urlscan.io logo urlscan.io
SecurityTrails logo

citipagestest.ciflatpacks.com Open in urlscan Pro
145.239.170.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://citipagestest.ciflatpacks.com/
Submission: On March 21 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 40 HTTP transactions. The main IP is 145.239.170.100, located in France and belongs to OVH, FR. The main domain is citipagestest.ciflatpacks.com.
TLS certificate: Issued by R3 on January 20th 2023. Valid for: 3 months.
This is the only time citipagestest.ciflatpacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    145.239.170.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-145-239-170.eu
citipagestest.ciflatpacks.com
12    143.204.215.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-51.fra53.r.cloudfront.net
assets.centralindex.com
dkthlrncwzdcx.cloudfront.net
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
37a8bbc54578b9ec045108273cb1dae9.safeframe.googlesyndication.com
4    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
11 centralindex.com
assets.centralindex.com — Cisco Umbrella Rank: 272921
58 KB
8 googlesyndication.com
37a8bbc54578b9ec045108273cb1dae9.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 134
40 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 305
fonts.googleapis.com — Cisco Umbrella Rank: 34
154 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
135 KB
3 ciflatpacks.com
citipagestest.ciflatpacks.com
42 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 784
48 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 29106
531 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
27 KB
1 cloudfront.net
dkthlrncwzdcx.cloudfront.net
10 KB
0 yellzz.com Failed
webcom.yellzz.com Failed
40 13
Domain Requested by
11 assets.centralindex.com citipagestest.ciflatpacks.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 citipagestest.ciflatpacks.com citipagestest.ciflatpacks.com
2 www.google-analytics.com citipagestest.ciflatpacks.com
www.google-analytics.com
2 fonts.googleapis.com assets.centralindex.com
2 ajax.googleapis.com citipagestest.ciflatpacks.com
2 maxcdn.bootstrapcdn.com citipagestest.ciflatpacks.com
maxcdn.bootstrapcdn.com
1 www.google.com tpc.googlesyndication.com
1 37a8bbc54578b9ec045108273cb1dae9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.fr securepubads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com citipagestest.ciflatpacks.com
1 dkthlrncwzdcx.cloudfront.net citipagestest.ciflatpacks.com
0 webcom.yellzz.com Failed citipagestest.ciflatpacks.com
40 17

This site contains links to these domains. Also see Links.

Domain
www.192.com
centralindex.com
www.scoot.co.uk
Subject Issuer Validity Valid
citipagestest.ciflatpacks.com
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh
assets.centralindex.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-07-13		 4 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://citipagestest.ciflatpacks.com/
Frame ID: 8E8EC5EC7160B3653CAC06B094B8099F
Requests: 34 HTTP requests in this frame

Frame: https://37a8bbc54578b9ec045108273cb1dae9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9BC15C18C808F4A1873885C75484180
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3E81FE10A07A30CE416F28268DB47E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C0B13248271B227A18CC035A67D9F484
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to the Tunbridge Wells Pages directory

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

40
Requests

98 %
HTTPS

86 %
IPv6

13
Domains

17
Subdomains

15
IPs

3
Countries

552 kB
Transfer

1297 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citipagestest.ciflatpacks.com/ 		34 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.239.170.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-145-239-170.eu
Software
nginx / Central Index
Resource Hash
a76f6db44e5803983c0ee0bca33d2cc860b88e9f3e68baba4550d0f69832be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 21 Mar 2023 08:34:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Central Index
x-robots-tag
noindex, nofollow, noarchive
x-wolf-app-server-info
serverhost ci-capp04, env production, sitehost citipagestest.ciflatpacks.com, fpHost citipagestest.ciflatpacks.com, conf production
x-xss-protection
1; mode=block
core-bootstrap.css.gz
assets.centralindex.com/assets/css/ 		98 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/css/core-bootstrap.css.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9144db69916d671d76b2aefb397317b33e4be3f6e6031345e06624d703feed5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:15:22 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2016 12:26:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
15540
etag
"a7bbc3be177c1f91411a2f200315398e"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
31536000
accept-ranges
bytes
content-length
16284
x-amz-cf-id
aF7B3z7KmXqhTlQqRPnnD9kaO_4Pb5BOROp7PtJzQFnpu7xzVef3WA==
core-bootstrap-responsive.css.gz
assets.centralindex.com/assets/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/css/core-bootstrap-responsive.css.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d967fafc7b6f40095c9396f71387da404817dfa67169dc0a3545eb382acc9841

