urlscan.io logo urlscan.io
SecurityTrails logo

citizenspecials.com Open in urlscan Pro
54.74.75.141  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://citizenspecials.com/
Effective URL: https://citizenspecials.com/
Submission: On May 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 37 HTTP transactions. The main IP is 54.74.75.141, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is citizenspecials.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 24th 2023. Valid for: a year.
This is the only time citizenspecials.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.74.75.141 16509 (AMAZON-02)
19 18.244.18.13 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:275... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.29.87.71 16509 (AMAZON-02)
37 7
1    54.74.75.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-75-141.eu-west-1.compute.amazonaws.com
citizenspecials.com
19    18.244.18.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-13.fra56.r.cloudfront.net
static.blogger.co.uk
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2600:9000:275b:ec00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
4    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.29.87.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-87-71.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
Apex Domain
Subdomains		 Transfer
19 blogger.co.uk
static.blogger.co.uk
2 MB
9 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4414
api.cmp.inmobi.com — Cisco Umbrella Rank: 15328
224 KB
4 gstatic.com
fonts.gstatic.com
32 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 citizenspecials.com
citizenspecials.com
9 KB
37 5
Domain Requested by
19 static.blogger.co.uk citizenspecials.com
static.blogger.co.uk
8 cmp.inmobi.com citizenspecials.com
cmp.inmobi.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com citizenspecials.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 citizenspecials.com
37 6

This site contains no links.

Subject Issuer Validity Valid
citizenspecials.com
Amazon RSA 2048 M02		 2023-11-24 -
2024-12-22		 a year crt.sh
static.blogger.co.uk
Amazon RSA 2048 M03		 2023-08-31 -
2024-09-27		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://citizenspecials.com/
Frame ID: CA606AE5390D1281FF7EF82CE33E479C
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Citizen Specials

Page URL History Show full URLs

  1. http://citizenspecials.com/ HTTP 307
    https://citizenspecials.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

37
Requests

97 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

2156 kB
Transfer

3449 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://citizenspecials.com/ HTTP 307
    https://citizenspecials.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citizenspecials.com/
Redirect Chain
  • http://citizenspecials.com/
  • https://citizenspecials.com/
37 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citizenspecials.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.75.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-75-141.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
aecb9f09e29eb8cda08e0007c3806c73fc1f8775ee087d924b8460f851a4e878

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
8597
content-type
text/html; charset=UTF-8
date
Mon, 20 May 2024 09:48:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding

Redirect headers

Location
https://citizenspecials.com/
Non-Authoritative-Reason
HttpsUpgrades
searchbox.css
static.blogger.co.uk/cms/css/ 		244 B
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/css/searchbox.css
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fac4dfae73b7d3e714b82eb7971b0cba47ba4f75a85b97048de0824aae8ec7b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:35:17 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2019 15:05:26 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1559916485/ctime:1548431578/gid:20/gname:staff/md5:bb936250a42831ebe50ee8ce58af8bb8/mode:33188/mtime:1548431578/uid:501/uname:simonetti
x-amz-cf-pop
FRA56-P11
age
76423
etag
"bb936250a42831ebe50ee8ce58af8bb8"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000,public
accept-ranges
bytes
content-length
244
x-amz-cf-id
-FQVqrxQEn6smelbmp-F8K8rQPF5l0zIu4Fok0BZIWxhZFfkh-W92A==
latest-news.css
static.blogger.co.uk/cms/css/ 		360 B
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/css/latest-news.css
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4149f6ca3b5b4bbe93f968f89dde7e78bbdd63deb5117d026f5cc7bc60b17bab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:35:17 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2019 15:05:25 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1559916485/ctime:1548431578/gid:20/gname:staff/md5:64e35a75605fe3214bb3d376dc575a83/mode:33188/mtime:1548431578/uid:501/uname:simonetti
x-amz-cf-pop
FRA56-P11
age
76423
etag
"64e35a75605fe3214bb3d376dc575a83"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000,public
accept-ranges
bytes
content-length
360
x-amz-cf-id
JdlKrObl26xHnnA_PCytpIrN_T2tvMUBk7GofGRzCjM6q-DBSzyb5g==
site-tabs.css
static.blogger.co.uk/cms/css/ 		453 B
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/css/site-tabs.css
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fae7976ffedd5b03d8f96c5f78f73f51ffdebf45f8d57f249d6bd194063aa29a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 14:07:24 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2019 15:05:26 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1559916485/ctime:1548431578/gid:20/gname:staff/md5:9706bbb69119ca0080f3c44f29f0501c/mode:33188/mtime:1548431578/uid:501/uname:simonetti
x-amz-cf-pop
FRA56-P11
age
1021296
etag
"9706bbb69119ca0080f3c44f29f0501c"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000,public
accept-ranges
bytes
content-length
453
x-amz-cf-id
v9D7ohGZnAnp88Ts7bEWQgyRdEm-S2zCrR3gp4mT_I4J-8VPMeVy4Q==
article.css
static.blogger.co.uk/cms/css/ 		1011 B
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/css/article.css
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
942e9146477050eb95dccca96e6f69ba50e6c00a7cad37b70ad87c880eb54008

