urlscan.io logo urlscan.io
SecurityTrails logo

citiwears.online Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://citiwears.online/
Submission: On March 25 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 7 countries across 17 domains to perform 23 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is citiwears.online.
TLS certificate: Issued by GTS CA 1P5 on March 25th 2023. Valid for: 3 months.
This is the only time citiwears.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 134.0.10.34 197712 (CDMON sis...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 23.227.60.200 13335 (CLOUDFLAR...)
1 200.128.56.104 53164 (UNIVERSID...)
3 2a04:4e42:400... 54113 (FASTLY)
1 108.138.7.85 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 46.105.201.240 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 149.56.240.131 16276 (OVH)
23 17
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
citiwears.online
www.significadodossonhos.inf.br
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    134.0.10.34 (Spain)

ASN197712 (CDMON sistemes@cdmon.com, ES)
PTR: vxhca-10.srv.cat
www.area15.es
1    2606:4700:20::681a:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.arredamentomd.it
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    2606:4700::6812:1166 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudinary.images-iherb.com
1    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
external-preview.redd.it
1    23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
cdn.shopify.com
1    200.128.56.104 (Lauro de Freitas, Brazil)

ASN53164 (UNIVERSIDADE FEDERAL DA BAHIA, BR)
PTR: 200-128-56-104.rev4.ufba.br
www.cienciaecultura.ufba.br
3    2a04:4e42:400::272 (United States)

ASN54113 (FASTLY, US)
m.media-amazon.com
1    108.138.7.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-85.fra56.r.cloudfront.net
www.jonak.fr
2    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2400:52e0:1e00::874:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
static.significados.com.br
1    2a02:26f0:3500:893::24d4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
i.ebayimg.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    149.56.240.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534299.ip-149-56-240.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
3 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 533
170 KB
2 gstatic.com
fonts.gstatic.com
38 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 19429
s4.histats.com — Cisco Umbrella Rank: 16307
5 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
57 KB
2 citiwears.online
citiwears.online
32 KB
1 ebayimg.com
i.ebayimg.com — Cisco Umbrella Rank: 3695
13 KB
1 significadodossonhos.inf.br
www.significadodossonhos.inf.br
75 KB
1 significados.com.br
static.significados.com.br — Cisco Umbrella Rank: 902765
65 KB
1 jonak.fr
www.jonak.fr
20 KB
1 ufba.br
www.cienciaecultura.ufba.br
246 KB
1 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 1732
41 KB
1 redd.it
external-preview.redd.it — Cisco Umbrella Rank: 3849
15 KB
1 images-iherb.com
cloudinary.images-iherb.com — Cisco Umbrella Rank: 88325
182 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3033
88 KB
1 arredamentomd.it
www.arredamentomd.it
71 KB
1 area15.es
www.area15.es
67 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 783
7 KB
23 17
Domain Requested by
3 m.media-amazon.com citiwears.online
2 fonts.gstatic.com citiwears.online
2 i.ytimg.com citiwears.online
2 citiwears.online citiwears.online
1 s4.histats.com s10.histats.com
1 s10.histats.com citiwears.online
1 i.ebayimg.com citiwears.online
1 www.significadodossonhos.inf.br citiwears.online
1 static.significados.com.br citiwears.online
1 www.jonak.fr citiwears.online
1 www.cienciaecultura.ufba.br citiwears.online
1 cdn.shopify.com citiwears.online
1 external-preview.redd.it citiwears.online
1 cloudinary.images-iherb.com citiwears.online
1 i0.wp.com citiwears.online
1 www.arredamentomd.it citiwears.online
1 www.area15.es citiwears.online
1 maxcdn.bootstrapcdn.com citiwears.online
23 18

This site contains no links.

Subject Issuer Validity Valid
*.citiwears.online
GTS CA 1P5		 2023-03-25 -
2023-06-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.area15.es
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.redd.it
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-17 -
2023-05-15		 6 months crt.sh
cdn.shopify.com
R3		 2023-03-17 -
2023-06-15		 3 months crt.sh
*.acervo.mae.ufba.br
RNP ICPEdu OV SSL CA 2019		 2022-04-06 -
2023-05-08		 a year crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-10-19 -
2023-10-18		 a year crt.sh
www.jonak.fr
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-06-27 -
2023-07-12		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
static.significados.com.br
R3		 2023-03-17 -
2023-06-15		 3 months crt.sh
www.ebay.com
Sectigo RSA Organization Validation Secure Server CA		 2022-08-16 -
2023-08-16		 a year crt.sh
histats.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://citiwears.online/
Frame ID: 45B842E1655D4CF2E36DAB0470CEAE99
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Citiwears Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

