URL: https://www.citicleanga.com/
Submission: On May 16 via automatic , source certstream-suspicious

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 28 HTTP transactions.
The main IP is 52.10.247.196, located in Boardman, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.citicleanga.com.
The TLS certificate was issued by Let's Encrypt Authority X3 on May 16th 2019 with a validity of 3 months.
This is the first time this domain was scanned on urlscan.io!

Domain & IP information

IP Address AS Autonomous System
6 52.10.247.196 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 209.197.3.15 20446 (HIGHWINDS3)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 52.36.238.209 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 52.218.104.194 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 10
Domain
Subdomains
Transfer
9 citicleanga.com
1 MB
6 amazonaws.com
901 KB
4 maps.googleapis.com
112 KB
4 bootstrapcdn.com
160 KB
3 cloudflare.com
14 KB
2 google.com
309 B
1 googletagmanager.com
20 KB
1 ajax.googleapis.com
30 KB
1 fonts.googleapis.com
446 B
28 9
Domain Requested by
7 www.citicleanga.com www.citicleanga.com
6 s3.eu-west-1.amazonaws.com www.citicleanga.com
4 maps.googleapis.com www.citicleanga.com
maps.googleapis.com
4 maxcdn.bootstrapcdn.com www.citicleanga.com
3 cdnjs.cloudflare.com www.citicleanga.com
2 citicleanga.com 2 redirects
1 www.google.com www.citicleanga.com
1 maps.google.com 1 redirects
1 www.googletagmanager.com www.citicleanga.com
1 ajax.googleapis.com www.citicleanga.com
1 fonts.googleapis.com www.citicleanga.com
28 11

This site contains links to these domains. Also see Links.

Domain
citicleanga.com
Subject / Issuer Validity Valid
citicleanga.com
Let's Encrypt Authority X3
2019-05-16 -
2019-08-14
3 months
*.googleapis.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-02 -
2019-09-08
6 months
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-08 -
2019-11-06
a year
*.google-analytics.com
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months
www.google.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • meta generator /Hugo ([\d.]+)?/i

Web
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
  • html /<link [^>]*href="[^"]+owl.carousel(?:\.min)?\.css/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Web

Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
73 KB
8 KB
Document
General
Full URL
https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.247.196 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-10-247-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
a734220f9c1dc90676c4d81a52e4ad4c386572e6f35301481b587365a3c8a420

Request headers

Host
www.citicleanga.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:55 GMT
Server
Apache/2.4.18 (Ubuntu)
Last-Modified
Thu, 16 May 2019 01:14:30 GMT
ETag
"12250-588f6fcf44b8d-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8354
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
css?family=Lato
fonts.googleapis.com
767 B
446 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2939d607a8ad67edbc7ade28075844c18c904d4b2b87145db848382a50af0214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 May 2019 01:15:55 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 May 2019 01:15:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 May 2019 01:15:55 GMT
Verified font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css
28 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Verified resource
font-awesome/4.6.3/css/font-awesome.min.css at cdnjs.com, project font-awesome

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:15:55 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin
*
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
6662
owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/assets
3 KB
940 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/assets/owl.carousel.min.css
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:15:55 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:12 GMT
server
cloudflare
etag
W/"5afd4820-b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 05 May 2020 01:15:55 GMT
cache-control
public, max-age=30672000
cf-ray
4d7980d70ac2c795-AMS
served-in-seconds
0.104
mediaelementplayer.min.css
cdnjs.cloudflare.com/ajax/libs/mediaelement/4.2.9
11 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mediaelement/4.2.9/mediaelementplayer.min.css
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d5b7c96931a7cac72873b2f3715f72349cb9bc6289d1facedca268d686864
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:15:55 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:24:24 GMT
server
cloudflare
etag
W/"5afd4a48-2c8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 05 May 2020 01:15:55 GMT
cache-control
public, max-age=30672000
cf-ray
4d7980d70ac6c795-AMS
served-in-seconds
0.086
app.css
/css/full
Redirect Chain
  • https://citicleanga.com/css/full/app.css
  • https://www.citicleanga.com/css/full/app.css
142 KB
19 KB
Stylesheet
General
Full URL
https://www.citicleanga.com/css/full/app.css
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.247.196 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-10-247-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6e2a58aea2a487bbe7b3b7cc93789085ee564c2942f5876c9982ffcbdd628979