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 11 Mar 2024 13:18:57 GMT
content-encoding
br
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Mon, 02 Mar 2020 11:34:45 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1583148873/ctime:1583148486/gid:20/gname:staff/md5:76dc1bcb7cb2f5192c0262309bb45216/mode:33188/mtime:1583148486/uid:501/uname:simonetti
x-amz-cf-pop
FRA56-P11
age
6035403
etag
W/"76dc1bcb7cb2f5192c0262309bb45216"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
odEcI0uMxMtI7xw6F6OUvgcAa-kaQ0DpePUi2kZ6bXU4asABp6iY5Q==
all-bad0716f7625b511f394aa2e842fcebb.css
static.blogger.co.uk/cms/assets/ 		154 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/assets/all-bad0716f7625b511f394aa2e842fcebb.css
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d2813c87cd06d3381f745104615a7089ad83654b3ccd299a3e43b3bea4ecd68

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 07:32:23 GMT
content-encoding
gzip
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Mon, 21 Jun 2021 11:10:59 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1624268790/ctime:1624268788/gid:20/gname:staff/md5:bad0716f7625b511f394aa2e842fcebb/mode:33188/mtime:1624268788/uid:501/uname:andreasimonetti
x-amz-cf-pop
FRA56-P11
age
19434
etag
W/"bad0716f7625b511f394aa2e842fcebb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
B7LV7B0bVnkAyw-fbuhQCiOQU_IE_ZEbq9VQ9QwuTLEbL6bW1E3bDg==
css
fonts.googleapis.com/ 		3 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc84ee5866c959a1f681b1e63aef0206d4685760e7f3d8564bc9580f878fd6cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 May 2024 09:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 May 2024 09:37:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 May 2024 09:48:59 GMT
css
fonts.googleapis.com/ 		3 KB
473 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Urbanist:300,400,500,600
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e5913d3bf78bd4629dd479f1a56049bc890705a4c016419e7febc055abeb069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 May 2024 09:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 May 2024 09:48:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 May 2024 09:48:59 GMT
css
fonts.googleapis.com/ 		6 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:300,400,500,600
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50e0f66b2a0be6e5fe49fea73159b50788874162970a0ba67395845c34e329b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 May 2024 09:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 May 2024 09:48:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 May 2024 09:48:59 GMT
citizenspecial-6c6fb5f6c8bf1d403845d07ac1c2dae0.css
static.blogger.co.uk/cms/assets/ 		64 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/assets/citizenspecial-6c6fb5f6c8bf1d403845d07ac1c2dae0.css
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1ce4cf26fd0568cdb531103dfc4ddb14ec4da460bac0f0be13e4fba9eb897be

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:48:59 GMT
content-encoding
br
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 23 Nov 2021 18:39:13 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1637692652/ctime:1637692651/gid:20/gname:staff/md5:6c6fb5f6c8bf1d403845d07ac1c2dae0/mode:33188/mtime:1637692651/uid:501/uname:andreasimonetti
x-amz-cf-pop
FRA56-P11
age
76423
etag
W/"6c6fb5f6c8bf1d403845d07ac1c2dae0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
y_j9VBFEYxdSKckIdhiZSW97Ckw_Vx6KfOYdoHi8iaUQt4_SrKeSqA==
citizenspecials1.png
static.blogger.co.uk/cms/img/logo/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/cms/img/logo/citizenspecials1.png
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f75db300326e08a6d4275ee7c11eb8b6fab6ea1cbcced09e07064874fee3497

