r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2724
Expires: Sun, 20 Nov 2022 04:30:12 GMT
Date: Sun, 20 Nov 2022 03:44:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3672
Cache-Control: max-age=114457
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:48 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:32:25 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3085
Expires: Sun, 20 Nov 2022 04:36:13 GMT
Date: Sun, 20 Nov 2022 03:44:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 02:44:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3590
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Rug3grq7p/ocoBDDUZWyhrFBMhqRmhg2srqoREOFv5trhF15OH4K+0b0U4Uzpz1Ej/9QAeEjy28=
x-amz-request-id: FWCG1FWX7YDVV842
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 03:41:33 GMT
age: 195
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 03:44:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firstcitizncb.com/
162.210.101.174200 OK 40 kB IP 162.210.101.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (443)
Hash 0a5a071c23c0c47c9cc5594b8173a956
3dab933570bbfce66f5a1bdf2ceab2161d36de2a
8d16b5440e9431bc8fbdedef868b74b19e5a04ee2b4b8e7940e004f079b8286a
Analyzer Verdict Alert openphish First Citizens Bank
GET / HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:48 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:04:39 GMT
ETag: "93095-5edb7a4904f4e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 40082
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 942dde033a3bdb2e1fbea5e4ee31b74e
7f65820133a1ca5393aa4abbc67d7792880b88db
983697b718978f68dbecec858ebf82e84d10d3c6f7aaa75ea05d08b379fee4ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2164
Cache-Control: max-age=124097
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:48 GMT
Etag: "6378dbfd-117"
Expires: Mon, 21 Nov 2022 14:13:05 GMT
Last-Modified: Sat, 19 Nov 2022 13:37:01 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 942dde033a3bdb2e1fbea5e4ee31b74e
7f65820133a1ca5393aa4abbc67d7792880b88db
983697b718978f68dbecec858ebf82e84d10d3c6f7aaa75ea05d08b379fee4ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2164
Cache-Control: max-age=124097
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:48 GMT
Etag: "6378dbfd-117"
Expires: Mon, 21 Nov 2022 14:13:05 GMT
Last-Modified: Sat, 19 Nov 2022 13:37:01 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js
23.38.200.237200 OK 111 kB URL HTTP/2 assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32727)
Size 111 kB (110589 bytes)
Hash 132cdca594c07c1dbf16d5d908a288b9
360511b53768f2cc97f1bcbdd5333ace287b1473
260bd573c4fda39691a2d43c7128839c033e966de24fc0d2a5f791cd37da4026
GET /60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "42c8947598778870e8659b444ef578f5:1668106194.517398"
last-modified: Thu, 10 Nov 2022 18:49:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 110589
cache-control: max-age=3600
expires: Sun, 20 Nov 2022 04:44:48 GMT
date: Sun, 20 Nov 2022 03:44:48 GMT
access-control-allow-origin: http://firstcitizncb.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3d374813e78ddb03d2715267518f56f2
17155f2f9165ab8c9c6595187eff94188f81a0d5
7ff4fd1114eb233f12a47bdcc951065aa4998a4a43b343e55f5b1586ebd5666f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122674
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:48 GMT
Etag: "6378dee2-118"
Expires: Mon, 21 Nov 2022 13:49:22 GMT
Last-Modified: Sat, 19 Nov 2022 13:49:22 GMT
Server: nginx
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 02:44:49 GMT
cache-control: public,max-age=3600
age: 3599
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-dependencies.d41d8cd98f00b204e9800998ecf8427e.js
162.210.101.174200 OK 0 B URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-dependencies.d41d8cd98f00b204e9800998ecf8427e.js
IP 162.210.101.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-dependencies.d41d8cd98f00b204e9800998ecf8427e.js HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:48 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:35:28 GMT
ETag: "0-5edb812c465bb"
Accept-Ranges: bytes
Content-Length: 0
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.f7746f1db70cfc88fbc41f7647e7ad2e.css
162.210.101.174200 OK 41 kB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.f7746f1db70cfc88fbc41f7647e7ad2e.css
IP 162.210.101.174:0
Hash bb87163818fc96009838f45bc5fc4a01
2bbb932d8e11ed4e5ceedb444131ffa634e892f5
67360025fdaf53f2de6e300ad0223993eb79bee08b5845250c14c25ba74832d6
Analyzer Verdict Alert openphish First Citizens Bank
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.f7746f1db70cfc88fbc41f7647e7ad2e.css HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:48 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:35:27 GMT
ETag: "6f89b-5edb812bf2b58-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 40657
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.7094c7122e7518bde20422c16cd0f095.js
162.210.101.174200 OK 80 kB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.7094c7122e7518bde20422c16cd0f095.js
IP 162.210.101.174:0
File type ASCII text, with very long lines (1668)
Hash 969ecc11e2f75208ae88943ba342e32d
b2e7c673423b91c53f6509de42426a7f50c92fc3
b9cee1d7712491246a248b9d7c6efc88817749980ce54cee9430efb20d85390a
Analyzer Verdict Alert openphish First Citizens Bank
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.7094c7122e7518bde20422c16cd0f095.js HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:48 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:35:27 GMT