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Apr 2019 09:01:52 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2378a-58629520e4000-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18746

Redirect headers

Location
https://www.citicleanga.com/css/full/app.css
Date
Thu, 16 May 2019 01:15:55 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 00:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5878885
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
30244
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 00:14:30 GMT
js?key=AIzaSyDvsrA_bCF0EfL5Jsd5W5eZUUDbBGGi8qI
maps.googleapis.com/maps/api
101 KB
33 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDvsrA_bCF0EfL5Jsd5W5eZUUDbBGGi8qI
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
ce9a64bcad01a8438eabf6414231e72478ed6556505bb0b405f7c8f77c7d7187
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:15:55 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
vary
Accept-Language
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=11
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33203
x-xss-protection
0
expires
Thu, 16 May 2019 01:45:55 GMT
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1
42 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/owl.carousel.min.js
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:15:55 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:12 GMT
server
cloudflare
etag
W/"5afd4820-a70e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 05 May 2020 01:15:55 GMT
cache-control
public, max-age=30672000
cf-ray
4d7980d70ac9c795-AMS
served-in-seconds
0.001
app.full.js
/js/full
Redirect Chain
  • https://citicleanga.com/js/full/app.full.js
  • https://www.citicleanga.com/js/full/app.full.js
182 KB
48 KB
Script
General
Full URL
https://www.citicleanga.com/js/full/app.full.js
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.247.196 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-10-247-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7c1b36e8b1c2bb7e24d2367e48eea05b44bdc4b5882f7e410ef6fd114e387bbc

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Apr 2019 09:01:52 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2d6bd-58629520e4000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
48413

Redirect headers

Location
https://www.citicleanga.com/js/full/app.full.js
Date
Thu, 16 May 2019 01:15:55 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
640-2018_04_WvTeY.jpg
s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images
30 KB
31 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images/640-2018_04_WvTeY.jpg
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.104.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2a6573cdab3b1b3532b8d121647d421de036ba07fb33cc0ef77a3e2c1c390e18

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:56 GMT
Last-Modified
Wed, 15 May 2019 16:15:08 GMT
Server
AmazonS3
x-amz-request-id
7A5EB41ABB4DC112
ETag
"dc9cc31896b96da7437a06bde31848af"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
30941
x-amz-id-2
HlwI0AzTADKilo+8Fx2u2wL65k1N2DZdnkOaFw7W6PIPEjyocg6o2r4bx2zGJbA6g25RmFqB0/Y=
640-2017_11_hrybb.jpg
s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images
39 KB
40 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images/640-2017_11_hrybb.jpg
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.104.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
acd030e48e35b84296e273d91137a12717ee8a7dc46e738effb27d5483ffbcaf

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:56 GMT
Last-Modified
Wed, 15 May 2019 16:15:08 GMT
Server
AmazonS3
x-amz-request-id
8ADE7D70160C9D73
ETag
"29fb1c0c5be6e6e01ea46db9496d2221"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
40257
x-amz-id-2
T4SNqW1CkAWdcjh0Y7ht/Xa/Ud9cUXFiD377iPD9Y1bRzeYFcUTBxY9ZScJG/CCf8jjHjeicPKg=
640-2018_04_Krxgs.jpg
s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images
25 KB
25 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images/640-2018_04_Krxgs.jpg
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.104.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9219112a471c8cbeef1fd47df265cfab0d7ff7c59dfcca62547b32f9eb18e965