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 06:03:59 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 12:52:23 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1635857534/ctime:1635857532/gid:20/gname:staff/md5:8b0d2b0f2d4efdac2199db65751426d4/mode:33188/mtime:1635857532/uid:501/uname:andreasimonetti
x-amz-cf-pop
FRA56-P11
age
13576
etag
"8b0d2b0f2d4efdac2199db65751426d4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12497
x-amz-cf-id
Jb3panx-OE72Ty7JtKVfuye7v4cO4dUq5i67o_lMVACuN0cE0zY5wA==
all-e45d02c8a62f20f49d33ffd2d1b9d686.js
static.blogger.co.uk/cms/assets/ 		144 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/assets/all-e45d02c8a62f20f49d33ffd2d1b9d686.js
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80ef82e9ef80b1c2f189f4c5f75e7bbbde3f013741845f749b5e31c0863cb627

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 05:07:21 GMT
content-encoding
gzip
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Mon, 21 Jun 2021 11:10:59 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1624268789/ctime:1624268786/gid:20/gname:staff/md5:e45d02c8a62f20f49d33ffd2d1b9d686/mode:33188/mtime:1624268786/uid:501/uname:andreasimonetti
x-amz-cf-pop
FRA56-P11
age
16899
etag
W/"e45d02c8a62f20f49d33ffd2d1b9d686"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XQwDuwp1CCZDsy2Qc5649N0btcNKoDU9zVaPR-PXwQYukJxOB1Pm7w==
choice.js
cmp.inmobi.com/choice/eAH2jwxDTtt67/citizenspecials.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/eAH2jwxDTtt67/citizenspecials.com/choice.js?tag_version=V3
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ec00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64dd50276ff7d15434e2639c55772fb354e51557dc85b773467e0f5855ddda87

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:49:00 GMT
content-encoding
br
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
last-modified
Tue, 06 Feb 2024 15:06:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
etag
W/"9b25ed6732866d617c4de860dae27da9"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
JCr7qesDdm41pJingkmZ1stR7mdxjuPKEJyq0kBtWA30n9BdRo0LDA==
0-cheating.jpg
static.blogger.co.uk/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/0-cheating.jpg
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28b146d1b58af7eccd855d4cf5e977489f4ce8baab553d8cfcd8cc8b9ada1e02

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:35:18 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Fri, 22 Mar 2024 11:08:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
76422
etag
"1a0fba9286726fc72a27e886dc35f5f4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
42108
x-amz-cf-id
UPMFHDNTpq_Wm9L9y2miK5KiZw_Fm2dXSvlTj8xXnUmHe9s1h_gb6A==
0-pexels-photo-271897.jpeg
static.blogger.co.uk/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/0-pexels-photo-271897.jpeg
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51a059efc285aadab88b7dfb5ec762e17f11e9e5f90c200de6cd945610baaef2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:48:59 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 07 Dec 2021 13:19:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
76422
etag
"7c75de78924e5982a7adcfb59bc8df79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
116464
x-amz-cf-id
PJi-KnBhlQYOdN-SQnor7nCSqSJ2WbhXr-VJRsZBgnlE0IWYP6vChw==
0-pexels-photo-3088369.jpeg
static.blogger.co.uk/ 		479 KB
480 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/0-pexels-photo-3088369.jpeg
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6f2d818582642ce559551962161a6acfb05b08af959f4817055043801745eea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:35:18 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 07 Dec 2021 13:17:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
76422
etag
"2831881f0eaa0b22d3c150964bafb3e3"
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
490742
x-amz-cf-id
GlRUnoQ4Idwl7q08AWcBevSpte1CvKEwi5u_M5LXy__dwZPA97V6og==
0-pexels-photo-4348401.jpeg
static.blogger.co.uk/ 		324 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/0-pexels-photo-4348401.jpeg
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a650ede56774501d46d13848625dc9f23bdc1bd30d502ed4390e4c50dc432f52