ETag: "60fc4-5edb812b83ec7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5737
Cache-Control: max-age=111460
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:49 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:42:29 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
firstcitizncb.com/content/dam/firstcitizens/images/logos/forever-first-web.svg
162.210.101.174200 OK 6.5 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/logos/forever-first-web.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3400)
Hash 9c4cff30a20a2c0a0c90ee5ed2fbf276
aef2b416be876424cbbb150b4c671b061f68e51f
faf7cb15d1e0ddf8c697883d15b9dcb2527df78a575a14b2f7adaf0bcad0f3fb
GET /content/dam/firstcitizens/images/logos/forever-first-web.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:20:37 GMT
ETag: "1955-5edb7ddb41535"
Accept-Ranges: bytes
Content-Length: 6485
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
push.services.mozilla.com/
34.223.160.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.160.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XX1NA7kUhStbJg4XaHYoPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xDdpp/FYobhk1WkgtjL5A7y6BLA=
firstcitizncb.com/content/dam/firstcitizens/images/icons/social-media-youtube.svg
162.210.101.174200 OK 730 B URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/icons/social-media-youtube.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 19d78dd16359175d46e9d91489765a65
7b927c3e0e3841495b646e96a2c97474fc4a8680
8650c4df5a32ed554d97c9ca0f5442c3e17748cff90a2feef95643c6fa860acd
GET /content/dam/firstcitizens/images/icons/social-media-youtube.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:20:33 GMT
ETag: "2da-5edb7dd73d9b6"
Accept-Ranges: bytes
Content-Length: 730
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
firstcitizncb.com/content/dam/firstcitizens/images/logos/fcb-logo-horiz-web-2020@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
162.210.101.174200 OK 15 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/logos/fcb-logo-horiz-web-2020@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
IP 162.210.101.174:0
File type PNG image data, 512 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash 93cde7e573753d1c0e6b9506c950f572
182462037adec6cf54dac5471e64b37d9cb1ad98
3fe953738d595123ee62ec716799b6f78083de502a44f99adfa9cf7a74e57dac
Analyzer Verdict Alert openphish First Citizens Bank
GET /content/dam/firstcitizens/images/logos/fcb-logo-horiz-web-2020@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:21:22 GMT
ETag: "3970-5edb7e05b314e"
Accept-Ranges: bytes
Content-Length: 14704
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
firstcitizncb.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-bill-pay@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
162.210.101.174200 OK 48 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-bill-pay@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
IP 162.210.101.174:0
File type PNG image data, 387 x 595, 8-bit/color RGBA, non-interlaced\012- data
Hash fc36efeb56ec22c8e635669f46140661
8bcc8651157ffd6fa60025fac6835378ca717f7e
91ad9da82508967f0e7c1bb506d572ea37a703e65450a0dec4bbbe04ab120e16
Analyzer Verdict Alert openphish First Citizens Bank
GET /content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-bill-pay@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:26:01 GMT
ETag: "bd7c-5edb7f0f8031e"
Accept-Ranges: bytes
Content-Length: 48508
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
firstcitizncb.com/content/dam/firstcitizens/images/logos/fcb-logo-brandmark-web.svg
162.210.101.174200 OK 3.7 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/logos/fcb-logo-brandmark-web.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 72e59128b800dca5b9e1e90d244fd858
559861297f50973a3bd963ec757172ad9924722e
1ef07013b9e10f8f80a614dc6c2677a566b59c97aa361b441ef009f0aa928084
GET /content/dam/firstcitizens/images/logos/fcb-logo-brandmark-web.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:20:38 GMT
ETag: "e57-5edb7ddb755af"
Accept-Ranges: bytes
Content-Length: 3671
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
firstcitizncb.com/content/dam/firstcitizens/images/icons/social-media-linked-in.svg
162.210.101.174200 OK 710 B URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/icons/social-media-linked-in.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d1ff14629ed16d0d868bed18128e91ec
ac54620b7cfbe3fddec99edf6bd954bc1d2b7cb3
b937804c6a80e27b2ae31f413899d1404d466f62257ce074e8970d3c8553a568
GET /content/dam/firstcitizens/images/icons/social-media-linked-in.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:20:32 GMT
ETag: "2c6-5edb7dd604aab"
Accept-Ranges: bytes
Content-Length: 710
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
firstcitizncb.com/content/dam/firstcitizens/images/promo/associate/tamika-signature@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
162.210.101.174200 OK 12 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/promo/associate/tamika-signature@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
IP 162.210.101.174:0
File type PNG image data, 584 x 248, 8-bit/color RGBA, non-interlaced\012- data
Hash 35271439b087e362a926977189dc9066
ff400f189a18caae045ebe46d4d8deca6cc2b502
7e11b98acfac67bd1f012c83d1dd704657e466bea8c703b5c088dedec4c9e79b
Analyzer Verdict Alert openphish First Citizens Bank
GET /content/dam/firstcitizens/images/promo/associate/tamika-signature@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:27:53 GMT
ETag: "305c-5edb7f7ac3401"
