
DENY
date
Thu, 04 Mar 2021 18:24:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ast.js
cdn.atomex.net/static/js/pxs/7103/
3 KB
2 KB
Script
General
Full URL
https://cdn.atomex.net/static/js/pxs/7103/ast.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4800:1c:fe97:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3ced5517b1cdb5ea5cc5032435f5ace1ec7f93bd194ef91d01074dbd3b882f7c

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 11:30:54 GMT
content-encoding
gzip
x-goog-meta-gid
91
age
1147986
x-guploader-uploadid
ABg5-Uw-IC_4rSitpS2Zyu8o5WUri6SuxlRZK5hFD5LwKGlZtneRR3x5ofkax_yRV2AjImEYSK786P1PT6Knq10FS2E
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-meta-mtime
1494940054
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-mode
33188
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified
Thu, 29 Oct 2020 13:12:38 GMT
server
UploadServer
etag
W/"093c96f4044aeaf7e07d60d45dbccaf0"
vary
Accept-Encoding
x-goog-hash
crc32c=4xqrnw==, md5=CTyW9ARK6vfgfWDUXbzK8A==
x-goog-generation
1603977158009155
access-control-allow-origin
*
x-goog-meta-uid
91
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
2916
x-amz-cf-pop
FRA53-C1
content-type
text/javascript
x-amz-cf-id
9zEILEcPjLyA76k7iFAUc3kNg-6NS3kpvnUcKWyuI8neCfn3v6SMeA==
expires
Fri, 19 Feb 2021 12:30:54 GMT
B9863883.133225096;sz=1x2;ord=379607281230
ad.doubleclick.net/ddm/adj/N47605.197812NSO.CODESRV/
18 KB
7 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N47605.197812NSO.CODESRV/B9863883.133225096;sz=1x2;ord=379607281230?
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ac8be491690817d1a774c0cbaeeef41f9f6cce322f2dc7fdd8a77484919f9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6555
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/
28 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbb4cc2dcde1b446e1e944793a5cb11ff8dcec18fd942a49d6161c6750daf396