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 18:33:47 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2016 12:26:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
50578
etag
"52757c5924eccc798633fc996e17e16d"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
31536000
accept-ranges
bytes
content-length
3049
x-amz-cf-id
4dBFrsoaa5MvGUDgaK11N7NEuD8hfVR1k4hAL9oQChJ_G8LVnG8lFw==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/3.2.1/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1072
age
1043940
cdn-cachedat
12/25/2022 15:23:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"7fbe76cdac6093784895bb4989203e5a"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fd1300af20f914538ad687ff6f96adff
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
7ab4daf21c1ad6ba-CDG
cdn-requestpullsuccess
True
bootstrap-image-gallery.min.css.gz
assets.centralindex.com/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/css/bootstrap-image-gallery.min.css.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a50fa42f0de3934ca52516cdea7b29c86602bbe70e11244c1718e415bae4c31

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 19:51:53 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2016 12:26:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
45749
etag
"f38c4fbf295bcf6caac6ab291499150c"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
31536000
accept-ranges
bytes
content-length
797
x-amz-cf-id
bnd52cCZjEqgfi29N-QbHNUZeVEMr5XhMBLPGzlycKgMrCVyUDaxuQ==
core-flatpack-theme.css.gz
assets.centralindex.com/assets/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/css/core-flatpack-theme.css.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d810da8586c243ef2ecad484dd67ff43bca78a40411e2b576d4aee4752e7619a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 20:00:20 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Sep 2018 18:31:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
45242
etag
"e1ec5f17303fb6aa3c92d12976ccbb34"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
8813
x-amz-cf-id
UkA3sVESLlFVInBO48mbQm-Fuq6LDvsHYcFyXnxH7TfFeygm3x2sWw==
4f23c97d5c0ebc4836caf548ee07a0de.css
assets.centralindex.com/stylesheets/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/stylesheets/4f23c97d5c0ebc4836caf548ee07a0de.css
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d74eeb3dd47fa2837ff18318b077ff10acadaf98523b4223a74442c5c33c32c0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 11:18:00 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Wed, 25 Sep 2019 10:22:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
76582
etag
"4f23c97d5c0ebc4836caf548ee07a0de"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1547
x-amz-cf-id
nZvTabsJjEK6UDZ3iHQ-MYEW7UMqLaa3G-Vw4DDWVMOVv09WjxIfwQ==
core-yext.js
citipagestest.ciflatpacks.com/js/ 		609 B
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://citipagestest.ciflatpacks.com/js/core-yext.js
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.239.170.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-145-239-170.eu
Software
nginx / Central Index
Resource Hash
7332aeadaa63af6487b0d4ec9433bb4f377ea49dfd77098b515d296b4abb7af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:21 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
Central Index
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
x-xss-protection
1; mode=block
b8ec974fe6b3c39475c3fbb35bd3a838.png
assets.centralindex.com/M/52/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.centralindex.com/M/52/b8ec974fe6b3c39475c3fbb35bd3a838.png
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b55c0804c7a814165dfee657469b694546293568803e399e2d42acbc5aacd9cf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:22 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2016 15:44:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"90e25876229771ee75231a87af02cf6a"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=22896000,public
accept-ranges
bytes
content-length
10502
x-amz-cf-id
sdsFl2GqpvDKAS0MV6uCjtsM1Toh9o9zv6DjZ1SYV5crADjV33Joww==
45232bb37600ae948dc5f1748b06f75f.png
dkthlrncwzdcx.cloudfront.net/J/37/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkthlrncwzdcx.cloudfront.net/J/37/45232bb37600ae948dc5f1748b06f75f.png
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f3a2876a41719b33562066ddbad7c9bbed073587ea155c594d6fe3e39d44824

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 23:44:57 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2016 11:19:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3574165
etag
"5f4c29914a4460a9134dae1310692a35"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=22896000,public
accept-ranges
bytes
content-length
9687
x-amz-cf-id
l05vxh_GpBvwcjidNlG5C6R1_6E9NcuITP3egp62wqm7QRkF6OJLhw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 22:58:56 GMT
x-content-type-options
nosniff
age
34525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93435
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Mar 2024 22:58:56 GMT
jquery.masonry.min.js.gz
assets.centralindex.com/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/js/jquery.masonry.min.js.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a06cf6f55b2b2c771df7f641f2fde8b9c348c830558aba8e4d30f5b08773276