Accept-Ranges: bytes
Content-Length: 12380
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
firstcitizncb.com/content/dam/firstcitizens/images/icons/social-media-facebook.svg
162.210.101.174200 OK 646 B URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/icons/social-media-facebook.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5d8591432afcc7d29fd54e757df4aaf4
09855e0433b962c1ffda6f80a16a934fc8097792
512f6f9a1d8ffee576eac71f692d17bb65db8674d8e252fa920cfbe44e27defd
GET /content/dam/firstcitizens/images/icons/social-media-facebook.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:20:31 GMT
ETag: "286-5edb7dd571e2e"
Accept-Ranges: bytes
Content-Length: 646
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
firstcitizncb.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-alerts@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
162.210.101.174200 OK 59 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-alerts@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
IP 162.210.101.174:0
File type PNG image data, 387 x 595, 8-bit/color RGBA, non-interlaced\012- data
Hash db4626c0c408d6c42ff5cdcefc5257f6
2c01ce8d519417186dcffa418be667e70cd45d2e
3cfe5b84709091e3f61cd770abe298c9c59cb09e706032c9cfa8d1f525f4f487
Analyzer Verdict Alert openphish First Citizens Bank
GET /content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-alerts@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:25:59 GMT
ETag: "e585-5edb7f0e5db93"
Accept-Ranges: bytes
Content-Length: 58757
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
firstcitizncb.com/content/dam/firstcitizens/images/icons/social-media-twitter.svg
162.210.101.174200 OK 925 B URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/icons/social-media-twitter.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a1dac8c46d62d6d67fd188ecd6fbd1bc
23789f20baccc858e33a021d578d8e27a63f0829
c7e8d012b8af2930a9b2075f6f1b242f44021eb8a90cea16a06ca8c22b4396f4
GET /content/dam/firstcitizens/images/icons/social-media-twitter.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:20:32 GMT
ETag: "39d-5edb7dd67a97f"
Accept-Ranges: bytes
Content-Length: 925
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
firstcitizncb.com/content/dam/firstcitizens/images/promo/associate/tamika@2x.jpg.transform/image-scaled-2x-to-1x/image.20200806.jpg
162.210.101.174200 OK 60 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/promo/associate/tamika@2x.jpg.transform/image-scaled-2x-to-1x/image.20200806.jpg
IP 162.210.101.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1408x722, components 3\012- data
Hash 3e7a7c01e321a0323ee942e6ee0bd1c4
e8dd85c44c544f2b2e8c0b3e56962c79bf4b1412
73c264e193af51839f29834b7137bd888a0aa4c3983439b220db8ef72bcdaae4
Analyzer Verdict Alert openphish First Citizens Bank
GET /content/dam/firstcitizens/images/promo/associate/tamika@2x.jpg.transform/image-scaled-2x-to-1x/image.20200806.jpg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:27:53 GMT
ETag: "e893-5edb7f7b206b7"
Accept-Ranges: bytes
Content-Length: 59539
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
firstcitizncb.com/content/dam/firstcitizens/images/feature-highlight/feature-highlight-background--home@2x.jpg.transform/image-scaled-2x-to-1x/image.20200806.jpg
162.210.101.174200 OK 52 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/feature-highlight/feature-highlight-background--home@2x.jpg.transform/image-scaled-2x-to-1x/image.20200806.jpg
IP 162.210.101.174:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1408x764, components 3\012- data
Hash 46d42eb13dc6e0a9786bc1f8134a28ff
328d3448edf654b6886c573f01bbb9d467a5eb28
ec63eb90ab8df068057937fef6f8d00756faf6f74e121764a7d84572134601ae
Analyzer Verdict Alert openphish First Citizens Bank
GET /content/dam/firstcitizens/images/feature-highlight/feature-highlight-background--home@2x.jpg.transform/image-scaled-2x-to-1x/image.20200806.jpg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:20:44 GMT
ETag: "cc55-5edb7de1b57c4"
Accept-Ranges: bytes
Content-Length: 52309
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff2
162.210.101.174200 OK 21 kB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff2
IP 162.210.101.174:0
File type Web Open Font Format (Version 2), TrueType, length 21204, version 1.0\012- data
Hash b10e6397bcf7b8771f617007ed35fc4f
dc34be3c00afbca2caa4f4604aa2a6f47cd29b71
ae8b169a3a00e5da3b452394b70fbe8601e45df0951661c56070636f1840b7ad
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff2 HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.f7746f1db70cfc88fbc41f7647e7ad2e.css
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:36:00 GMT
ETag: "52d4-5edb814aa8754"
Accept-Ranges: bytes
Content-Length: 21204
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff2
162.210.101.174200 OK 21 kB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff2
IP 162.210.101.174:0
File type Web Open Font Format (Version 2), TrueType, length 21200, version 1.0\012- data
Hash 493e35e070ed4b0a61aebf1e3dd0f793
032fef70333d2d7cf93a61138a7ec5dbaada433f
56880c220888346c1dd6b286563a827de59a358ad28362889593113779d6d22b
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff2 HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.f7746f1db70cfc88fbc41f7647e7ad2e.css
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:36:05 GMT
ETag: "52d0-5edb814f9fb72"
Accept-Ranges: bytes
Content-Length: 21200
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/wave-pattern-blue.svg
