Submitted URL: https://www.citizen.monster/
Effective URL: http://www.citizen.monster/
Submission: On December 25 via automatic, source certstream-suspicious

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2a01:4f9:2a:304::1, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.citizen.monster.
This is the only time www.citizen.monster was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 2a01:4f9:2a:3... 24940 (HETZNER-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a02:6b8::1:119 13238 (YANDEX)
18 6
Domain Requested by
9 www.citizen.monster 1 redirects www.citizen.monster
5 mc.yandex.ru 1 redirects www.citizen.monster
2 fonts.gstatic.com www.citizen.monster
2 cdnjs.cloudflare.com www.citizen.monster
1 www.googletagmanager.com www.citizen.monster
1 fonts.googleapis.com www.citizen.monster
18 6

This site contains no links.

Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh

This page contains 1 frames:

Primary Page: http://www.citizen.monster/
Frame ID: 57074B87B8B517FC034258506809E2AC
Requests: 18 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.citizen.monster/ HTTP 302
    http://www.citizen.monster/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

18
Requests

56 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

218 kB
Transfer

799 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.citizen.monster/ HTTP 302
    http://www.citizen.monster/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://mc.yandex.ru/watch/54135070?wmode=7&page-url=http%3A%2F%2Fwww.citizen.monster%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577269726483%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191225112847%3Aet%3A1577269727%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A210327497%3Ahid%3A594482651%3Ads%3A0%2C25%2C70%2C2%2C143%2C0%2C0%2C116%2C0%2C%2C%2C%2C363%3Afp%3A359%3Awn%3A9794%3Ahl%3A2%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1577269727%3Au%3A1577269727351828889%3At%3AW.C%20El%20blog HTTP 302
  • https://mc.yandex.ru/watch/54135070/1?wmode=7&page-url=http%3A%2F%2Fwww.citizen.monster%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577269726483%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191225112847%3Aet%3A1577269727%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A210327497%3Ahid%3A594482651%3Ads%3A0%2C25%2C70%2C2%2C143%2C0%2C0%2C116%2C0%2C%2C%2C%2C363%3Afp%3A359%3Awn%3A9794%3Ahl%3A2%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1577269727%3Au%3A1577269727351828889%3At%3AW.C%20El%20blog

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.citizen.monster/
Redirect Chain
  • https://www.citizen.monster/
  • http://www.citizen.monster/
15 KB
4 KB
Document
General
Full URL
http://www.citizen.monster/
Protocol
HTTP/1.1
Server
2a01:4f9:2a:304::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
37a4fd3ff1d987b9726e775d6b4b9b6c19c8b32312209432d1f5f00abdac7243

Request headers

Host
www.citizen.monster
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

Server
nginx
Date
Wed, 25 Dec 2019 10:28:46 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-ray
wn1203:0.050/wal1203:D=43764
Content-Encoding
gzip

Redirect headers

status
302
server
nginx
date
Wed, 25 Dec 2019 10:28:46 GMT
content-type
text/html
content-length
138
location
http://www.citizen.monster/
x-ray
wn1203:0.000/
lumen.css
www.citizen.monster/per/themes/
179 KB
26 KB
Stylesheet
General
Full URL
http://www.citizen.monster/per/themes/lumen.css
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
HTTP/1.1
Server
2a01:4f9:2a:304::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
2abae69c5a97218282b945947187ea560cf1e198038bc0ab373c1fb587d82c75

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray
wn1203:0.000/
Content-Encoding
gzip
Last-Modified
Wed, 25 Dec 2019 10:09:18 GMT
Server
nginx
ETag
W/"5e03354e-2cbbd"
Transfer-Encoding
chunked
Content-Type
text/css
Date
Wed, 25 Dec 2019 10:28:46 GMT
Connection
keep-alive
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/
86 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 10:28:46 GMT
content-encoding
br
cf-cache-status
HIT
age
20375192
cf-ray
54aa21502c94cbb0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 01 May 2019 21:45:59 GMT
server
cloudflare
etag
W/"5cca1397-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 14 Dec 2020 10:28:46 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/
57 KB
15 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 10:28:46 GMT
content-encoding
br
cf-cache-status
HIT
age
21903604
cf-ray
54aa21502c96cbb0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Fri, 15 Feb 2019 18:45:50 GMT
server
cloudflare
etag
W/"5c6708de-e2d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 14 Dec 2020 10:28:46 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.002
css
fonts.googleapis.com/
10 KB
827 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5d81f36cc4cb48d362bb822e925f752c7fccd97257b97f8a2f074544ec9e6c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 25 Dec 2019 10:28:46 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 25 Dec 2019 10:28:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 25 Dec 2019 10:28:46 GMT
gtm.js
www.googletagmanager.com/
64 KB
23 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3BXLBQ
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f28d8437b161f0fce4153164d76555d21771b749b29c2cd86e08ade9a2780c53
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Dec 2019 10:28:46 GMT
content-encoding
br
last-modified
Wed, 25 Dec 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
23586
x-xss-protection
0
expires
Wed, 25 Dec 2019 10:28:46 GMT
1.jpg
www.citizen.monster/
203 B
203 B
Image
General
Full URL
http://www.citizen.monster/1.jpg
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
HTTP/1.1
Server
2a01:4f9:2a:304::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
42ffeadc72a3a55a316cc45535a696da5d9b8e0e4ae7921a1b3f4660d1712f12