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:00 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 07:20:28 GMT
x-msedge-ref
Ref A: D84C40D7D32540A2AB14022E24BE5361 Ref B: FRAEDGE1309 Ref C: 2021-03-04T18:24:01Z
etag
"0464f8534fd71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8592
id
dpm.demdex.net/
368 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=20CC138653C6496B0A490D45%40AdobeOrg&d_nsid=0&d_mid=34596076021761063213668585473413395549&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1614882241804
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-46-6.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
745f561192ab2ec9c790a186922c5c33eee091de433f99d7680b1f5a2b209810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v089-04fcc454e.edge-irl1.demdex.com 5.80.6.20210202104731 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
ozSd9aGFRqg=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://the-citizenry.xyz
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-783880167
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a812f3990c5c00e2b86963d74a0a66f02b55c21f4a8236af6a4f6565f463ee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39432
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Mar 2021 18:24:01 GMT
1472433429693112
connect.facebook.net/signals/config/
241 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1472433429693112?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b65cef83505add4769ec6421d9adb573df88f3174e28dca048f7e03c81db0ee
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70630
x-fb-rlafr
0
pragma
public
x-fb-debug
5GxadHLBee9tWPEIfye5L/Q5TiTm2l8IkkF9pkmW9JOkd4VLVoZWPjayrfzwOLEbBnVsEioJtoe6sph0eKjhYA==
x-fb-trip-id
2070227774
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 04 Mar 2021 18:24:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
g.microsoft.com/clarity/
0
355 B
Script
General
Full URL
https://g.microsoft.com/clarity/0?test=1&ti=5218204
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.176 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://the-citizenry.xyz
Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 04 Mar 2021 18:24:01 GMT
cache-control
no-cache, must-revalidate
server
Microsoft-IIS/10.0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
148 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5218204&Ver=2&mid=63eac9e0-a1b3-4806-9c96-ad4eaa7498c2&sid=cb4badc07d1611eb97ff478949eb4013&vid=cb4bbc007d1611eb97d01f9339ad0d32&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men,%20women%20and%20kids%20fashion,%20home,%20kitchen,%20health,%20sports%20and%20more%20products%20at%20ShopClues&kw=online%20shopping%20india,%20mobiles%20phones,%20electronics,%20refrigerators%20online,%20shoes,%20footwear%20online%20shopping,%20laptops,%20tablets,%20kitchen%20appliances%20store,%20fashion,%20prices,%20shopclues.com&p=https%3A%2F%2Fthe-citizenry.xyz%2F&r=&lt=1294&evt=pageLoad&msclkid=N&sv=1&rn=715040
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 04 Mar 2021 18:24:00 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: BF2211DA719B493F9BB25305D4D351B7 Ref B: FRAEDGE1309 Ref C: 2021-03-04T18:24:01Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
411 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1472433429693112&ev=PageView&dl=https%3A%2F%2Fthe-citizenry.xyz%2F&rl=&if=false&ts=1614882241877&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614882241875.180928218&it=1614882241834&coo=false&rqm=GET
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 04 Mar 2021 18:24:01 GMT
conversion_async.js
www.googleadservices.com/pagead/
32 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-783880167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
0fadbe1e06ca947cfe99260be96d47e427e047adb36abc1569b6650969de845c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12508
x-xss-protection
0
server
cafe
etag
14827443887830809553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 04 Mar 2021 18:24:01 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
4 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 18:24:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
X-Check-Cacheable
YES
Cache-Control
max-age=74705
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
js
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-616260133&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-783880167
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ec64e42e18aa7568983486ade2577921f751d5a3631ac0571c1e7c10a572cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39460
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Mar 2021 18:24:01 GMT
spp.pl
sp.analytics.yahoo.com/
43 B
962 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10014075
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 18:24:02 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 18:24:02 GMT
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
63173
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1614882242.980144,VS0,VE0
x-served-by
cache-hhn11541-HHN
collect
www.google-analytics.com/
35 B
120 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=330325050&t=pageview&_s=2&dl=https%3A%2F%2Fthe-citizenry.xyz%2F&ul=en-us&de=UTF-8&dt=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEILRAAAAC~&jid=&gjid=&cid=1677299670.1614882242&tid=UA-98255941-1&_gid=838391781.1614882242&z=2129711909
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 18:55:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
84516
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
s65212607193389
cluesnetwork.sc.omtrdc.net/b/ss/clues-prod/1/JS-2.5.0-LBQ1/
43 B
221 B
Image
General
Full URL
https://cluesnetwork.sc.omtrdc.net/b/ss/clues-prod/1/JS-2.5.0-LBQ1/s65212607193389?AQB=1&ndh=1&pf=1&t=4%2F2%2F2021%2019%3A24%3A1%204%20-60&sdid=25019F81CF8DD696-15629A497E76DAD4&mid=34596076021761063213668585473413395549&aamlh=6&ce=ISO-8859-1&ns=cluesnetwork&cdp=2&pageName=Home&g=https%3A%2F%2Fthe-citizenry.xyz%2F&cc=INR&ch=Home&events=event4%3D14&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Home&c2=Home&v2=New&c3=Home&v3=notloggedin%3A&c6=Thursday&c11=https%3A%2F%2Fthe-citizenry.xyz%2F&c12=Home&c13=14&v18=https%3A%2F%2Fthe-citizenry.xyz%2F&v21=Home&v22=Home&v23=Home&v28=5.1.1&c34=https%3A%2F%2Fthe-citizenry.xyz%2F&v41=%7C&v44=New&c70=notloggedin%3A&v73=4-Mar-2021&v74=4-Mar-2021&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=20CC138653C6496B0A490D45%40AdobeOrg&AQE=1
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
x-content-type-options
nosniff
x-c
main-1422.I3bac54.M0-478
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 05 Mar 2021 18:24:01 GMT
server
jag
xserver
anedge-5955cb7dcf-h9xvd
etag
3467933207292411904-4621677257283441551
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 03 Mar 2021 18:24:01 GMT
RC9b83e759a35847aab2f1b2edfa83f971-source.min.js
assets.adobedtm.com/d03e06705343/1176ae807ff0/9fc557967d6e/
462 B
532 B
Script
General
Full URL
https://assets.adobedtm.com/d03e06705343/1176ae807ff0/9fc557967d6e/RC9b83e759a35847aab2f1b2edfa83f971-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
148581e4c159fd8740bcf739fc12a7c33a6d620a5e8a60b82b7a5f3e306f55b9