162.210.101.174200 OK 138 kB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/wave-pattern-blue.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 138 kB (137958 bytes)
Hash b7e30d1271a54c8249add9fe608d3a6e
9de618667f76f5522c8f65239fdb97cf9355f5f2
112646b6a3606cf96c0fd6e9247351325cb07fdb8801ec5069c9e6213d44945c
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/wave-pattern-blue.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.f7746f1db70cfc88fbc41f7647e7ad2e.css
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:35:45 GMT
ETag: "21ae6-5edb813cddd62"
Accept-Ranges: bytes
Content-Length: 137958
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff2
162.210.101.174200 OK 20 kB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff2
IP 162.210.101.174:0
File type Web Open Font Format (Version 2), TrueType, length 19780, version 1.0\012- data
Hash 1ffdfdd6da766adeb56a6aa0fcc3db30
0c73a5d890358e6580853ae650dce42ffae18934
3966f3091c7e9c586b259d00f5f9be81420299206ce4e503d7730436809cd200
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff2 HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.f7746f1db70cfc88fbc41f7647e7ad2e.css
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:36:03 GMT
ETag: "4d44-5edb814e0632c"
Accept-Ranges: bytes
Content-Length: 19780
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
firstcitizncb.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-spending@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
162.210.101.174200 OK 66 kB URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-spending@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
IP 162.210.101.174:0
File type PNG image data, 387 x 595, 8-bit/color RGBA, non-interlaced\012- data
Hash 4daf02592a9eea136d61e8d47fecd152
aa19b2060f19071eb1d90087eaae84d30a48ccf0
b871681d1e25b54790b3f594a5ea599388158812429ecd99a39ac9ec5b924fb4
Analyzer Verdict Alert openphish First Citizens Bank
GET /content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-spending@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:26:05 GMT
ETag: "1024b-5edb7f13bf165"
Accept-Ranges: bytes
Content-Length: 66123
Vary: User-Agent
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/wave-pattern-green.svg
162.210.101.174200 OK 138 kB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/wave-pattern-green.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 138 kB (137958 bytes)
Hash 0e307e277c1d3ee783f90ff2cb48f34e
0f76c80c1151f8ff1d0913f9b51cb112f2703a6d
033cce384207ee8edc8fbdb8805032c9c646af75159925eb7b3a6cacb9e19810
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/wave-pattern-green.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.f7746f1db70cfc88fbc41f7647e7ad2e.css
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:35:46 GMT
ETag: "21ae6-5edb813dcef07"
Accept-Ranges: bytes
Content-Length: 137958
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32768)
Hash e616df092766c7ab7904619f971a35cc
a960429c42802a43e3ce728fc4d1e8bdab10e606
082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12163
expires: Sun, 20 Nov 2022 04:44:50 GMT
date: Sun, 20 Nov 2022 03:44:50 GMT
cache-control: no-cache
access-control-allow-origin: http://firstcitizncb.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3155)
Hash e672de61b277fc72de4299829bfbb31c
157a7409922d58a02dad3ba879d04eb2a3ef8f3d
e1a1c2a6f2ed4ffb63ebfda157eaf12c6ee3973be4da649eb63e0402c0d29215
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1597
expires: Sun, 20 Nov 2022 04:44:50 GMT
date: Sun, 20 Nov 2022 03:44:50 GMT
cache-control: no-cache
access-control-allow-origin: http://firstcitizncb.com
timing-allow-origin: *
X-Firefox-Spdy: h2
firstcitizncb.com/content/dam/firstcitizens/images/home-hero/retail-11-2021@2x.jpg.transform/image-scaled-2x-to-1x/image.20211105.jpg
162.210.101.174200 OK 471 B URL HTTP/1.1 firstcitizncb.com/content/dam/firstcitizens/images/home-hero/retail-11-2021@2x.jpg.transform/image-scaled-2x-to-1x/image.20211105.jpg
IP 162.210.101.174:0
Hash b45c840e89e6d53e733bddc0ced9f941
66dfcfe702bcdc7d9db5a138d8e5ddc7b09799b2
074ca6b901a00c885e0f076776eff6aca6eba590be6df196f46f6da687f1d81b
Analyzer Verdict Alert openphish First Citizens Bank
GET /content/dam/firstcitizens/images/home-hero/retail-11-2021@2x.jpg.transform/image-scaled-2x-to-1x/image.20211105.jpg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:20:50 GMT
ETag: "4cad0-5edb7de761a59"
Accept-Ranges: bytes
Content-Length: 314064
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
firstcitizncb.com/personal/_jcr_content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/resources.default.json?cp=/
162.210.101.174404 Not Found 1.1 kB URL HTTP/1.1 firstcitizncb.com/personal/_jcr_content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/resources.default.json?cp=/
IP 162.210.101.174:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 0f47753dca5f126b49e4f0527ecfe6e5
10b74d2526e0d9ddf393565cbbe583dcd17df2d1
7ed2004e27a36f0b399be880478001e9d6d8487cf9f0bf62d2a3637569dad2f6
GET /personal/_jcr_content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/resources.default.json?cp=/ HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://firstcitizncb.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sun, 20 Nov 2022 03:44:50 GMT
Server: Apache
Vary: accept-language,accept-charset,User-Agent
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&d_nsid=0&ts=1668915890055
3.248.130.194200 OK 313 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&d_nsid=0&ts=1668915890055
IP 3.248.130.194:0
File type JSON data\012- , ASCII text, with very long lines (372), with no line terminators