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray
wn1203:0.000/wal1203:D=2500
Server
nginx
Connection
keep-alive
Date
Wed, 25 Dec 2019 10:28:46 GMT
Content-Length
203
Content-Type
text/html; charset=iso-8859-1
2.jpg
www.citizen.monster/
203 B
203 B
Image
General
Full URL
http://www.citizen.monster/2.jpg
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
HTTP/1.1
Server
2a01:4f9:2a:304::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8930c0d4448c7dc2a288f20684f5ccb40c51323891482aa825d6b037610bb432

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray
wn1203:0.010/wal1203:D=4072
Server
nginx
Connection
keep-alive
Date
Wed, 25 Dec 2019 10:28:46 GMT
Content-Length
203
Content-Type
text/html; charset=iso-8859-1
3.jpg
www.citizen.monster/
203 B
203 B
Image
General
Full URL
http://www.citizen.monster/3.jpg
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
HTTP/1.1
Server
2a01:4f9:2a:304::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
4229cfe8d8beb8c57bee731e3a30fed1dcb2080b90e0d7ee37655e0e81170f3d

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray
wn1203:0.000/wal1203:D=2425
Server
nginx
Connection
keep-alive
Date
Wed, 25 Dec 2019 10:28:46 GMT
Content-Length
203
Content-Type
text/html; charset=iso-8859-1
4.jpg
www.citizen.monster/
203 B
203 B
Image
General
Full URL
http://www.citizen.monster/4.jpg
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
HTTP/1.1
Server
2a01:4f9:2a:304::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
72da0150735aa7d5d73550a39f448dc26ae931f7e81fbbeaac349289b4640e72

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray
wn1203:0.000/wal1203:D=3829
Server
nginx
Connection
keep-alive
Date
Wed, 25 Dec 2019 10:28:46 GMT
Content-Length
203
Content-Type
text/html; charset=iso-8859-1
5.jpg
www.citizen.monster/
203 B
203 B
Image
General
Full URL
http://www.citizen.monster/5.jpg
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
HTTP/1.1
Server
2a01:4f9:2a:304::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c39fb918d819b16ab2cfc59ef1d824ceeb2b935efc3b440f1b7e11c4def72d2f

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray
wn1203:0.010/wal1203:D=3433
Server
nginx
Connection
keep-alive
Date
Wed, 25 Dec 2019 10:28:46 GMT
Content-Length
203
Content-Type
text/html; charset=iso-8859-1
6.jpg
www.citizen.monster/
203 B
203 B
Image
General
Full URL
http://www.citizen.monster/6.jpg
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
HTTP/1.1
Server
2a01:4f9:2a:304::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
267dbad9b6005e317e40dc129048967d08cdadcbf3d3f085a7529baa3481b81d

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ray
wn1203:0.010/wal1203:D=3251
Server
nginx
Connection
keep-alive
Date
Wed, 25 Dec 2019 10:28:46 GMT
Content-Length
203
Content-Type
text/html; charset=iso-8859-1
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
Origin
http://www.citizen.monster

Response headers

date
Wed, 20 Nov 2019 04:42:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:19 GMT
server
sffe
age
3044753
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13324
x-xss-protection
0
expires
Thu, 19 Nov 2020 04:42:53 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
Origin
http://www.citizen.monster