23
Requests

96 %
HTTPS

59 %
IPv6

17
Domains

18
Subdomains

17
IPs

7
Countries

1192 kB
Transfer

1375 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citiwears.online/ 		113 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717d460e22ab33c36ee4321a41e521f6a10c9fa02fe6260a20494d9ae2071a55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ad97fb8086db7df-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 25 Mar 2023 19:18:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJrWc%2BRgF2GGpRhlFeKegESrGqzqHa6z1Y4u9Q1k6pofyKmzyBhdmu60MRKuisV6UAE1t77CNREnRDT7zVRI9mR%2Fm5zN5X9ybAfGCmkZbKSMDceD8oi%2B89y5aKQv1wYyGT3fh4zHpIGtCaXabg9A"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.min.css
citiwears.online/wp-includes/css/dist/block-library/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citiwears.online/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Sep 2022 13:48:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63208a2c-145a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2U6lEntzW9ptpH1ptMzcU2zHBGbP%2F5kZKq6vi0sXlCutCCtU7PhDSOMmUOYdh4D5OKrZpMyeGBNMFYRSI%2FR0IG45eL5zuskyiwf%2BNdrtTIWhPAnUaw4mQE7HuBvdrvU6zjDErJRlrHIU6WRWdsR9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7ad97fb969e6b7df-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
1381912
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
be050c61329891fb4ef880afd785a1b0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7ad97fb9af111c8d-AMS
cdn-requestpullsuccess
True
gasto-calefaccion.jpg
www.area15.es/wp-content/uploads/2021/10/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.area15.es/wp-content/uploads/2021/10/gasto-calefaccion.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.0.10.34 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS
vxhca-10.srv.cat
Software
Apache /
Resource Hash
a9f7da6475ce99bef1024a7a8f927276b4caf56b3d3d4b2cf86fb7055a6bb12a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
last-modified
Tue, 24 May 2022 10:35:39 GMT
server
Apache
accept-ranges
bytes
etag
"10b68-5dfbf848cfa99"
content-length
68456
content-type
image/jpeg
armadio-a-ponte-angolare-con-cabina-20-colori.jpg
www.arredamentomd.it/pub/media/catalog/product/cache/d2cc037d453d5152566e240af5bbdee0/a/r/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.arredamentomd.it/pub/media/catalog/product/cache/d2cc037d453d5152566e240af5bbdee0/a/r/armadio-a-ponte-angolare-con-cabina-20-colori.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3eb916a7bf96d3a9bd5026d6768d45e833f283a391f43583ee623e4f5434142d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
content-length
71856
last-modified
Sun, 30 Jan 2022 15:11:48 GMT
server
cloudflare
etag
"118b0-5d6ce16430f8f"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuLOFtnaehTqZNG7Y8z5ICAGG6CRwXL40qRZhAsKqlAaYM5SRNUO%2Bug%2BRHuvueP%2Fn%2BR2JH74VjEOFypmn8y6SaXNbOkmj4jXw8qSeb%2B2U2Z48b35ZiLOJhCbZ4z37OKE9SWXSrZFQKDY9sdl%2BPDWD%2F1f"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7ad97fba3f50b761-AMS
expires
Sun, 24 Mar 2024 19:18:17 GMT
o-rei-amarelo-em-quadrinhos-raphael-fernandes-editora-draco-canto-do-gargula-02.jpeg
i0.wp.com/cantodogargula.com.br/wp-content/uploads/2019/09/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/cantodogargula.com.br/wp-content/uploads/2019/09/o-rei-amarelo-em-quadrinhos-raphael-fernandes-editora-draco-canto-do-gargula-02.jpeg?resize=736%2C1068&ssl=1
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
893c928f282ee9e66915e739b9962250cb4424c004c74bc3832681e617a3a870
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-nc
MISS ams 6
date
Sat, 25 Mar 2023 19:18:18 GMT
x-content-type-options
nosniff
last-modified
Sat, 25 Mar 2023 19:18:18 GMT
server
nginx
etag
"f8ba953cc274d355"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://cantodogargula.com.br/wp-content/uploads/2019/09/o-rei-amarelo-em-quadrinhos-raphael-fernandes-editora-draco-canto-do-gargula-02.jpeg>; rel="canonical"
content-length
89638
expires
Tue, 25 Mar 2025 07:18:18 GMT
13.jpg