Hash cf15227571d90579164ffeabb5e3503a
d92bbb1d8781be3f64d3b208361676d0918035f4
b0eb2cf5bc47c6ef3a17bb5d8ce8e6c150a2cc69c3b97af52b27e3e4739ffc5a
GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&d_nsid=0&ts=1668915890055 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://firstcitizncb.com
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://firstcitizncb.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=57209513118496361260596026728132197918; Max-Age=15552000; Expires=Fri, 19 May 2023 03:44:50 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: htJeq7FkT/k=
Content-Length: 313
Connection: keep-alive
www.sc.pages08.net/lp/static/js/iMAWebCookie.js?48c1ca3e-1591e998ba5-7aa5e78e9cd75263db77227069854da8&h=www.pages08.net
3.96.5.142200 OK 5.1 kB URL HTTP/1.1 www.sc.pages08.net/lp/static/js/iMAWebCookie.js?48c1ca3e-1591e998ba5-7aa5e78e9cd75263db77227069854da8&h=www.pages08.net
IP 3.96.5.142:0
File type ASCII text, with very long lines (533)
Hash d67c446c2cab982c70305d63c3ff9015
08741352ebaae78ddabfbac3ba30888b13ea14ff
b4842a6a73b1be94b6a5205776640c7af585e90daffa09db234c3bf553fa5e7d
GET /lp/static/js/iMAWebCookie.js?48c1ca3e-1591e998ba5-7aa5e78e9cd75263db77227069854da8&h=www.pages08.net HTTP/1.1
Host: www.sc.pages08.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:50 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 04:59:54 GMT
ETag: "3772-5ed8f57efce28-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5138
Connection: close
Content-Type: application/javascript
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/icons.svg
162.210.101.174200 OK 1.1 MB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/icons.svg
IP 162.210.101.174:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text
Size 1.1 MB (1075340 bytes)
Hash ca4fad4bf866a3c3d68652e15cfba963
1294a2fd90274f9d3ba5841942edcb4038d52139
10078f6f9f0c199a299e17362a2db7cb61d0da35a3b0292e11e72abff5c146ba
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/icons.svg HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:49 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:35:44 GMT
ETag: "10688c-5edb813bad320"
Accept-Ranges: bytes
Content-Length: 1075340
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=37318
date: Sun, 20 Nov 2022 03:44:50 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1763bb9f6433bdb95b7de8ec3118bb1c
dcf4842d857e90546495e90a2ed83bfaa322954a
2b278d901b21cd2aa2e9563a40813721f4c31cf94710665928add580f834ace9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5222
Cache-Control: max-age=114880
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:50 GMT
Etag: "6378ac0c-1d7"
Expires: Mon, 21 Nov 2022 11:39:30 GMT
Last-Modified: Sat, 19 Nov 2022 10:12:28 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RCd335e6a1b215414989162ab49f04027d-source.min.js
23.38.200.237200 OK 359 B URL HTTP/2 assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RCd335e6a1b215414989162ab49f04027d-source.min.js
IP 23.38.200.237:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (448)
Hash e7ab5d27ee10613a9a60497f23e7e993
b343b033877dd25cc10d3929afca3599f9454efd
3f9df512d94d8c1578f830826991f997532f5d9d19a61f7b2cb8b236023b4440
GET /60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RCd335e6a1b215414989162ab49f04027d-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "19353410795b768a74b3aa44c4d8aa83:1668106195.291692"
last-modified: Thu, 10 Nov 2022 18:49:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sun, 20 Nov 2022 04:44:50 GMT
date: Sun, 20 Nov 2022 03:44:50 GMT
content-length: 359
access-control-allow-origin: http://firstcitizncb.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RC64dc28dd025f4d519dca9ae15a9b513a-source.min.js
23.38.200.237200 OK 218 B URL HTTP/2 assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RC64dc28dd025f4d519dca9ae15a9b513a-source.min.js
IP 23.38.200.237:0
Hash 84d35a669c2d89c2a7e89e93b18ce1e7
5391187af69cafabd08bbeb84815ea04cb109b77
aec4673c8443c33458c1de1dd5bd107b495bce6b617d9db85c5113aceb06f7d9
GET /60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RC64dc28dd025f4d519dca9ae15a9b513a-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "19353410795b768a74b3aa44c4d8aa83:1668106195.291692"
last-modified: Thu, 10 Nov 2022 18:49:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sun, 20 Nov 2022 04:44:50 GMT
date: Sun, 20 Nov 2022 03:44:50 GMT
content-length: 218
access-control-allow-origin: http://firstcitizncb.com
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/2970716/domain/firstcitizncb.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/2970716/domain/firstcitizncb.com/token
IP 54.230.111.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/2970716/domain/firstcitizncb.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://firstcitizncb.com/
Origin: http://firstcitizncb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sat, 19 Nov 2022 13:37:24 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G752T5c_jf7x5XY17iTfvnWjdPYJx7cDND33B-JzbTAdAoT29ZPo_Q==
age: 50846
X-Firefox-Spdy: h2
t.contentsquare.net/uxa/bd0e417d0d38a.js
143.204.55.90200 OK 86 kB URL HTTP/1.1 t.contentsquare.net/uxa/bd0e417d0d38a.js
IP 143.204.55.90:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 3c510f7e5880885c9a319ac01f2ea4b5
801e48e313af0c402fe87fbd5e8cea39b3a2f236
6194b7a13c8ae364c31e08b07685d44ecf8112e375e3954df1aab118ed1feba3
GET /uxa/bd0e417d0d38a.js HTTP/1.1
Host: t.contentsquare.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
Content-Length: 85876
Connection: keep-alive