Response headers

date
Fri, 20 Dec 2019 18:46:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:17 GMT
server
sffe
age
402165
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12976
x-xss-protection
0
expires
Sat, 19 Dec 2020 18:46:01 GMT
tag.js
mc.yandex.ru/metrika/
362 KB
92 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.citizen.monster
URL: http://www.citizen.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
53637866c5c5d5bad4a0342a6eb2fd39d7125273c57cd7a3aca611f31da84c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 10:28:46 GMT
Content-Encoding
br
Last-Modified
Tue, 10 Dec 2019 10:33:56 GMT
Server
nginx/1.14.2
ETag
"5def7494-16d88"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93576
Expires
Wed, 25 Dec 2019 11:28:46 GMT
1
mc.yandex.ru/watch/54135070/
Redirect Chain
  • https://mc.yandex.ru/watch/54135070?wmode=7&page-url=http%3A%2F%2Fwww.citizen.monster%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577269726483%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613...
  • https://mc.yandex.ru/watch/54135070/1?wmode=7&page-url=http%3A%2F%2Fwww.citizen.monster%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577269726483%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/54135070/1?wmode=7&page-url=http%3A%2F%2Fwww.citizen.monster%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577269726483%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191225112847%3Aet%3A1577269727%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A210327497%3Ahid%3A594482651%3Ads%3A0%2C25%2C70%2C2%2C143%2C0%2C0%2C116%2C0%2C%2C%2C%2C363%3Afp%3A359%3Awn%3A9794%3Ahl%3A2%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1577269727%3Au%3A1577269727351828889%3At%3AW.C%20El%20blog
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 10:28:47 GMT
Last-Modified
Wed, 25-Dec-2019 10:28:47 GMT
Server
nginx/1.14.2
Location
/watch/54135070/1?wmode=7&page-url=http%3A%2F%2Fwww.citizen.monster%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577269726483%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191225112847%3Aet%3A1577269727%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A210327497%3Ahid%3A594482651%3Ads%3A0%2C25%2C70%2C2%2C143%2C0%2C0%2C116%2C0%2C%2C%2C%2C363%3Afp%3A359%3Awn%3A9794%3Ahl%3A2%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1577269727%3Au%3A1577269727351828889%3At%3AW.C%20El%20blog
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
http://www.citizen.monster
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 25-Dec-2019 10:28:47 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 10:28:47 GMT
Last-Modified
Wed, 25-Dec-2019 10:28:47 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://www.citizen.monster
Strict-Transport-Security
max-age=31536000
Location
/watch/54135070/1?wmode=7&page-url=http%3A%2F%2Fwww.citizen.monster%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577269726483%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191225112847%3Aet%3A1577269727%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A210327497%3Ahid%3A594482651%3Ads%3A0%2C25%2C70%2C2%2C143%2C0%2C0%2C116%2C0%2C%2C%2C%2C363%3Afp%3A359%3Awn%3A9794%3Ahl%3A2%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1577269727%3Au%3A1577269727351828889%3At%3AW.C%20El%20blog
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 25-Dec-2019 10:28:47 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.citizen.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Dec 2019 10:28:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Wed, 25 Dec 2019 11:28:47 GMT
1
mc.yandex.ru/watch/54135070/
152 B
706 B
XHR
General
Full URL
https://mc.yandex.ru/watch/54135070/1?wmode=7&page-url=http%3A%2F%2Fwww.citizen.monster%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1577269726483%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191225112847%3Aet%3A1577269727%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A210327497%3Ahid%3A594482651%3Ads%3A0%2C25%2C70%2C2%2C143%2C0%2C0%2C116%2C0%2C%2C%2C%2C363%3Afp%3A359%3Awn%3A9794%3Ahl%3A2%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1577269727%3Au%3A1577269727351828889%3At%3AW.C%20El%20blog
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
669368a302a2fe0b1cd564a761cc7cb9fe2de9ace507d6c0aec6098a3230e1a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.citizen.monster/
Origin
http://www.citizen.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 25 Dec 2019 10:28:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25-Dec-2019 10:28:47 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.citizen.monster
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Wed, 25-Dec-2019 10:28:47 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| $ function| jQuery object| bootstrap object| google_tag_manager function| ym object| Ya object| yaCounter54135070

2 Cookies

Domain/Path Name / Value
.citizen.monster/ Name: _ym_d
Value: 1577269727
.citizen.monster/ Name: _ym_uid
Value: 1577269727351828889

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
www.citizen.monster
www.googletagmanager.com
2606:4700::6811:4104
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:814::2003
2a01:4f9:2a:304::1
2a02:6b8::1:119
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
267dbad9b6005e317e40dc129048967d08cdadcbf3d3f085a7529baa3481b81d
2abae69c5a97218282b945947187ea560cf1e198038bc0ab373c1fb587d82c75
37a4fd3ff1d987b9726e775d6b4b9b6c19c8b32312209432d1f5f00abdac7243
4229cfe8d8beb8c57bee731e3a30fed1dcb2080b90e0d7ee37655e0e81170f3d
42ffeadc72a3a55a316cc45535a696da5d9b8e0e4ae7921a1b3f4660d1712f12
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
53637866c5c5d5bad4a0342a6eb2fd39d7125273c57cd7a3aca611f31da84c8f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d81f36cc4cb48d362bb822e925f752c7fccd97257b97f8a2f074544ec9e6c99
669368a302a2fe0b1cd564a761cc7cb9fe2de9ace507d6c0aec6098a3230e1a9
72da0150735aa7d5d73550a39f448dc26ae931f7e81fbbeaac349289b4640e72
8930c0d4448c7dc2a288f20684f5ccb40c51323891482aa825d6b037610bb432
c39fb918d819b16ab2cfc59ef1d824ceeb2b935efc3b440f1b7e11c4def72d2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
f28d8437b161f0fce4153164d76555d21771b749b29c2cd86e08ade9a2780c53