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:48:59 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 07 Dec 2021 13:11:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
76422
etag
"126fd3eeb86ab854461977ffd51fc5ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
332000
x-amz-cf-id
sZUAJSi09ViWRTlKXuOjIGMdp5lq03aXKw7vYI4tw2msvGIU_-Ilzg==
0-pexels-photo-1023583.jpeg
static.blogger.co.uk/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/0-pexels-photo-1023583.jpeg
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e93447be2ce438016e9e694647c48742c2586f13d052d6ba4d9249215b4cafd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:49:00 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 07 Dec 2021 13:06:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
etag
"688df43f3c40033a69d2e596b36d5020"
x-cache
Miss from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
205577
x-amz-cf-id
PazJBYM3Wnt3vOev8itSvT_QoWZOLBpXgzswohuC_fm3ykVa1Jkd3Q==
0-pexels-photo-839633.jpeg
static.blogger.co.uk/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/0-pexels-photo-839633.jpeg
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
257c3eb223e3e587c7f2ee70a07fdc24fb2db13c4dd17c142e44c73682e6f0ee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:35:18 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 07 Dec 2021 12:43:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
76422
etag
"97b9d04cbf23cc8fb063603fdb3cad44"
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
208578
x-amz-cf-id
_oMtPxGiOuR-gFfojSRDqc8Bjm-c3bZYSfA_rd58EG6dNoeUrZ7sRA==
0-pexels-photo-4033304.jpeg
static.blogger.co.uk/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/0-pexels-photo-4033304.jpeg
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2bd5359c09ae90f4fc61a0db934ef53ffcdcd8d6e0c57e1642954ffe3ad478c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:48:59 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 17:51:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
76422
etag
"7b8dc9e7a1bebb8b68e41b63ce9f5497"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
163198
x-amz-cf-id
zd3XJh_j4VyoqmdyzRa_UWlqob0ElDDq8foMerDjQxfpvedIGvzEfA==
0-pexels-photo-4108680.jpeg
static.blogger.co.uk/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/0-pexels-photo-4108680.jpeg
Requested by
Host: citizenspecials.com
URL: https://citizenspecials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
449ecace3cc357971c85a191189099ce58c6737b103868fd2d473dc327ae04f9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:48:59 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 17:49:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
76422
etag
"331a56514fffd7be554669a9357c11b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
150355
x-amz-cf-id
SnBzgLbKH7rM4wXf089YSu1uFwt0JqVYrqYzPjuAQRUNx0BJvtduNA==
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://citizenspecials.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 08:11:21 GMT
x-content-type-options
nosniff
age
178658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 08:11:21 GMT
fontawesome-webfont.woff2
static.blogger.co.uk/cms/assets/80b1f63e57f120a2d4a3bb687f80ac21/fonts/ 		0
0
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://citizenspecials.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:40:09 GMT
x-content-type-options
nosniff
age
530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 May 2025 09:40:09 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://citizenspecials.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 05:38:26 GMT
x-content-type-options
nosniff
age
187833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 05:38:26 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://citizenspecials.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 06:18:41 GMT
x-content-type-options
nosniff
age
185418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 06:18:41 GMT
fontawesome-webfont.woff
static.blogger.co.uk/cms/assets/80b1f63e57f120a2d4a3bb687f80ac21/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/assets/80b1f63e57f120a2d4a3bb687f80ac21/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by
Host: static.blogger.co.uk
URL: https://static.blogger.co.uk/cms/assets/all-bad0716f7625b511f394aa2e842fcebb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://static.blogger.co.uk/cms/assets/all-bad0716f7625b511f394aa2e842fcebb.css
Origin
https://citizenspecials.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:33:45 GMT
via
1.1 b166ca183629eada7c88ffe6bf8562a2.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 14:48:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
65715
etag
"fee66e712a8a08eef5805a46892932ad"
access-control-allow-methods
GET, PUT, DELETE, HEAD, POST
content-type
font/woff
access-control-allow-origin
*
x-cache
Hit from cloudfront
access-control-expose-headers
ETag, Access-Control-Allow-Origin
accept-ranges
bytes
content-length
98024
x-amz-cf-id
EbQBDcWcp-Vt3afBIAW-Hsmr9eDKUL0ZmTeRzigPt5LLBec3LLwgTQ==
cmp2.js
cmp.inmobi.com/tcfv2/ 		167 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=citizenspecials.com
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/eAH2jwxDTtt67/citizenspecials.com/choice.js?tag_version=V3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ec00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af2cf95536bf55bfb908ac0faa2690dd408fff853fc5ed4f63d2446dc95dd061

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:09:43 GMT
content-encoding
gzip
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
2357
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 16 May 2024 11:01:09 GMT
server
AmazonS3
etag
W/"ed8dbcb37add9d6820b2aba407417cb2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
REL8kNves1pnV61tC0LGgLfi60cOdMoHFFglQQkqhkUuSncjq6k7IQ==
geoip
cmp.inmobi.com/ 		39 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=citizenspecials.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ec00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:48:59 GMT
via
1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P7
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
39
x-amz-cf-id
JlEx1jU4CoOHDEcMORUqPphDNJe4Pubj97iOyDoVvjGKTwOnjlW3GA==
favicon-32x32.png
static.blogger.co.uk/cms/img/favicon/citizenspecials/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.blogger.co.uk/cms/img/favicon/citizenspecials/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1df972e94fc91b2567572bd0a9aaf16666c3d5267633c1673b85172deec6484