cloudinary.images-iherb.com/image/upload/f_auto,q_auto:eco/images/amh/amh03233/l/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudinary.images-iherb.com/image/upload/f_auto,q_auto:eco/images/amh/amh03233/l/13.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c0619ab3f89c79774c4b085906581bbb08ee031647eb05de2eec5e2012da230
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
edge-cache-tag
442658765051129199124195838893132501780,219490924112501162271260378956069092071,c49c7b33ef70264ff5906972fe35dd32,~1~96df969d1b519f57db3c9e623b8c9fb31d32223f
server-timing
cld-fastly;mitm=aco;dur=113;cpu=0;start=2023-03-25T19:18:18.031Z;desc=miss,rtt;dur=88,cloudinary;dur=105;start=2023-03-25T19:18:18.032Z
content-length
185421
last-modified
Fri, 04 Nov 2022 19:23:40 GMT
server
cloudflare
etag
"c6482d2ef74e886522846577c2a3d2d9"
vary
Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
accept-ranges
bytes
cf-ray
7ad97fba3aec0eb3-AMS
timing-allow-origin
*
59H_nxF1C-ar4oXzdyIEjspLhegbDaoj8gO8Lll_yVY.jpg
external-preview.redd.it/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/59H_nxF1C-ar4oXzdyIEjspLhegbDaoj8gO8Lll_yVY.jpg?auto=webp&s=4351aafd3d0adbf7802ec85b9424e321952c5cd8
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
a489b450a32e05e4ef222aa06297c338bf815eceaf84ce0e09b40dbaed71206e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.5, "failure_fraction": 0.5}
server
snooserv
etag
"61yteUv5Sss8Wxnnu8si22icjLtdWkTK+WzykyetZwQ"
vary
Accept,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
image/webp
fastly-io-info
ifsz=39129 idim=1000x1000 ifmt=jpeg ofsz=14682 odim=1000x1000 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-length
14682
twisted-tailor-orchid-white-and-pink-floral-suit-36278976053492_1024x1024.jpg
cdn.shopify.com/s/files/1/0103/0242/3099/products/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0103/0242/3099/products/twisted-tailor-orchid-white-and-pink-floral-suit-36278976053492_1024x1024.jpg?v=1644340253
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6301266d05c9e9a9272414dc1b48524e193114367a76b459b40a969016cb3a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
source-type
image/jpeg
server-timing
imagery;dur=644.535, imageryFetch;dur=149.251, imageryProcess;dur=494.123;desc="image", cfRequestDuration;dur=447.999954
source-length
268030
content-length
40482
x-xss-protection
1; mode=block
x-request-id
94fc4a15-53e0-44b7-9923-f825704bffb9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 25 Mar 2023 06:57:34 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJfGVFNLC5RQFR3kuKafaR%2F4Im6CmFzRXdTanYmfoa5J2VAKMsK3RkbnJL%2BaIBb7o0%2FhwjG5ZUKSUxOwh4exQhiQq2qgGTUNTVxnN8EimCqbQRLBqX1w3uuUtpGcu8eTZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0103/0242/3099/products/twisted-tailor-orchid-white-and-pink-floral-suit-36278976053492_1024x1024.jpg>; rel="canonical"
cf-ray
7ad97fba4c2b9b8f-FRA
pesquiadoras.jpg
www.cienciaecultura.ufba.br/agenciadenoticias/wp-content/uploads/2018/06/ 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cienciaecultura.ufba.br/agenciadenoticias/wp-content/uploads/2018/06/pesquiadoras.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.128.56.104 Lauro de Freitas, Brazil, ASN53164 (UNIVERSIDADE FEDERAL DA BAHIA, BR),
Reverse DNS
200-128-56-104.rev4.ufba.br
Software
Apache/2.4.6 (CloudLinux) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 mod_wsgi/3.4 Python/2.7.5 /
Resource Hash
7b268e16ed364e7f20409ac6583bd768f0f7887f88f567928c7f04a3555f533f
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 19:18:17 GMT
Strict-Transport-Security
max-age=3600; includeSubDomains; preload
Last-Modified
Mon, 18 Jun 2018 16:24:32 GMT
Server
Apache/2.4.6 (CloudLinux) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 mod_wsgi/3.4 Python/2.7.5
ETag
"3d5b2-56eed0020b000"
Content-Type
image/jpeg
Cache-Control
s-maxage=10, private
Accept-Ranges
bytes
Content-Length
251314
61Wsk8+S0EL._AC_SL1500_.jpg
m.media-amazon.com/images/I/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/61Wsk8+S0EL._AC_SL1500_.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d7554c09153f243b39bab21f5193e130980101349f84bc54a11e78ce02034d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires