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 05:55:36 GMT
server
AkamaiNetStorage
etag
"4550cf95893d74c75ab86f2dc1c6bb39:1612763736.968419"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://the-citizenry.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
264
expires
Thu, 04 Mar 2021 19:24:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/
110 KB
34 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N47605.197812NSO.CODESRV/B9863883.133225096;sz=1x2;ord=379607281230?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Thu, 04 Mar 2021 18:24:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210302/r20110914/elements/html/
8 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210302/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N47605.197812NSO.CODESRV/B9863883.133225096;sz=1x2;ord=379607281230?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 18:13:16 GMT
view
googleads4.g.doubleclick.net/pcs/
0
437 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_FAztyApEJeVtazZzVXRqXmg8Z_5vilyUEKfV-WtsjMhhTqhdlCrvL6IBLiUjXvPxv3zGQmyhNf3LQaa02enSoZfVBlwOHas8fiV2O_IVYKDjUfPTGy6OyztUCL2N&sig=Cg0ArKJSzODR4jFkuXGZEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20210302.81034&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N47605.197812NSO.CODESRV/B9863883.133225096;sz=1x2;ord=379607281230?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 18:24:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1013387&time=1614882241920&url=https%3A%2F%2Fthe-citizenry.xyz%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1013387%26time%3D1614882241920%26url%3Dhttps%253A%252F%252Fthe-citizenry.xyz%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1013387&time=1614882241920&url=https%3A%2F%2Fthe-citizenry.xyz%2F&liSync=true
0
57 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1013387&time=1614882241920&url=https%3A%2F%2Fthe-citizenry.xyz%2F&liSync=true
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e3:101::6cae:b45 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:02 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-type
application/javascript
content-length
0
x-li-uuid
oKyX9tc2aRbwBKu4CCsAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
GgVe7dc2aRbQLQ93ySoAAA==
pragma
no-cache
x-li-pop
afd-prod-ltx1
x-msedge-ref
Ref A: 79DB7A62B9E44A72B7007C45A76734BD Ref B: FRAEDGE1312 Ref C: 2021-03-04T18:24:02Z
date
Thu, 04 Mar 2021 18:24:01 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1013387&time=1614882241920&url=https%3A%2F%2Fthe-citizenry.xyz%2F&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/783880167/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783880167/?random=1614882241925&cv=9&fst=1614882241925&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c474b6fccf454c0c00fa8d3dd93b06ead564d0a3c83d55e189aaf8fd4a108b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1105
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/783880167/
2 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/783880167/?random=1614882241927&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
2b6b5dbacdf2cb158e745e89eb8a7cf8180bf9e3f58eeeb8d4965dbcdf5d4621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1209
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/616260133/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616260133/?random=1614882241966&cv=9&fst=1614882241966&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd77444a12edb78edbb67159e8564bda14116d9213fd46e1bcb7141f26ac9488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1103
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/783880167/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/783880167/?random=1614882241925&cv=9&fst=1614880800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&async=1&fmt=3&is_vtc=1&random=1443989692&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/783880167/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/783880167/?random=1614882241925&cv=9&fst=1614880800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&async=1&fmt=3&is_vtc=1&random=1443989692&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/
43 B
448 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o0yfc&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fthe-citizenry.xyz%2F
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Thu, 04 Mar 2021 18:24:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b9948516c80265c8b378387a00809037
x-transaction
000b548c00e312b6
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.google.de/pagead/1p-conversion/783880167/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783880167/?random=1037561414&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
  • https://www.google.com/pagead/1p-conversion/783880167/?random=1037561414&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
  • https://www.google.de/pagead/1p-conversion/783880167/?random=1037561414&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
66 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/783880167/?random=1037561414&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wSVBYOaoPIfExgKosaSABA&cid=CAQSKQCNIrLMAqkSmviTp8X1siAOttZL7ow_hMecRwAHpAe-bDRCMA3jzGpx&random=3948057546&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/783880167/?random=1037561414&cv=9&fst=1614882241927&num=1&label=zGB4COGAoYsBEOef5PUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wSVBYOaoPIfExgKosaSABA&cid=CAQSKQCNIrLMAqkSmviTp8X1siAOttZL7ow_hMecRwAHpAe-bDRCMA3jzGpx&random=3948057546&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/616260133/
42 B
530 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/616260133/?random=1614882241966&cv=9&fst=1614880800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&async=1&fmt=3&is_vtc=1&random=1026842067&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/616260133/
42 B
530 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/616260133/?random=1614882241966&cv=9&fst=1614880800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&tiba=Online%20Shopping%20Site%20India%20-%20Shop%20Online%20for%20men%2C%20women%20and%20kids%20fashion%2C%20home%2C%20kitchen%2C%20health%2C%20sports%20and%20more%20products%20at%20ShopClues&async=1&fmt=3&is_vtc=1&random=1026842067&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: the-citizenry.xyz
URL: https://the-citizenry.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
109 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPHNAy1dnoHAJtone