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 19:51:55 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2016 11:02:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
45747
etag
"10f0c64e3ed8e1b2c1addd8030bdf711"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
31536000
accept-ranges
bytes
content-length
2202
x-amz-cf-id
pIvhiMnzueddUzJ65paiNGPoIBynBn17jCQ1JtoOMKtxbg4ELp806Q==
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.9.0/ 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.9.0/jquery-ui.min.js
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c1b666f05c3d98e4e067d1e3d9297d77a60b3c12ba54312d1bc1bacf7656fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 18:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62003
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 21:54:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 18:02:54 GMT
bootstrap.min.js.gz
assets.centralindex.com/assets/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/js/bootstrap.min.js.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:03:52 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2016 11:01:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1986
etag
"140fd4690349d5c7d402e3147819622c"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
31536000
accept-ranges
bytes
content-length
7529
x-amz-cf-id
pc85VzyP3orizu6HmnCt4mJLpk1yB3roSNpo22Md8XiBD8I9AQrmVQ==
flatpack.min.js
citipagestest.ciflatpacks.com/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citipagestest.ciflatpacks.com/js/flatpack.min.js
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.239.170.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-145-239-170.eu
Software
nginx / Central Index
Resource Hash
c5477b13b6e05456f6d042e704b54f258a3025bea21f8147e492c91d292ff916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:21 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
Central Index
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
x-xss-protection
1; mode=block
load-image.min.js.gz
assets.centralindex.com/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/js/load-image.min.js.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b49885ee9e161e5595dfe428642255234d8d557c85699bb8bba72499717498c5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 17:34:46 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2016 11:02:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
53976
etag
"ab3692e8ebabba527ca37007befdbdd6"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
31536000
accept-ranges
bytes
content-length
1173
x-amz-cf-id
ZK8r9uV12CycodVEtAQtsP7r4HcbEJqdaNxFrJYV-0sHC7rbaI2lbA==
bootstrap-image-gallery.min.js.gz
assets.centralindex.com/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/js/bootstrap-image-gallery.min.js.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
616c31f947d6f9e3025f4e165a438768f4d8448b0969ea4035fbbbded61afe5a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 18:45:37 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2016 11:02:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
49725
etag
"5bccdc51226ae1b701160449ed4687b2"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
31536000
accept-ranges
bytes
content-length
2094
x-amz-cf-id
Z4RbKSYcszW-7rXojW1KfmGAa6h-3CdDwMzqNLJ3UlXdWwAQoeSB0g==
ticker.js.gz
assets.centralindex.com/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.centralindex.com/assets/js/ticker.js.gz
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
534c509d2f6919bd668286d36f606192610bc3030fc342b1f05af99a582040ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 21:15:51 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2016 11:02:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
45747
etag
"26d9274e467642fb539550948eae9678"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
31536000
accept-ranges
bytes
content-length
1244
x-amz-cf-id
cpCDOA3AiDoF0ga-MrZx3XP_XCPeFozUaTDdVgiqNCe9S4q_hitAmQ==
yellzz-initial.js
webcom.yellzz.com/ 		0
0
css
fonts.googleapis.com/ 		2 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: assets.centralindex.com
URL: https://assets.centralindex.com/assets/css/core-flatpack-theme.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://assets.centralindex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Mar 2023 08:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 08:20:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Mar 2023 08:34:21 GMT
css
fonts.googleapis.com/ 		2 KB
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: assets.centralindex.com
URL: https://assets.centralindex.com/stylesheets/4f23c97d5c0ebc4836caf548ee07a0de.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://assets.centralindex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Mar 2023 08:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 08:01:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Mar 2023 08:34:21 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 Mar 2023 08:23:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
648
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 21 Mar 2023 10:23:33 GMT
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: citipagestest.ciflatpacks.com
URL: https://citipagestest.ciflatpacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25783222ab4c95a075a39eafccc43e923321ffdbd63eeb08bea81fe12ab67088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27174
x-xss-protection
0
server
sffe
etag
"1517 / 268 of 1000 / last-modified: 1679360970"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 08:34:21 GMT
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/3.2.1/font/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css
Origin
https://citipagestest.ciflatpacks.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
946
cdn-cachedat
07/16/2022 17:19:44
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43572
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"b683029bafe0305ac2234038a03e1541"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
97f5248196e01703ffae6eefd1dfecfa
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
7ab4daf44c14f858-CDG
cdn-requestpullsuccess
True
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://citipagestest.ciflatpacks.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 21:07:17 GMT
x-content-type-options
nosniff
age
300424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Mar 2024 21:07:17 GMT
collect
www.google-analytics.com/j/ 		3 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2087316676&t=pageview&_s=1&dl=https%3A%2F%2Fcitipagestest.ciflatpacks.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20the%20Tunbridge%20Wells%20Pages%20directory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1271122427&gjid=1148106983&cid=1353263825.1679387662&tid=UA-41308528-8&_gid=1317496848.1679387662&_r=1&_slc=1&z=851447289
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://citipagestest.ciflatpacks.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 08:34:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://citipagestest.ciflatpacks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2023031601.js
securepubads.g.doubleclick.net/gpt/ 		396 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 10:50:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136618
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 08:37:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Mar 2024 10:50:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		51 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=citipagestest.ciflatpacks.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1b9c7eb5cd7e8c659eed27e4ed4743957e1d6f00a747141eaafa81d184101fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Tue, 21 Mar 2023 08:34:21 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=citipagestest.ciflatpacks.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=citipagestest.ciflatpacks.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		697 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=194508796306960&correlator=1873354386481814&eid=31073284&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fif&iu_parts=30992800%2CCitipages_Header&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=1&adks=1949687403&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1679387662078&lmt=1679387662&dlt=1679387661084&idt=948&adxs=315&adys=68&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&ad_type=image&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcitipagestest.ciflatpacks.com%2F&frm=20&vis=1&psz=1170x30&msz=1170x0&fws=0&ohw=0&ga_vid=1353263825.1679387662&ga_sid=1679387662&ga_hid=2087316676&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d8c8566a9386bd72004781181e1a7c6593034cf7c10a596e5cfd75776566b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://citipagestest.ciflatpacks.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
37a8bbc54578b9ec045108273cb1dae9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A9BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://37a8bbc54578b9ec045108273cb1dae9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citipagestest.ciflatpacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 08:34:22 GMT
expires
Wed, 20 Mar 2024 08:34:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5da3c1355d57bae4fa4321ec26c4c036ea58c46c36b46c59d2795a75189446d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11184
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 08:34:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B3E8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citipagestest.ciflatpacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
47231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Mar 2023 19:27:12 GMT
expires
Tue, 19 Mar 2024 19:27:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C0B1 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
485624d4e8ba5b37c787896bb2a42c4ace09586fbc48e31aa9abbd61ae3fc15a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yaMF3upp-brvzcyIamQNXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citipagestest.ciflatpacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-yaMF3upp-brvzcyIamQNXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 08:34:23 GMT
expires
Tue, 21 Mar 2023 08:34:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js
pagead2.googlesyndication.com/bg/ Frame B3E8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 05:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
358228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14251
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Mar 2024 05:03:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C0B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023031601&jk=194508796306960&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B3E8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?83TnMA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:34:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031601&jk=194508796306960&bg=!BQalBlLNAAZEjmHWZI47ADkAdvg8Wu7fuuQuEPGddIBFGVKx3C79jqihYX_TZDecWWQK2ILZFseyxf6aWq20KcSn3UonEZmTG9ACAAAA-FIAAAADaAEHmQK4nkfBBI_upAWXfZuku1EQ2JiPVmRJ8wg5PQSpjOYFls2b7M-q519HvSEcwC9hHXkdRxAM-YNiZdiUHyY3YufhEntQdnyP5kKp3WhBlfiXFMHaIRbaMgQsPkXNqiizb62LZmQfwFiRurBEdYMM4SOBrT5KXdkq7glfymVyQ1VxBJPNsuLf8mJ3hPpjbFxXR8EK_hXJJemGsN1kIxtxxOLpP18u3G0dvIrO9XpQbFd57WFh59dNPt1j9HdncKODAH2yJUbgHOjW98wX9REO4ZvUwtliu8VEPE9YiLxvHI6x3-VnAVQL2gR4PfonMgMT_3qewxBXXiXmWGPdmi8D4Lsv18cajZtr8-sXUktpql-QXhino2bgWY9qhvo18YL425adPtHxogY3TOUGsWCSFY7UgkAwFPeYkE5EPKIdzhPzjF67F13ewBdt6aXiyhvkdeTswXiBmJfSScOPKMrzxtOpRQoYMfalv5DkPAGrnEP_4bgxXOB67uAIwcXXa2FY7sA8RRLaQbkFe3EFbBxorxQGJz_YHLiECe9YuYezve0ADShUkgHyqOrdGFVJe0ntIEck8AAyxxHZLM0skvh-J82kSoUYXyAbx2cpiXLagWM8CK3CbNxspzR6knWYRPB1YhMmzJ_006-pOKY29XWUFTeW0xnEr_PVz0vI8taHJQXKfzMONmW5oY9hiffOHjbtQIUOj-Q0JzyGbYFe3kFY3jLL8-JqcA2upPzNhKslXlXPn8I0yrRmJuzKJd1_1wXHSVZlWobs7o50I1tZXKzhyCZNPY6SBq0iIgeuXXow4gmQ1w1hMW1A-J7plP3LtpzNX0vjin_tYarjchmIwJcLCD2Dlfi9TinFpy7zeyB5ZNnxVPeSH3iXOIVmqBykJI_cQkkUknMRCVCo37V28FFM8VphmyWR4lJrd2Ty
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://citipagestest.ciflatpacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webcom.yellzz.com
URL
https://webcom.yellzz.com/yellzz-initial.js