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:56 GMT
Last-Modified
Wed, 15 May 2019 16:15:08 GMT
Server
AmazonS3
x-amz-request-id
763513077496CD87
ETag
"f5d34d44262440fad18c06999d5e0e14"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
25195
x-amz-id-2
dpCDRGBiyQj457c33LmT37oRMf6SwOc108Wj6TLFbmwuPU0UKeY0oY90Bwyl6WPU6E856uFTawo=
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:15:55 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin
*
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
Adblocked gtm.js?id=GTM-TQ53HNX
www.googletagmanager.com
58 KB
20 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TQ53HNX
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
3ad5b7d3b9fbbc1eb86144fbb5c5f375941ab2be909fbdf14142d81e9e477908
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:15:56 GMT
content-encoding
br
last-modified
Wed, 15 May 2019 19:54:50 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
20824
x-xss-protection
0
expires
Thu, 16 May 2019 01:15:56 GMT
1920-2018_12_OcYf7.jpg
s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images
300 KB
300 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images/1920-2018_12_OcYf7.jpg
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.104.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
447eaf7374fd73c080a4cbdf9c68157f068b03e35f824cf1dd35d738509de239

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:57 GMT
Last-Modified
Wed, 15 May 2019 16:15:07 GMT
Server
AmazonS3
x-amz-request-id
28B7B3BD32AD14F3
ETag
"c5702c9fbdee5c3e7f0120e26584a528"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
307345
x-amz-id-2
70373hp/VNTUdk3hKndaQyLALb72VMpq7t+3V2AiRMTxv9WdJ4gbxLwLwdydFAeY9djuo/KS9Gk=
1920-2018_12_qtLmk.jpg
s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images
333 KB
333 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images/1920-2018_12_qtLmk.jpg
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.104.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d65d5736a9ee931818e95cd4a1c26a34548bde3595b9d2f8f1371b6a4b16c7a8

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:57 GMT
Last-Modified
Wed, 15 May 2019 16:15:07 GMT
Server
AmazonS3
x-amz-request-id
FAB1CB29E0F5A396
ETag
"da70ce51c4d73f967917888b6d24437b"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
340652
x-amz-id-2
pX269o/j6kMPHoxoTffOZqDIS6oXIpLzUrDjcG0Q/xNNU4ipkepyT+jt8OCNjnUEQ8XXiDkLRBY=
Roboto-Regular.ttf
/fonts
168 KB
168 KB
Font
General
Full URL
https://www.citicleanga.com/fonts/Roboto-Regular.ttf
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.247.196 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-10-247-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.citicleanga.com/css/full/app.css
Origin
https://www.citicleanga.com

Response headers

Date
Thu, 16 May 2019 01:15:56 GMT
Last-Modified
Wed, 10 Apr 2019 09:01:52 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"29e9c-58629520e4000"
Content-Type
application/font-sfnt
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
171676
Verified fontawesome-webfont.woff2?v=4.6.3
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts
70 KB
70 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Verified resource
semantic-ui/2.2.2/themes/default/assets/fonts/icons.woff2 at cdnjs.com, project semantic-ui
font-awesome/4.6.3/fonts/fontawesome-webfont.woff2 at cdnjs.com, project font-awesome

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin
https://www.citicleanga.com

Response headers

date
Thu, 16 May 2019 01:15:56 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin
*
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
71903
LibreFranklin-Regular.ttf
/fonts
77 KB
77 KB
Font
General
Full URL
https://www.citicleanga.com/fonts/LibreFranklin-Regular.ttf
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.238.209 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-36-238-209.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
1192091dde4666a1c57ded2e2f85e98b09d187cb361b35d976402cb4c7f4e6a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.citicleanga.com/css/full/app.css
Origin
https://www.citicleanga.com

Response headers

Date
Thu, 16 May 2019 01:15:56 GMT
Last-Modified
Wed, 10 Apr 2019 09:01:52 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"133b0-58629520e4000"
Content-Type
application/font-sfnt
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
78768
NotoSans-Regular.ttf
/fonts
405 KB
405 KB
Font
General
Full URL
https://www.citicleanga.com/fonts/NotoSans-Regular.ttf
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.247.196 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-10-247-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9e9b4c53bd25cad9c04d370f133a5e32d166d0d54e2a9ad6cba4a31fcd382d5b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.citicleanga.com/css/full/app.css
Origin
https://www.citicleanga.com