Date: Fri, 18 Nov 2022 15:29:29 GMT
Last-Modified: Fri, 18 Nov 2022 15:28:52 GMT
ETag: "3c510f7e5880885c9a319ac01f2ea4b5"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=900
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: 6JmG7QXZ6JFVJQAo--jdNaRoS5SmLnJXhk7pBNax97DhoI44ZIeicA==
Age: 0
Timing-Allow-Origin: *
Vary: Origin
firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon.ico
162.210.101.174200 OK 4.3 kB URL HTTP/1.1 firstcitizncb.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon.ico
IP 162.210.101.174:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash fd1d27f423fbc3eb4405fb3c9b48bf9f
6ab3d0557f529c287a6bd5429978e4047c06b354
fbee6d88708a48fa23e90c886e63bd7e0efd667d65081764b1aa6b6337734294
Analyzer Verdict Alert openphish First Citizens Bank
GET /etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon.ico HTTP/1.1
Host: firstcitizncb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
Cookie: AMCV_E6D235355CF7C1DE0A495EEC%40AdobeOrg=1176715910%7CMCIDTS%7C19317%7CvVersion%7C5.4.0
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:44:50 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 05:35:39 GMT
ETag: "10be-5edb81373c207"
Accept-Ranges: bytes
Content-Length: 4286
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/x-icon
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4979
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 03:44:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4979
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 03:44:50 GMT
Connection: keep-alive
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: MCjgbJNZ9VYYbOruaiGJsF/eFCSXQvRdC/F1TUpnyAkL5DhdvoyInQg7yz21lct5W0lRUYHQkRxx180/6amvIQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Sun, 20 Nov 2022 03:44:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4979
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 03:44:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4979
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 03:44:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ec00dd4-9302-4378-82e1-eb2f8686bdc7.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ec00dd4-9302-4378-82e1-eb2f8686bdc7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6653147acce57a88af20de89d4f40239
d097755b7cafd14d6dcf18fe09d0a3237a1057dd
5d0166eacfa748026865e4461b1a1c0fb7373e0fb7de16b266f3eee6b816f5f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ec00dd4-9302-4378-82e1-eb2f8686bdc7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13671
x-amzn-requestid: 26e11776-b559-4325-9082-df4b9366715e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jWaFEZoAMFb3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c28-0117d3a633ab918d6179fa87;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q120_eM0o2PJMeCTmOBb-NpGFdTXdljRcLfytw7e9jv9CrwAqDKkzQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:08:06 GMT
age: 20204
etag: "d097755b7cafd14d6dcf18fe09d0a3237a1057dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8f1dddf91a53f8f28d70565d1a3458b
9d026c2c53629648cfda4a324eadae6e33de0d55
c352216d126382d7b588ff6e5a3ed6ab12d92dc5e58216cc5883c27bf612a7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7968
x-amzn-requestid: 0dc9cfbf-7e72-45a7-9496-49a5cf1a4465
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEwboAMF1tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-1f40770e29ad853b31a3aa23;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UM4MVSwb8F1uv2jbbdeh8bhV3KJNhqiN9wJj1Yua8h4x762uD8UKyQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
age: 21786
etag: "9d026c2c53629648cfda4a324eadae6e33de0d55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4454f87c40e9b7c5de9853c1ec6f0671
119aac07a88e7c358bf353335f3a81039ca9943b
e909f823611609282c643c58ccc7b267dcfc09970e58b66742dc8baf7cda5bf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5699
x-amzn-requestid: ea538aed-2b5a-4940-b49f-b4703a556956
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i6KHnQoAMFu3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b74-2f756f9a27ddc4b001cdaff2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:36 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w4JqPNmzHlUl4EMM2osU4Z5dtroFWOB0DL5ylePs6XBbIdxpsPItnQ==
via: 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
etag: "119aac07a88e7c358bf353335f3a81039ca9943b"
content-type: image/jpeg
age: 21786
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iGM_HV13dzz5eOswbOJfjj14jlFW4jy2YsW7eJumS_TM5TxxG8VMwQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 03:36:47 GMT
age: 483
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a41f9693b9247dcce6c2340bb5c02828
e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e
aa23cead1d44bf9db22654eb14113ef356d4ac972d301969c02803964418d556
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9798
x-amzn-requestid: abab4eb2-0a35-4113-8a52-e07c08f069cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkiY2HXCoAMFVrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b105-1cb176423ca3231a093cc4c7;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:07:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sCEwyGN6h_P0abZJGEY8PJNE7j1Nmz62-wvzWWO5gbFwA1auACXtJw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 17:23:16 GMT
age: 37294
etag: "e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5447e0a57fbd65d5f719786842dfb40
68dbd2b4ecedb47d3f47bc3690336fe0f3fd3fe6
b6f69c679ecb9978c12f9fc5e03531250e1e13327ac0337532317b91d2ede502
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10330