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| getParamNames function| renderYextPixel string| flatpack_country string| flatpack_country_name string| flatpack_default_location boolean| flatpack_keywordsAutoComplete boolean| flatpack_locationsAutoComplete string| flatpack_entity_id string| flatpack_category string| flatpack_stub object| partner_ids string| GoogleAnalyticsObject function| ga object| googletag function| $ function| jQuery function| DP_jQuery_1679387661515 object| jQuery18203336904744494351 function| read_cookie function| chooseTab function| checkTabs function| searchRedirect function| searchRedirectMobile function| parseSuggestions function| recordEvent function| recordLogEvent function| recordYextEvent function| getYextHTML function| loadImage object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
citipagestest.ciflatpacks.com/ Name: X-Mapping-nbpcclgk
Value: 9DF2BEF53E635201B962EC8DD7863C32
citipagestest.ciflatpacks.com/ Name: PHPSESSID
Value: 4js1ttantt02mnf74i94j05ch2
.citipagestest.ciflatpacks.com/ Name: _ga
Value: GA1.3.1353263825.1679387662
.citipagestest.ciflatpacks.com/ Name: _gid
Value: GA1.3.1317496848.1679387662
.citipagestest.ciflatpacks.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ciflatpacks.com/ Name: __gads
Value: ID=3a23608d57a4d8ce:T=1679387662:S=ALNI_MbtTkzEmr3OeaFmRfS3VAtslKijVA
.ciflatpacks.com/ Name: __gpi
Value: UID=00000bc99bc26d89:T=1679387662:RT=1679387662:S=ALNI_MZFWX3bA47p3XZT4dy1WB-3vR2QUg