Response headers

Date
Thu, 16 May 2019 01:15:57 GMT
Last-Modified
Wed, 10 Apr 2019 09:01:52 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"65464-58629520e4000"
Content-Type
application/font-sfnt
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
414820
PT_Sans-Web-Regular.ttf
/fonts
433 KB
433 KB
Font
General
Full URL
https://www.citicleanga.com/fonts/PT_Sans-Web-Regular.ttf
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.247.196 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-10-247-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.citicleanga.com/css/full/app.css
Origin
https://www.citicleanga.com

Response headers

Date
Thu, 16 May 2019 01:15:57 GMT
Last-Modified
Wed, 10 Apr 2019 09:01:52 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6c250-58629520e4000"
Content-Type
application/font-sfnt
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
442960
embed?origin=mfe&pb=!1m3!2m1!1sAtlanta+,+30135,+US!6i10
www.google.com/maps
Redirect Chain
  • https://maps.google.com/maps?&q=Atlanta+,+30135,+US&output=embed&z=10&iwloc=near
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta+,+30135,+US!6i10
0
0
Document
General
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta+,+30135,+US!6i10
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta+,+30135,+US!6i10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.citicleanga.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.citicleanga.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Thu, 16 May 2019 01:15:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
vary
Accept-Language
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
gzip
server
mafe
content-length
854
x-xss-protection
0
server-timing
gfet4t7; dur=372
set-cookie
NID=183=SeNIor5CK7YbZfCPqPXmOvgaK16gA6COlZrmyKxar0h8e3dRfgA9KdZ4DKozHAIDbTNi8wFQJ372vn2PkAMsW_jRvohLAYhlJCVoVDovN73onLVPbKlCYmiQnXJTZAS_a_RsRt-XbGJwu78pGH0a48fenLTNDebZ7oWSl_Ad2wI; expires=Fri, 15-Nov-2019 01:15:57 GMT; path=/; domain=.google.com; HttpOnly
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
301
date
Thu, 16 May 2019 01:15:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta+,+30135,+US!6i10
content-type
text/html; charset=UTF-8
server
mafe
content-length
284
x-xss-protection
0
x-frame-options
SAMEORIGIN
server-timing
gfet4t7; dur=1
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
fontawesome-webfont.woff2?v=4.7.0
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts
75 KB
75 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.citicleanga.com

Response headers

date
Thu, 16 May 2019 01:15:56 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin
*
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
1920-2018_04_WvTeY.jpg
s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images
172 KB
173 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/mettrr-ireland.mettrr.com/sites/full/22296/22339/3780/images/1920-2018_04_WvTeY.jpg
Requested by
Host: www.citicleanga.com
URL: https://www.citicleanga.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.104.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
721330d46d80ae542a21964ee8587ed978eb359bb13b009f6df6521e3e5c71ae

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:15:57 GMT
Last-Modified
Thu, 16 May 2019 01:14:24 GMT
Server
AmazonS3
x-amz-request-id
F4EA798C77D49E44
ETag
"25bc121e065a756557449ce9edbfe084"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
176382
x-amz-id-2
11yA0NXec+lA+UBxTDk7WYuqP0l9OTXbd+Pc7mue1wrM8l7VddHjZx8jeCY8BqKJQf38f9dtGBc=
common.js
maps.googleapis.com/maps-api-v3/api/js/37/1
74 KB
27 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/37/1/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDvsrA_bCF0EfL5Jsd5W5eZUUDbBGGi8qI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd584e955ab8f6957764c65f94f6473fd4825fc284058bfc62ad9189cf7bf66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 17:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 May 2019 19:54:49 GMT
server
sffe
age
28823
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27699
x-xss-protection
0
expires
Thu, 14 May 2020 17:15:38 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/37/1
138 KB
52 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/37/1/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDvsrA_bCF0EfL5Jsd5W5eZUUDbBGGi8qI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dc3a72ec8208475beac2e9b54347c8a4168aafc3ea01276c149ed0e5a8bf5e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 15 May 2019 17:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 May 2019 19:54:49 GMT
server
sffe
age
28823
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
52841
x-xss-protection
0
expires
Thu, 14 May 2020 17:15:38 GMT
AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.citicleanga.com%2F&4sAIzaSyDvsrA_bCF0EfL5Jsd5W5eZUUDbBGGi8qI&callback=_xdc_._e6bwh9&key=AIzaSyDvsrA_bCF0EfL5Jsd5W5eZUUDbBGGi8qI&token=100248
maps.googleapis.com/maps/api/js
62 B
147 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.citicleanga.com%2F&4sAIzaSyDvsrA_bCF0EfL5Jsd5W5eZUUDbBGGi8qI&callback=_xdc_._e6bwh9&key=AIzaSyDvsrA_bCF0EfL5Jsd5W5eZUUDbBGGi8qI&token=100248
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/37/1/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
ae3a673820fed19c60a8ba5802852f85ffd3353327369beab247f920cb9e9b91
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.citicleanga.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 01:16:01 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=10
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 5
  • https://citicleanga.com/css/full/app.css
  • https://www.citicleanga.com/css/full/app.css
Request 9
  • https://citicleanga.com/js/full/app.full.js
  • https://www.citicleanga.com/js/full/app.full.js
Request 22
  • https://maps.google.com/maps?&q=Atlanta+,+30135,+US&output=embed&z=10&iwloc=near
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sAtlanta+,+30135,+US!6i10