Tue, 17 Mar 2043 00:25:27 GMT
date
Sat, 25 Mar 2023 19:18:18 GMT
last-modified
Thu, 27 Aug 2020 08:34:49 GMT
age
327171
x-cache
HIT from fastly, MISS from fastly
content-type
image/jpeg
access-control-allow-origin
*
x-nginx-cache-status
MISS
cache-control
max-age=630720000,public
x-amz-ir-id
5cbe9950-e9d9-4285-bcc2-139abe895217
server-timing
provider;desc="fy"
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
91591
x-served-by
cache-iad-kjyo7100026-IAD, cache-ams21025-AMS
01W006985A.1597420214.jpg
www.jonak.fr/fstrz/r/s/www.jonak.fr/phototheque/jonak.fr/7000/prodfp/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jonak.fr/fstrz/r/s/www.jonak.fr/phototheque/jonak.fr/7000/prodfp/01W006985A.1597420214.jpg?frz-v=874
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
fasterize /
Resource Hash
da9782dae279c0b15b8a0b7da802483c8abec89caa8e807cf0334427d6cbe43b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-length
20399
x-xss-protection
1; mode=block
x-gen-id
32147897c4d6ea52f403aafb2e55d175
x-unique-id
d4e627650b9c2316b717b85914b45656
last-modified
Fri, 14 Aug 2020 15:50:14 GMT
x-fstrz
o,c
server
fasterize
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/avif
cache-control
max-age=2592000
x-amz-cf-id
13vxgaVYAgyQw5ufrpmSFLZt-_5bE62pMcn7wCv_4cws_OhVGUsUnQ==
expires
Mon, 24 Apr 2023 06:57:36 GMT
519pFg6ZXWL.jpg
m.media-amazon.com/images/I/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/519pFg6ZXWL.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83a7ea350922b449ca9d8854506414087d31b654204d4b4d4e3c647e210ccca3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires
Thu, 12 Mar 2043 20:49:00 GMT
date
Sat, 25 Mar 2023 19:18:17 GMT
last-modified
Mon, 25 Aug 2014 20:15:18 GMT
age
685757
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
x-nginx-cache-status
MISS
cache-control
max-age=630720000,public
x-amz-ir-id
d2ba9cc0-48cb-4497-aade-53ab06b6aa27
server-timing
provider;desc="fy"
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
57486
x-served-by
cache-iad-kjyo7100083-IAD, cache-ams21025-AMS
hqdefault.jpg
i.ytimg.com/vi/raeWX1ft6aE/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/raeWX1ft6aE/hqdefault.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c82acd600f89118345288e8412d37b7b3922a43cf6ec17061908be1ef479663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38526
x-xss-protection
0
server
sffe
etag
"1410381757"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 25 Mar 2023 21:18:18 GMT
81VZzbv8CBL._AC_SX522_.jpg
m.media-amazon.com/images/I/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/81VZzbv8CBL._AC_SX522_.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
721ecdb4bd55c48e14abc0189bc5da7b5364c47a01b2868dee422fa1315b0cbf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires
Tue, 17 Mar 2043 20:14:27 GMT
date
Sat, 25 Mar 2023 19:18:18 GMT
last-modified
Fri, 12 Jul 2019 20:26:31 GMT
age
255830
x-cache
HIT from fastly, MISS from fastly
content-type
image/jpeg
access-control-allow-origin
*
x-nginx-cache-status
MISS
cache-control
max-age=630720000,public
x-amz-ir-id
b9276430-9fce-4c72-81ef-76a2c0d6e4d2
server-timing
provider;desc="fy"
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
24318
x-served-by
cache-iad-kcgs7200103-IAD, cache-ams21025-AMS
exemplo-1-cke.jpg
static.significados.com.br/foto/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.significados.com.br/foto/exemplo-1-cke.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::874:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-874 /
Resource Hash
17e37bc4addeddb7bb0289d7d95903f9e75ae16d510c99f37bd8a85721f4b93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires
Tue, 07 Feb 2023 22:27:53 GMT
date
Sat, 25 Mar 2023 19:18:18 GMT
x-content-type-options
nosniff
cdn-edgestorageid
863
cdn-cachedat
01/28/2023 20:32:07
cdn-pullzone
114924
content-length
65592
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 19 Apr 2021 18:02:45 GMT
server
BunnyCDN-DE1-874
cdn-proxyver
1.03
cdn-requestpullcode
206
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
max-age=2592000
cdn-requestid
9b76719696906ad9c5e457d2ffc5616f