1 Console Messages

Source Level URL
Text
network error URL: https://webcom.yellzz.com/yellzz-initial.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37a8bbc54578b9ec045108273cb1dae9.safeframe.googlesyndication.com
adservice.google.com
adservice.google.fr
ajax.googleapis.com
assets.centralindex.com
citipagestest.ciflatpacks.com
dkthlrncwzdcx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
webcom.yellzz.com
www.google-analytics.com
www.google.com
www.googletagservices.com
webcom.yellzz.com
143.204.215.51
145.239.170.100
2606:4700::6812:acf
2a00:1450:4001:801::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
0d8c8566a9386bd72004781181e1a7c6593034cf7c10a596e5cfd75776566b5b
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
25783222ab4c95a075a39eafccc43e923321ffdbd63eeb08bea81fe12ab67088
29c1b666f05c3d98e4e067d1e3d9297d77a60b3c12ba54312d1bc1bacf7656fe
2a50fa42f0de3934ca52516cdea7b29c86602bbe70e11244c1718e415bae4c31
2f3a2876a41719b33562066ddbad7c9bbed073587ea155c594d6fe3e39d44824
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485624d4e8ba5b37c787896bb2a42c4ace09586fbc48e31aa9abbd61ae3fc15a
534c509d2f6919bd668286d36f606192610bc3030fc342b1f05af99a582040ac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5da3c1355d57bae4fa4321ec26c4c036ea58c46c36b46c59d2795a75189446d5
616c31f947d6f9e3025f4e165a438768f4d8448b0969ea4035fbbbded61afe5a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
7332aeadaa63af6487b0d4ec9433bb4f377ea49dfd77098b515d296b4abb7af7
7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6
87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e
9a06cf6f55b2b2c771df7f641f2fde8b9c348c830558aba8e4d30f5b08773276
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a76f6db44e5803983c0ee0bca33d2cc860b88e9f3e68baba4550d0f69832be62
b49885ee9e161e5595dfe428642255234d8d557c85699bb8bba72499717498c5
b55c0804c7a814165dfee657469b694546293568803e399e2d42acbc5aacd9cf
c1b9c7eb5cd7e8c659eed27e4ed4743957e1d6f00a747141eaafa81d184101fc
c5477b13b6e05456f6d042e704b54f258a3025bea21f8147e492c91d292ff916
c9144db69916d671d76b2aefb397317b33e4be3f6e6031345e06624d703feed5
d74eeb3dd47fa2837ff18318b077ff10acadaf98523b4223a74442c5c33c32c0
d810da8586c243ef2ecad484dd67ff43bca78a40411e2b576d4aee4752e7619a
d967fafc7b6f40095c9396f71387da404817dfa67169dc0a3545eb382acc9841
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615