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 04 Mar 2021 18:24:02 GMT
content-type
text/plain
access-control-allow-origin
https://the-citizenry.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
repeateduser
api.shopclues.com/api/v11/
44 B
534 B
XHR
General
Full URL
https://api.shopclues.com/api/v11/repeateduser?key=d42121c70dda5edfgd1df6633fdb36c0&platform=D&user_id=5.1.1
Requested by
Host: cdn.shopclues.com
URL: https://cdn.shopclues.com/images/ui/js/common_header.js?ver=67
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
180.179.175.129 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx / PHP/7.2.34
Resource Hash
b2dcd3fdde3b9f14574360bf521769f3d06222d3fed77229928cd7b3cc4c5d4f

Request headers

Accept
*/*
Referer
https://the-citizenry.xyz/
Authorization
djExL3JlcGVhdGVkdXNlcj9rZXk9ZDQyMTIxYzcwZGRhNWVkZmdkMWRmNjYzM2ZkYjM2YzA0NWNhZGFjNDZiMWRjMDQxODZjMWZkMWQyYjFhYjAwOFRodSwgMDQgTWFyIDIwMjEgMTg6MjQ6MDIgR01U
X-Date
Thu, 04 Mar 2021 18:24:02 GMT
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Source
RN

Response headers

Date
Thu, 04 Mar 2021 18:24:03 GMT
Content-Encoding
gzip
Age
0
X-Powered-By
PHP/7.2.34
grace
live
Connection
keep-alive
Content-Length
62
Access-Control-Allow-Origin
*
Server
nginx
Vary
Accept-Encoding
X-Varnish
303268549 303268550
Via
1.1 varnish-v4
cache-control
public
Accept-Ranges
bytes
Content-Type
application/json
Access-Control-Allow-Headers
Authorization,X-Date,X-Source
Expires
Thu, 04 Mar 2021 18:24:03 GMT
repeateduser
api.shopclues.com/api/v11/ Frame
0
0
Preflight
General
Full URL
https://api.shopclues.com/api/v11/repeateduser?key=d42121c70dda5edfgd1df6633fdb36c0&platform=D&user_id=5.1.1
Protocol
HTTP/1.1
Server
180.179.175.129 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
nginx / PHP/7.2.34
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,x-date,x-source
Origin
https://the-citizenry.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 04 Mar 2021 18:24:02 GMT
Server
nginx
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Authorization,X-Date,X-Source
Cache-Control
max-age=0
Expires
Thu, 04 Mar 2021 18:24:02 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
59
Content-Type
application/json
X-Varnish
302842239 302842240
Age
0
Via
1.1 varnish-v4
grace
live
Connection
keep-alive
Accept-Ranges
bytes
integrator.js
adservice.google.de/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=the-citizenry.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 18:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=the-citizenry.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 18:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
434 B
841 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1570769028471624&correlator=1383249527493261&output=ldjh&impl=fifs&eid=31060326%2C21064369&vrg=2021030101&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=124148007%2Chome_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&cust_params=LLC%3DHome%26LMC%3DHome%26LPID%3D%26LSC%3DHome&cookie_enabled=1&bc=31&abxe=1&lmt=1614882242&dt=1614882242789&dlt=1614882240681&idt=1086&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=2278&adks=2500934684&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Fthe-citizenry.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1844&msz=1600x90&ga_vid=1677299670.1614882242&ga_sid=1614882243&ga_hid=330325050&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
2acdf2ba98906404047605147c23111b394a32efbb551adb6a0d7a5bed77e985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://the-citizenry.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0b39fa9ab255feefd62b92c0e037bc41.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://0b39fa9ab255feefd62b92c0e037bc41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

websdksettings
sdk-01.moengage.com/
11 KB
3 KB
XHR
General
Full URL
https://sdk-01.moengage.com/websdksettings?app_id=ZJ56N4HWQ6IYU9XD17LSC086&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.226.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-226-69.compute-1.amazonaws.com
Software
nginx /
Resource Hash
668f3616f703e13ffa690350bf96294741dfcfd176c4f2b27e2c4ef798b87d12