accept-ranges
bytes
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
Sonhar-com-ladeira.2.jpg
www.significadodossonhos.inf.br/wp-content/uploads/2019/11/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.significadodossonhos.inf.br/wp-content/uploads/2019/11/Sonhar-com-ladeira.2.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abbeaf20258b594c3f075e0c1eee88ccd4a4468ee21b988621726b14f1eaa9ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Nov 2019 14:32:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5dc0366b-12aa8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juQ%2B2Tz1PoFvexhaHOrAo5WwyDWp09nDBunoSR9b2mjEpSlk3L7N2ZR62iuJHCQaUiLXm6rW5s6cqKX2aj1oO11G%2FrohUbtkg%2Feed5jeFuUrHfG%2BXE7ueag78SMwARQ%2FB4ykt1TAZsTdMxWJn06xgpKgI5fv%2Fam7m78mmFEK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7ad97fbbcb070bcd-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76456
expires
Thu, 31 Dec 2037 23:55:55 GMT
s-l400.jpg
i.ebayimg.com/images/g/ZCwAAOSw6LZehV1k/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/ZCwAAOSw6LZehV1k/s-l400.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:3500:893::24d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
ebay-proxy-server /
Resource Hash
3c4bb793d4c12a7ea4c55dfc60a36339fd91e6c3b797a05512c1d9232938055c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Apr 2020 15:34:59 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-FRA-zoe-anycast
akamai-grn
0.97a12417.1679771898.19e5349f
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
20
rlogid
t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*7%7F1%7Fg%28rbpv6610-1804d9c9aec-0x12b
x-ebay-c-version
1.0.0
content-length
12776
expires
Fri, 21 Apr 2023 19:32:30 GMT
mqdefault.jpg
i.ytimg.com/vi/P5616bFK8Nk/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/P5616bFK8Nk/mqdefault.jpg
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3714aa7ec76fe305b70393265511468f272a4c5964fd292082c3a35f45626fd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:18:18 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18975
x-xss-protection
0
server
sffe
etag
"1595721940"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 25 Mar 2023 21:18:18 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 19:13:53 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
750879200
1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v13/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v13/1YwB1sO8YE1Lyjf12WNiUA.woff2
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9687ee5934e8a8b125cd0e3f7e21b9eea12c5eba602dfb12941aeafaad44fbe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citiwears.online/
Origin
https://citiwears.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:41:46 GMT
x-content-type-options
nosniff
age
383792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23216
x-xss-protection
0
last-modified
Thu, 09 Feb 2017 19:14:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:41:46 GMT
sWn97sjs9uU0xeuHDScCTA.woff2
fonts.gstatic.com/s/tauri/v4/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tauri/v4/sWn97sjs9uU0xeuHDScCTA.woff2
Requested by
Host: citiwears.online
URL: https://citiwears.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59e8ef03bf8c9de0789a33dfff3f0bdbe21f5b473f84a485808c1d4d601a37b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citiwears.online/
Origin
https://citiwears.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:48:28 GMT
x-content-type-options
nosniff
age
383390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14904
x-xss-protection
0
last-modified
Wed, 20 Aug 2014 14:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:48:28 GMT
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4611924&@f16&@g1&@h1&@i1&@j1679771898132&@k0&@l1&@mCitiwears%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-145439977&@b3:1679771898&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcitiwears.online%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534299.ip-149-56-240.net
Software
/
Resource Hash
dfd02e42b00817128fa437b4cf1d4943f97d84c7caf5b776a21a98a03657cc86