x-amzn-requestid: c6df2fa3-53ad-4f43-ab26-8754ce25c421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jdVGY0oAMF_2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c55-0dd776a50b4a8fbb5b29ccae;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sKTa_b92EIi4H8YgHoEJCm8rVgdfCFJ91I1UNkGLzsPQVOI10I9d7w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:17:10 GMT
age: 19660
etag: "68dbd2b4ecedb47d3f47bc3690336fe0f3fd3fe6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1763bb9f6433bdb95b7de8ec3118bb1c
dcf4842d857e90546495e90a2ed83bfaa322954a
2b278d901b21cd2aa2e9563a40813721f4c31cf94710665928add580f834ace9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5222
Cache-Control: max-age=114880
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:50 GMT
Etag: "6378ac0c-1d7"
Expires: Mon, 21 Nov 2022 11:39:30 GMT
Last-Modified: Sat, 19 Nov 2022 10:12:28 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-2437458-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-2437458-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 5cd202e1a8cb4e800cb1dd273466151f
4fd51e898547ddd0ded4a18d4681d8295fac4907
669f416c76a181aaa20d7c4eaff01a576bba595f8d8454031cddd7fa0391286b
GET /gtag/js?id=UA-2437458-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Nov 2022 03:44:50 GMT
expires: Sun, 20 Nov 2022 03:44:50 GMT
cache-control: private, max-age=900
last-modified: Sun, 20 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 20 Nov 2022 02:41:09 GMT
expires: Sun, 20 Nov 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 3821
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1668915890461&url=http%3A%2F%2Ffirstcitizncb.com%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1668915890461&url=http%3A%2F%2Ffirstcitizncb.com%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2970716&time=1668915890461&url=http%3A%2F%2Ffirstcitizncb.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2970716%26time%3D1668915890461%26url%3Dhttp%253A%252F%252Ffirstcitizncb.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLWpD5CVvifVAAAAYSTI4oW-VBiIBflJkk7yNjlvqgGHESwfQlc7H_hpii2qtDysRZk1m-01G4KyQ; Max-Age=2592000; Expires=Tue, 20 Dec 2022 03:44:50 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJb3ZAINpBfQgAAAYSTI4oWh9M190Iz4dcQj8qQqmOlQA5q8iBCX4pZmYBn3PvZTg9elh2xV83BW8kq_7HGxA; Max-Age=2592000; Expires=Tue, 20 Dec 2022 03:44:50 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&422db6bf-0dbc-4f92-8692-f50de6c24005"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 20-Nov-2023 03:44:50 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2419:u=1:x=1:i=1668915890:t=1669002290:v=2:sig=AQGYEdxuiLBQBo5AXFbYFvQmEANWekdw"; Expires=Mon, 21 Nov 2022 03:44:50 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXt3sLTTDFl2d0+dey65g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 245F7D46909149EA9898F1DE94BFCE62 Ref B: OSL30EDGE0312 Ref C: 2022-11-20T03:44:50Z
date: Sun, 20 Nov 2022 03:44:50 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=270894894628321&ev=PageView&dl=http%3A%2F%2Ffirstcitizncb.com%2F&rl=&if=false&ts=1668915890891&sw=1280&sh=1024&v=2.9.89&r=stable&a=adobe_launch&ec=0&o=30&fbp=fb.1.1668915890890.695014772&it=1668915890605&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=270894894628321&ev=PageView&dl=http%3A%2F%2Ffirstcitizncb.com%2F&rl=&if=false&ts=1668915890891&sw=1280&sh=1024&v=2.9.89&r=stable&a=adobe_launch&ec=0&o=30&fbp=fb.1.1668915890890.695014772&it=1668915890605&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=270894894628321&ev=PageView&dl=http%3A%2F%2Ffirstcitizncb.com%2F&rl=&if=false&ts=1668915890891&sw=1280&sh=1024&v=2.9.89&r=stable&a=adobe_launch&ec=0&o=30&fbp=fb.1.1668915890890.695014772&it=1668915890605&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 20 Nov 2022 03:44:50 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2970716%26time%3D1668915890461%26url%3Dhttp%253A%252F%252Ffirstcitizncb.com%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2970716%26time%3D1668915890461%26url%3Dhttp%253A%252F%252Ffirstcitizncb.com%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2970716%26time%3D1668915890461%26url%3Dhttp%253A%252F%252Ffirstcitizncb.com%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://firstcitizncb.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1668915890461&url=http%3A%2F%2Ffirstcitizncb.com%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&e9aaa0a7-a173-41c5-83c7-661f71d22d1f"; Domain=.linkedin.com; Expires=Mon, 20-Nov-2023 03:44:50 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202211200344507454fd75-6bb4-4b79-8902-8c2149e8cad1AQHN5YeeraWC-fg7vcFN0c4aqUHCR30N"; Domain=.www.linkedin.com; Expires=Mon, 20-Nov-2023 03:44:50 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njg5MTU4OTA7MjswMjESDvTH74Ghm0ahUixb+asK6XgvF6DGKSCq4JkJCHiqPg==; Domain=.linkedin.com; Expires=Fri, 19 May 2023 03:44:50 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2419:u=1:x=1:i=1668915890:t=1669002290:v=2:sig=AQGYEdxuiLBQBo5AXFbYFvQmEANWekdw"; Expires=Mon, 21 Nov 2022 03:44:50 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXt3sLV6OVCk/FrCnUi0w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5BD3EB417AAC439D8E71CF214CC36EA3 Ref B: OSL30EDGE0312 Ref C: 2022-11-20T03:44:50Z