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:03 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 04 Mar 2021 18:24:02 GMT
adsct
analytics.twitter.com/i/
31 B
650 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o0yfc&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthe-citizenry.xyz%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Thu, 04 Mar 2021 18:24:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d2d09f11c53c0eeafb5003331938d90e
x-transaction
007106e300116bd8
expires
Tue, 31 Mar 1981 05:00:00 GMT
1x1.gif
datacdn.atomex.net/data/6062/
Redirect Chain
  • https://datacdn.atomex.net/data/6062/1x1.gif?client_id=7103&t=r&channel=web&f=v
  • https://datacdn.atomex.net/data/6062/1x1.gif?client_id=7103&t=r&channel=web&f=v&sync_check=cbf426a1-7d16-11eb-b55e-42010a7d2858
43 B
125 B
Image
General
Full URL
https://datacdn.atomex.net/data/6062/1x1.gif?client_id=7103&t=r&channel=web&f=v&sync_check=cbf426a1-7d16-11eb-b55e-42010a7d2858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.206.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.206.102.34.bc.googleusercontent.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:03 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif; charset=UTF-8
alt-svc
clear
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:02 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
/data/6062/1x1.gif?client_id=7103&t=r&channel=web&f=v&sync_check=cbf426a1-7d16-11eb-b55e-42010a7d2858
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34e2d31b0f69e0cba8116df5ad626a9ae14308275bfe7ef9876fa24b63d9905d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 18:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6549
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 04 Mar 2021 18:24:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 86E0
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://the-citizenry.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://the-citizenry.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Thu, 04 Mar 2021 17:30:03 GMT
expires
Fri, 04 Mar 2022 17:30:03 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3240
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 86E0
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
253884
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 01 Mar 2022 19:52:39 GMT
ZJ56N4HWQ6IYU9XD17LSC086
sdk-01.moengage.com/v3/sdkconfig/web/
84 B
445 B
XHR
General
Full URL
https://sdk-01.moengage.com/v3/sdkconfig/web/ZJ56N4HWQ6IYU9XD17LSC086?
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.226.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-226-69.compute-1.amazonaws.com
Software
nginx /
Resource Hash
59067db46cbaef6f220c5c7548d5cbfb911e561e9879082c806a6c3a227aeb09

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:24:03 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 04 Mar 2021 18:24:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
137 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030101&jk=1570769028471624&bg=!tbaltvXNAAWsVXnBrDsAKQB2-DxaxJGiQ2wOg8vuFAltM7pYT_lDQAsVufGnS-AhmGTgao80_Qu6AgAAAEFSAAAADGgBBwoAM4HiRLW4zn5y58YQ3jGWLtetP5H4cV6VW-SA5N7vrQaItcwrkYRpLN8JP85EGywGaIKUwpkB49dWKA_6gaDr5P5CGWKV6NaCRnWFQpdK3B8mo4GF-9VTsxYowt1yfQRUCPwFMtTFAGS-vDCWD03qtSKUcIEIyrzCRQiysceY-_aPeclqNgxTsKpwgBBRGiz9cv5r1ND9zeRidtnqNfU8x1_xSFu8AAZ1NHvZ5-3mlTIPO6Bnua2cl--HlnEpD7HRNRYLv7itfwtAo10oOqwzczW7podTWs8oHyCSpoM5QSpOBZbYVweOzvw5H0eYjF7YPZ6IuUffx46QXFqD_incsNbErrP6SDiInh9Ut0DnraAhzgHToulKdgnPVMG0stszfrfy-QC47U7pKlSq3jwUsXP54fEyq63v9un7170PwnxhUQYrqginQaryxwQ0-lEVdAfr-s-54zEmnBQH8dbFsJRiGfEyfy4mAp6zEvkP3_aSG_wsHcP0Tt9W4gHd-oYFwl5UqQ6JDGhw5BEQLxRfF3HbGDO3eaq8Ec1mCzRs0Okxa04DvbwzijKdJXa7e7ZuZKQkg2HZ-IXhZnc6boqVqzGJLqZxrBnGXmcTor-kXYMj3gcBEBO2Lyo4oBO4oIl9FSVHN7oP4bIXLfnwt9XM0PmqpligKALlGpvG2H3BBiTZRktZ9ICAmDL9ll0rbpGw2Gmgu1YGLp2kyg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://the-citizenry.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 18:24:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ridgewallet.website
URL
https://ridgewallet.website/setUserzone