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:49:00 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 13:24:42 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1635859469/ctime:1635859382/gid:20/gname:staff/md5:be220f928f7caefa8bb0ea526ddff9f9/mode:33206/mtime:1635873764/uid:501/uname:andreasimonetti
x-amz-cf-pop
FRA56-P11
etag
"be220f928f7caefa8bb0ea526ddff9f9"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1657
x-amz-cf-id
T2T9oBGbsrsfeJnhwtQhdXgAUOcLmkvOlNqPtsO3ovTM2TqJ-PooHA==
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		18 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=citizenspecials.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ec00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5df720bf21df5c81ec974a875c4dedf09ee26ccd6c2f914fa867a90c6c2cf538

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 03:00:44 GMT
content-encoding
br
via
1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
24496
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 May 2024 03:00:42 GMT
server
AmazonS3
etag
W/"d10fcc959a5a77f20ae53f69a1451df2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
UqW65YsUGRETOmiMlibVYIhhBlKelmFRb4OnjuVNAyFqSUySXeYgjg==
cmp2ui-en.js
cmp.inmobi.com/tcfv2/53/ 		297 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=citizenspecials.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ec00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f2b090271a491669d0719fdf1f4e385748811beaf25ddc74faa9c0dfe25e8cb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:01:34 GMT
content-encoding
br
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
168445
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 16 May 2024 11:01:00 GMT
server
AmazonS3
etag
W/"b19d219c01b86c93182340e72ffe3bbc"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
vtdQkYQRw0vPLFE2LL6ZKk5vRJGArTI4aG7mxo53lbzJ5CsB05QhjA==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		585 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=citizenspecials.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ec00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0ad46983c7ea95f98d802db2d895383e9076dbd1f6ad6857471caf964ceff03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:59:24 GMT
content-encoding
br
via
1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
35376
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 16 May 2024 23:59:20 GMT
server
AmazonS3
etag
W/"598b38222b9dd97d7caa5035bf774d51"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
oBJPfkyD2ntgNelhx52TrEaP0w_CvIsHH8AwXKGOTU6kKmlBTxpE-Q==
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		142 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=citizenspecials.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ec00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7bf50fbca0db2d41093fb93a0193a4b837cd81b9568e60a8655cf6f0e1cb294

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 03:00:26 GMT
content-encoding
br
via
1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
24514
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 May 2024 03:00:24 GMT
server
AmazonS3
etag
W/"17c29ea6b0885c00cf51ebff96ab97e9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
uWD8DyGPTpiuorECOsBM8AztYWbJcV7lKd8XeqnUETFItPkSzzQzrA==
/
api.cmp.inmobi.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22eAH2jwxDTtt67%22%2C%22domain%22%3A%22citizenspecials.com%22%2C%22publisher%22%3A%22CitizenSpecials%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22RlpvwByPmcsFXgQUEe8l1w%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1716198539712%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-4wjgokzlu4z7x6xmbpl6%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.29.87.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-87-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 20 May 2024 09:48:59 GMT
content-length
2
content-type
text/plain; charset=utf-8
geoip
cmp.inmobi.com/ 		39 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:ec00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 09:48:59 GMT
via
1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P7
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
39
x-amz-cf-id
JjTZQSNnG540nLlnYNvIwTaweWPn4SeYuyNj6nQlYB8N6IhMSUitCQ==
citizenspecials1.png
static.blogger.co.uk/cms/img/logo/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogger.co.uk/cms/img/logo/citizenspecials1.png?qc-size=255,60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f75db300326e08a6d4275ee7c11eb8b6fab6ea1cbcced09e07064874fee3497

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://citizenspecials.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 06:03:59 GMT
via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 12:52:23 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1635857534/ctime:1635857532/gid:20/gname:staff/md5:8b0d2b0f2d4efdac2199db65751426d4/mode:33188/mtime:1635857532/uid:501/uname:andreasimonetti
x-amz-cf-pop
FRA56-P11
age
13576
etag
"8b0d2b0f2d4efdac2199db65751426d4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12497
x-amz-cf-id
LYS6zbL85SXeetbAHD222araPNz1naRFmmA3eYuAnuV-Qy6RRuwHMQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.blogger.co.uk
URL
https://static.blogger.co.uk/cms/assets/80b1f63e57f120a2d4a3bb687f80ac21/fonts/fontawesome-webfont.woff2?v=4.7.0