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citiwears.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 19:18:18 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

8 Cookies

Domain/Path Name / Value
citiwears.online/ Name: HstCfa4611924
Value: 1679771898132
citiwears.online/ Name: HstCla4611924
Value: 1679771898132
citiwears.online/ Name: HstCmu4611924
Value: 1679771898132
citiwears.online/ Name: HstPn4611924
Value: 1
citiwears.online/ Name: HstPt4611924
Value: 1
citiwears.online/ Name: HstCnv4611924
Value: 1
citiwears.online/ Name: HstCns4611924
Value: 1
.images-iherb.com/ Name: __cf_bm
Value: iRhfKgS6SQfcvUDvXACaJ748R_rYbTikApiAtMWdpiA-1679771898-0-AfndHtU4/97SHP2s7EQB0kDwpHg3Wxo/9Jf5CKj6Gvrtshv+xJcB7mqVOgeFLMV1Ny7bch2EqhefI5Sqdk1WVXM=

2 Console Messages

Source Level URL
Text
security warning URL: https://citiwears.online/(Line 155)
Message:
Mixed Content: The page at 'https://citiwears.online/' was loaded over HTTPS, but requested an insecure element 'http://www.cienciaecultura.ufba.br/agenciadenoticias/wp-content/uploads/2018/06/pesquiadoras.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://citiwears.online/
Message:
Mixed Content: The page at 'https://citiwears.online/' was loaded over HTTPS, but requested an insecure element 'http://www.cienciaecultura.ufba.br/agenciadenoticias/wp-content/uploads/2018/06/pesquiadoras.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.shopify.com
citiwears.online
cloudinary.images-iherb.com
external-preview.redd.it
fonts.gstatic.com
i.ebayimg.com
i.ytimg.com
i0.wp.com
m.media-amazon.com
maxcdn.bootstrapcdn.com
s10.histats.com
s4.histats.com
static.significados.com.br
www.area15.es
www.arredamentomd.it
www.cienciaecultura.ufba.br
www.jonak.fr
www.significadodossonhos.inf.br
108.138.7.85
134.0.10.34
149.56.240.131
192.0.77.2
200.128.56.104
23.227.60.200
2400:52e0:1e00::874:1
2606:4700:20::681a:c05
2606:4700::6812:1166
2606:4700::6812:acf
2a00:1450:4001:811::2016
2a00:1450:4001:812::2003
2a02:26f0:3500:893::24d4
2a04:4e42:200::396
2a04:4e42:400::272
2a06:98c1:3121::3
46.105.201.240
17e37bc4addeddb7bb0289d7d95903f9e75ae16d510c99f37bd8a85721f4b93c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3714aa7ec76fe305b70393265511468f272a4c5964fd292082c3a35f45626fd1
3c0619ab3f89c79774c4b085906581bbb08ee031647eb05de2eec5e2012da230
3c4bb793d4c12a7ea4c55dfc60a36339fd91e6c3b797a05512c1d9232938055c
3eb916a7bf96d3a9bd5026d6768d45e833f283a391f43583ee623e4f5434142d
4c82acd600f89118345288e8412d37b7b3922a43cf6ec17061908be1ef479663
59e8ef03bf8c9de0789a33dfff3f0bdbe21f5b473f84a485808c1d4d601a37b8
717d460e22ab33c36ee4321a41e521f6a10c9fa02fe6260a20494d9ae2071a55
721ecdb4bd55c48e14abc0189bc5da7b5364c47a01b2868dee422fa1315b0cbf
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b268e16ed364e7f20409ac6583bd768f0f7887f88f567928c7f04a3555f533f
7d7554c09153f243b39bab21f5193e130980101349f84bc54a11e78ce02034d5
83a7ea350922b449ca9d8854506414087d31b654204d4b4d4e3c647e210ccca3
893c928f282ee9e66915e739b9962250cb4424c004c74bc3832681e617a3a870
8e6301266d05c9e9a9272414dc1b48524e193114367a76b459b40a969016cb3a
9687ee5934e8a8b125cd0e3f7e21b9eea12c5eba602dfb12941aeafaad44fbe3
a489b450a32e05e4ef222aa06297c338bf815eceaf84ce0e09b40dbaed71206e
a9f7da6475ce99bef1024a7a8f927276b4caf56b3d3d4b2cf86fb7055a6bb12a
abbeaf20258b594c3f075e0c1eee88ccd4a4468ee21b988621726b14f1eaa9ce
da9782dae279c0b15b8a0b7da802483c8abec89caa8e807cf0334427d6cbe43b
dfd02e42b00817128fa437b4cf1d4943f97d84c7caf5b776a21a98a03657cc86