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| divolte object| SC function| ReadCookie function| SetCookie function| getScrollXY function| getDocHeight function| $ function| jQuery string| pid string| pagelayout string| page_url string| cont string| product_status string| outOfStock string| percentage_z string| classadd function| addZoneProducts_category function| addZoneProducts_pdp object| _satellite boolean| __satelliteLoaded string| GoogleAnalyticsObject function| ga object| adobe function| Visitor object| s_c_il number| s_c_in object| googletag function| replace_special_symbol object| _0x818f35 function| _0x0fb11b object| f function| enc object| a string| b function| OnfocusChange function| OnChangeName function| OnChangePhone function| OnChangeDob string| new_login_url object| allGids function| qoo10AlreadyLogin string| base_url string| cookieDomain number| city_cookie_lifetime undefined| city_id function| userZoneCityPincode string| secure_base_url string| curl_base_url_secure string| curl_base_url string| search_url string| cookieExpire number| zettata_threshold string| abDays string| HomepageConfig string| ConfigRowCount string| ConfigColumnCount string| ConfigColumnWidth string| ConfigLoadAll string| perPage_limit string| product_perpage_limit string| loadMore_limit string| campaignWrapperApi string| personalizationApi object| cookieDelete string| oldUiSearch string| productCount string| saleboosterOnoff string| gid_visitorid object| infiniteScrollConfig string| strategicApi string| gid_strategic string| gid_prsnl_ab string| gold_gid string| mfc_time string| best_seller_expNum number| key_feature_plp number| log_ajax_http object| dataLayer function| dfpTagPositioning function| adzone_click function| fireGoogleAdsHome function| googleDisplayHome function| criteoAds string| login_url function| toastMessage function| imageError function| microAjax function| fn_get_atom_cart object| s_lgnctype object| s_lgncvalue object| logintype_value string| isloggedin string| userID string| usertype string| email string| fname string| lname string| visitor_id_header string| visitorId string| sc_loc undefined| timeoutId object| pincodePattern string| pincode string| show_pincode number| loc_cookie_lifetime number| loc_fail_timeout number| loc_hide_timeout string| zone_message function| ajax_request function| save_loc_cookie function| getLocation function| geolocFail string| zone function| showPosition undefined| url undefined| postdata function| userZoneFromPincode object| digitalData function| srch_sugg_panel function| hide_srch_sugg_panel string| utm_source string| source string| utm_campaign string| utm_medium number| cookie_duration undefined| page_detail object| qoo_data string| qoo_url string| key boolean| def object| qoo_img string| user_segment string| seg function| appendToken object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| searchKey object| autosuggest string| catValues object| searchPage object| Manifest string| moengage_object object| t function| q string| k function| moe function| Moengage object| moengage_q object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager object| google_optimize function| URLParameter function| s_doPlugins function| scontains function| rcontains function| s_getLoadTime function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s string| sc_code_ver number| s_loadT number| s_objectID number| s_giq function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ttMETA function| fbq function| _fbq string| cur_url string| _atm_client_id object| _atm_params number| randomNumber object| scriptTag object| insertionNode string| conversionTag object| uetq string| moeBannerText function| MoengagePageEventHistroyManager object| moeInternals function| UET function| gtag string| _linkedin_partner_id object| _linkedin_data_partner_ids function| twq string| internal string| y function| decodeBase64 number| isVisitStart string| x object| s_i_clues-prod function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc function| lintrk boolean| _already_called_lintrk function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| omrhp number| __google_lidar_ number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| osdlfm object| twttr function| moment function| convertdigitalData1 function| convertdigitalData function| getdigitalData function| getCOOKIE function| retCookie boolean| coreJSLoaded object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