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| __tcfapi function| __uspapi undefined| f undefined| cmpFrame undefined| cmpCallbacks object| $jscomp function| $ function| jQuery object| yii object| jsSocials object| regeneratorRuntime function| __tcfapiui object| dataLayer function| gtag

3 Cookies

Domain/Path Name / Value
citizenspecials.com/ Name: PHPSESSID
Value: 359a0d3e2c621dd6438e37f3133ddcf5
citizenspecials.com/ Name: _csrf
Value: ce7683ed922c453c644343cdb2ca1383a22019f6ee023b2cc13e5eaad9ed6a8ea%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22t7xA_l-wYsO9rSAcNADQoDv0nCSR-EvX%22%3B%7D
.citizenspecials.com/ Name: usprivacy
Value: 1Y--

2 Console Messages

Source Level URL
Text
javascript error URL: https://citizenspecials.com/
Message:
Access to font at 'https://static.blogger.co.uk/cms/assets/80b1f63e57f120a2d4a3bb687f80ac21/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://citizenspecials.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.blogger.co.uk/cms/assets/80b1f63e57f120a2d4a3bb687f80ac21/fonts/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cmp.inmobi.com
citizenspecials.com
cmp.inmobi.com
fonts.googleapis.com
fonts.gstatic.com
static.blogger.co.uk
static.blogger.co.uk
18.244.18.13
2600:9000:275b:ec00:1b:cadc:ef40:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2003
52.29.87.71
54.74.75.141
0f75db300326e08a6d4275ee7c11eb8b6fab6ea1cbcced09e07064874fee3497
257c3eb223e3e587c7f2ee70a07fdc24fb2db13c4dd17c142e44c73682e6f0ee
28b146d1b58af7eccd855d4cf5e977489f4ce8baab553d8cfcd8cc8b9ada1e02
2e93447be2ce438016e9e694647c48742c2586f13d052d6ba4d9249215b4cafd
2f2b090271a491669d0719fdf1f4e385748811beaf25ddc74faa9c0dfe25e8cb
4149f6ca3b5b4bbe93f968f89dde7e78bbdd63deb5117d026f5cc7bc60b17bab
449ecace3cc357971c85a191189099ce58c6737b103868fd2d473dc327ae04f9
50e0f66b2a0be6e5fe49fea73159b50788874162970a0ba67395845c34e329b0
51a059efc285aadab88b7dfb5ec762e17f11e9e5f90c200de6cd945610baaef2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5df720bf21df5c81ec974a875c4dedf09ee26ccd6c2f914fa867a90c6c2cf538
64dd50276ff7d15434e2639c55772fb354e51557dc85b773467e0f5855ddda87
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80ef82e9ef80b1c2f189f4c5f75e7bbbde3f013741845f749b5e31c0863cb627
8e5913d3bf78bd4629dd479f1a56049bc890705a4c016419e7febc055abeb069
942e9146477050eb95dccca96e6f69ba50e6c00a7cad37b70ad87c880eb54008
9d2813c87cd06d3381f745104615a7089ad83654b3ccd299a3e43b3bea4ecd68
a650ede56774501d46d13848625dc9f23bdc1bd30d502ed4390e4c50dc432f52
a6f2d818582642ce559551962161a6acfb05b08af959f4817055043801745eea
aecb9f09e29eb8cda08e0007c3806c73fc1f8775ee087d924b8460f851a4e878
af2cf95536bf55bfb908ac0faa2690dd408fff853fc5ed4f63d2446dc95dd061
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bc84ee5866c959a1f681b1e63aef0206d4685760e7f3d8564bc9580f878fd6cc
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0ad46983c7ea95f98d802db2d895383e9076dbd1f6ad6857471caf964ceff03
e1ce4cf26fd0568cdb531103dfc4ddb14ec4da460bac0f0be13e4fba9eb897be
e2bd5359c09ae90f4fc61a0db934ef53ffcdcd8d6e0c57e1642954ffe3ad478c
e7bf50fbca0db2d41093fb93a0193a4b837cd81b9568e60a8655cf6f0e1cb294
f1df972e94fc91b2567572bd0a9aaf16666c3d5267633c1673b85172deec6484
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fac4dfae73b7d3e714b82eb7971b0cba47ba4f75a85b97048de0824aae8ec7b2
fae7976ffedd5b03d8f96c5f78f73f51ffdebf45f8d57f249d6bd194063aa29a