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| dataLayer object| google_tag_manager object| _xdc_

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 183=SeNIor5CK7YbZfCPqPXmOvgaK16gA6COlZrmyKxar0h8e3dRfgA9KdZ4DKozHAIDbTNi8wFQJ372vn2PkAMsW_jRvohLAYhlJCVoVDovN73onLVPbKlCYmiQnXJTZAS_a_RsRt-XbGJwu78pGH0a48fenLTNDebZ7oWSl_Ad2wI

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

ajax.googleapis.com
cdnjs.cloudflare.com
citicleanga.com
fonts.googleapis.com
maps.google.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
s3.eu-west-1.amazonaws.com
www.citicleanga.com
www.google.com
www.googletagmanager.com


209.197.3.15
2606:4700::6813:c397
2a00:1450:4001:806::2008
2a00:1450:4001:817::200a
2a00:1450:4001:818::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2004
52.10.247.196
52.218.104.194
52.36.238.209

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
0cd584e955ab8f6957764c65f94f6473fd4825fc284058bfc62ad9189cf7bf66
1192091dde4666a1c57ded2e2f85e98b09d187cb361b35d976402cb4c7f4e6a1
2939d607a8ad67edbc7ade28075844c18c904d4b2b87145db848382a50af0214
2a6573cdab3b1b3532b8d121647d421de036ba07fb33cc0ef77a3e2c1c390e18
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3ad5b7d3b9fbbc1eb86144fbb5c5f375941ab2be909fbdf14142d81e9e477908
447eaf7374fd73c080a4cbdf9c68157f068b03e35f824cf1dd35d738509de239
6e2a58aea2a487bbe7b3b7cc93789085ee564c2942f5876c9982ffcbdd628979
721330d46d80ae542a21964ee8587ed978eb359bb13b009f6df6521e3e5c71ae
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7c1b36e8b1c2bb7e24d2367e48eea05b44bdc4b5882f7e410ef6fd114e387bbc
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8e2d5b7c96931a7cac72873b2f3715f72349cb9bc6289d1facedca268d686864
9219112a471c8cbeef1fd47df265cfab0d7ff7c59dfcca62547b32f9eb18e965
9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a
9e9b4c53bd25cad9c04d370f133a5e32d166d0d54e2a9ad6cba4a31fcd382d5b
a734220f9c1dc90676c4d81a52e4ad4c386572e6f35301481b587365a3c8a420
acd030e48e35b84296e273d91137a12717ee8a7dc46e738effb27d5483ffbcaf
ae3a673820fed19c60a8ba5802852f85ffd3353327369beab247f920cb9e9b91
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
ce9a64bcad01a8438eabf6414231e72478ed6556505bb0b405f7c8f77c7d7187
d65d5736a9ee931818e95cd4a1c26a34548bde3595b9d2f8f1371b6a4b16c7a8
dc3a72ec8208475beac2e9b54347c8a4168aafc3ea01276c149ed0e5a8bf5e45