21 Cookies

Domain/Path Name / Value
the-citizenry.xyz/ Name: ruserd
Value: slogn
.the-citizenry.xyz/ Name: s_cc
Value: true
.the-citizenry.xyz/ Name: s_ptc
Value: %5B%5BB%5D%5D
.the-citizenry.xyz/ Name: _fbp
Value: fb.1.1614882241875.180928218
.the-citizenry.xyz/ Name: AMCV_20CC138653C6496B0A490D45%40AdobeOrg
Value: -637568504%7CMCIDTS%7C18691%7CMCMID%7C34596076021761063213668585473413395549%7CMCAAMLH-1615487041%7C6%7CMCAAMB-1615487041%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1614889441s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18698%7CMCCIDH%7C0%7CvVersion%7C5.1.1
.the-citizenry.xyz/ Name: gpv2
Value: Home
.the-citizenry.xyz/ Name: gpv
Value: Home
.demdex.net/ Name: demdex
Value: 34621130768806249993666057939748152939
.the-citizenry.xyz/ Name: visit_st
Value: 1
.the-citizenry.xyz/ Name: _gat
Value: 1
.the-citizenry.xyz/ Name: _uetvid
Value: cb4bbc007d1611eb97d01f9339ad0d32
.the-citizenry.xyz/ Name: __cfduid
Value: d41ac7f59d43a11c13c1eee42752429301614882240
.the-citizenry.xyz/ Name: AMCVS_20CC138653C6496B0A490D45%40AdobeOrg
Value: 1
.the-citizenry.xyz/ Name: s_nr
Value: 1614882241900-New
.the-citizenry.xyz/ Name: _gid
Value: GA1.2.838391781.1614882242
.the-citizenry.xyz/ Name: gpv1
Value: Home
.the-citizenry.xyz/ Name: mbox
Value: session#08a13598052b41debd7a393e6112f20b#1614884102|PC#08a13598052b41debd7a393e6112f20b.37_0#1678127042
.the-citizenry.xyz/ Name: _uetsid
Value: cb4badc07d1611eb97ff478949eb4013
.the-citizenry.xyz/ Name: _gat_sc
Value: 1
.the-citizenry.xyz/ Name: at_check
Value: true
.the-citizenry.xyz/ Name: _ga
Value: GA1.2.1677299670.1614882242

13 Console Messages

Source Level URL
Text
console-api log URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 15)
Message:
target rule
console-api log URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 2)
Message:
TypeError: Cannot read property 'sub_cat' of null
console-api log URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 2)
Message:
TypeError: Cannot read property 'split' of null
console-api log (Line 2)
Message:
Fire Moengage Web Push
console-api log URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 11)
Message:
inside excTypeError: Cannot read property 'setItem' of null
console-api warning URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("utm_source").
console-api warning URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("utm_source").
console-api warning URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("utm_source").
console-api warning URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("utm_source").
console-api warning URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("prp25").
console-api warning URL: https://assets.adobedtm.com/a27f844e6d39b151a4c50628d74d0027a93ce93f/satelliteLib-7d2f0d5af2e6977e292dd2fe9c51476f8ebb4e6b.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("pincode").
console-api log URL: https://assets.adobedtm.com/d03e06705343/1176ae807ff0/9fc557967d6e/EX513a1fc176d7407f8c5cd585dad0347e-libraryCode_source.min.js(Line 2)
Message:
Marketing Channel Error: TypeError: Cannot read property 'length' of undefined
console-api log (Line 4)
Message:
Loaded

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0b39fa9ab255feefd62b92c0e037bc41.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
api.shopclues.com
assets.adobedtm.com
bat.bing.com
cdn.atomex.net
cdn.moengage.com
cdn.shopclues.com
cdnjs.cloudflare.com
cluesnetwork.sc.omtrdc.net
cm.everesttech.net
connect.facebook.net
css.shopclues.net
datacdn.atomex.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
g.microsoft.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
images.shopclues.com
js.shopclues.net
pagead2.googlesyndication.com
px.ads.linkedin.com
ridgewallet.website
sdk-01.moengage.com
securepubads.g.doubleclick.net
shopclues-log.qoo10.in
shopclues.demdex.net
shopclues.tt.omtrdc.net
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
t.co
the-citizenry.xyz
tpc.googlesyndication.com
tracker.shopclues.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.shopclues.com
ridgewallet.website
104.244.42.133
104.244.42.3
142.250.185.66
142.250.185.70
142.250.186.34
143.204.209.31
172.217.16.130
180.179.168.163
180.179.175.129
180.179.175.143
180.179.175.220
180.179.187.70
199.232.136.157
212.82.100.181
216.58.212.130
2600:9000:214f:4800:1c:fe97:6d00:93a1
2606:4700:3035::6815:5bc9
2606:4700::6810:125e
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:299::1e80
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
3.213.226.69
34.102.206.241
34.249.46.6
34.252.166.160
34.255.166.243
35.181.18.61
52.142.114.176
64.185.181.238
65.9.96.119
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b65cef83505add4769ec6421d9adb573df88f3174e28dca048f7e03c81db0ee
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fadbe1e06ca947cfe99260be96d47e427e047adb36abc1569b6650969de845c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
148581e4c159fd8740bcf739fc12a7c33a6d620a5e8a60b82b7a5f3e306f55b9
1a01db92dade62153ff6523dcdc855d68abae50942f6278c288e5fa64f1afa5a
1c474b6fccf454c0c00fa8d3dd93b06ead564d0a3c83d55e189aaf8fd4a108b5
1d73e972201222b95ce924b6b8a0ff7094f1cfebb2b74b407a31be61ef8dc2da
2011a39490f7c9891c37472b498d5ad7e1dd7fa2f75787f46fb1638b23656caf
2ab1e11e7e6d21754c2892a914c39a66526d8fb3f423ef0b1562380d26d1af76
2acdf2ba98906404047605147c23111b394a32efbb551adb6a0d7a5bed77e985
2b6b5dbacdf2cb158e745e89eb8a7cf8180bf9e3f58eeeb8d4965dbcdf5d4621
2ec64e42e18aa7568983486ade2577921f751d5a3631ac0571c1e7c10a572cf7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34e2d31b0f69e0cba8116df5ad626a9ae14308275bfe7ef9876fa24b63d9905d
3a5c69fb5f3521de2f6b49958452b62d680bc2af23cd868b8550ce9e9bb689a1
3b02737265ae1b4efd1863da0de02be0bcf090e4b81c0df1a9e5186f36f42041
3b3f25cffb25d06bc06ef9b6ee9b33126dc3197642607580484b1d79139d43c1
3ced5517b1cdb5ea5cc5032435f5ace1ec7f93bd194ef91d01074dbd3b882f7c
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
484e9bc715773c3171a52123b2e5517bf47a25cc864b33d102683dcaeccee660
49834fc746648d84e3b8976ea6748746c3dfa1ed453b2e90eaac24df56d15052
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
51c883cd371f58fc12e29d2f8f0fd52146e5b5c22fec30b6cb2e404c1a1bb8dc
59067db46cbaef6f220c5c7548d5cbfb911e561e9879082c806a6c3a227aeb09
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
668f3616f703e13ffa690350bf96294741dfcfd176c4f2b27e2c4ef798b87d12
66c58fd2f4fe6a45a6bc4324358819acf1ca53d29ef276013c2ddda8e369d666
6a812f3990c5c00e2b86963d74a0a66f02b55c21f4a8236af6a4f6565f463ee6
70c875445314cc1423926753fbc1cd6df4797a4b4c6d4efcdea2a7407f49c887
745f561192ab2ec9c790a186922c5c33eee091de433f99d7680b1f5a2b209810
78d1427f34a7208b738bfb6e97ae3be95135a1c06ad6f6f30c3a8ea7197ca5b7
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d94ed7d8a6c7ebc74ee7f0c9484e3ea0d2574a2c45eaa151e2e2bc67b9c9b25
9048455550f8e22c98d1e68d09501f31e073ae715c8f732225b47c03783133fa
90d46f9c15ba52508bedeab0db63aa69899e5a5b43c482a6911ae92504c2d41e
91cfc149ee0257d377394e42db492b41953403ebb6866bdf5f298d0318e97b3a
922f6986a270a423882dfb2327b5e4ac12527c5c219904547a3cbccd840c0551
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2717c2562ee9ec4c44f4ecca5a7207b55728ec7de622b807b1226cf96521c72
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac8be491690817d1a774c0cbaeeef41f9f6cce322f2dc7fdd8a77484919f9a3d
b2dcd3fdde3b9f14574360bf521769f3d06222d3fed77229928cd7b3cc4c5d4f
bbb4cc2dcde1b446e1e944793a5cb11ff8dcec18fd942a49d6161c6750daf396
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c169185a41d028f5b6df3ec6bd1230a7c02f386bc1a8cede489c2341204e11b0
c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4
cd8baf04a1abab80d88af87312ddae12c6fc333d2e6bf7f205966e4e1c07cae6
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceb39ec4367246ce0e03edfd1364700a7cf17caf9beb037c2cff9db531b72dda
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfbf27213b44e770477471ea4a3c33aaaa71696583560717e1b19eea8c06683c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e662a85f7a53e4767451d9df2c8a5edc4aa847828e5714d3797b6c6f348c84b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5b9b61fa562e6c0a59045f0e9611b49338b02471a55ed5342f4cb21562ad79d
fd77444a12edb78edbb67159e8564bda14116d9213fd46e1bcb7141f26ac9488