date: Sun, 20 Nov 2022 03:44:50 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1668915890461&url=http%3A%2F%2Ffirstcitizncb.com%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2970716&time=1668915890461&url=http%3A%2F%2Ffirstcitizncb.com%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2970716&time=1668915890461&url=http%3A%2F%2Ffirstcitizncb.com%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://firstcitizncb.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&1a0dada9-130d-418e-8f07-c2577a6d8948"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 20-Nov-2023 03:44:51 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2435:u=1:x=1:i=1668915891:t=1669002291:v=2:sig=AQHI4cxndYyv1n_7c8_bYSSsPA8mHyh1"; Expires=Mon, 21 Nov 2022 03:44:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXt3sLYWMe7uWRAb93BVg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6E39904BCC0D45C0AFD7A7DE492F992D Ref B: OSL30EDGE0312 Ref C: 2022-11-20T03:44:50Z
date: Sun, 20 Nov 2022 03:44:51 GMT
content-length: 0
X-Firefox-Spdy: h2
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RC3f46c62a70f045be8e7254bf90a2eaac-source.min.js
23.38.200.237200 OK 502 B URL HTTP/2 assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RC3f46c62a70f045be8e7254bf90a2eaac-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (841)
Hash b01257a9c74fe400f06650ca3e945dcd
5a5fc50663d8fcd2a1adde974a936d3d8c786701
15fed595782efd8f8ea903489f2c226215c2a52b75a7fe22c5d7b68a47222fd8
GET /60e0841c6ded/d5a97f0ea4af/71fd961ef47a/RC3f46c62a70f045be8e7254bf90a2eaac-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "19353410795b768a74b3aa44c4d8aa83:1668106195.291692"
last-modified: Thu, 10 Nov 2022 18:49:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sun, 20 Nov 2022 04:44:51 GMT
date: Sun, 20 Nov 2022 03:44:51 GMT
content-length: 502
access-control-allow-origin: http://firstcitizncb.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a94cc58dee15cd460af4a3da65270057
36a85913bd5e1d95e7a5c3d17e88328df186152e
8b11af2e25eec00b2ae439db4ef36d594f5f5d7a1c48c4e6a17ec9b3af57ace5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3080
Cache-Control: max-age=117463
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:51 GMT
Etag: "6378be82-1d7"
Expires: Mon, 21 Nov 2022 12:22:34 GMT
Last-Modified: Sat, 19 Nov 2022 11:31:14 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&gjid=231039981&_gid=2115899455.1668915891&_u=YEBAAUAAAAAAACAAI~&z=1915230525
142.250.150.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&gjid=231039981&_gid=2115899455.1668915891&_u=YEBAAUAAAAAAACAAI~&z=1915230525
IP 142.250.150.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&gjid=231039981&_gid=2115899455.1668915891&_u=YEBAAUAAAAAAACAAI~&z=1915230525 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://firstcitizncb.com
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://firstcitizncb.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 20 Nov 2022 03:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d5ccc6ed714b650846fefb0a8e24ca22
30521fa613dcb97b95ad3baab58c4446482d5061
ef46e9367b670662ae596685c5f27da1bf065e714ef2e86c65d5267a188d08d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firstcitizens.demdex.net/dest5.html?d_nsid=0
34.248.30.105200 OK 2.8 kB URL HTTP/1.1 firstcitizens.demdex.net/dest5.html?d_nsid=0
IP 34.248.30.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: firstcitizens.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 20 Nov 2022 03:44:51 GMT
DCS: dcs-prod-irl1-1-v045-0780584f2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: FtE2gXH9Spk=
transfer-encoding: chunked
Connection: keep-alive
munchkin.marketo.net/munchkin.js
23.53.51.106200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 23.53.51.106:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 20 Nov 2022 03:44:51 GMT
Content-Length: 728
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3b1d0042dde3a7cc0f3c9a298949354
5643577b85e8c0d80cf8a5c94262727138b8d001
3efe18400af9e79682d4505e35b7b2debe378453facc569dbb575b6ba849d874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firstcitizens.sc.omtrdc.net/b/ss/fcb-production/1/JS-2.22.4-LCXS/s95408610220225?AQB=1&ndh=1&pf=1&t=20%2F10%2F2022%203%3A44%3A51%200%200&mid=51879970970672839060062507311680944834&aamlh=6&ce=UTF-8&g=http%3A%2F%2Ffirstcitizncb.com%2F&c.&getPreviousValue=3.0.1&.c&cc=USD&server=production&events=event122&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c3=production&c4=redesign%202020&v5=http%3A%2F%2Ffirstcitizncb.com%2F&v24=the%20card%20that%20makes%20travel%20even%20more%20rewarding&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&AQE=1
15.188.95.229200 OK 43 B URL HTTP/1.1 firstcitizens.sc.omtrdc.net/b/ss/fcb-production/1/JS-2.22.4-LCXS/s95408610220225?AQB=1&ndh=1&pf=1&t=20%2F10%2F2022%203%3A44%3A51%200%200&mid=51879970970672839060062507311680944834&aamlh=6&ce=UTF-8&g=http%3A%2F%2Ffirstcitizncb.com%2F&c.&getPreviousValue=3.0.1&.c&cc=USD&server=production&events=event122&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c3=production&c4=redesign%202020&v5=http%3A%2F%2Ffirstcitizncb.com%2F&v24=the%20card%20that%20makes%20travel%20even%20more%20rewarding&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/fcb-production/1/JS-2.22.4-LCXS/s95408610220225?AQB=1&ndh=1&pf=1&t=20%2F10%2F2022%203%3A44%3A51%200%200&mid=51879970970672839060062507311680944834&aamlh=6&ce=UTF-8&g=http%3A%2F%2Ffirstcitizncb.com%2F&c.&getPreviousValue=3.0.1&.c&cc=USD&server=production&events=event122&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c3=production&c4=redesign%202020&v5=http%3A%2F%2Ffirstcitizncb.com%2F&v24=the%20card%20that%20makes%20travel%20even%20more%20rewarding&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&AQE=1 HTTP/1.1
Host: firstcitizens.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Sun, 20 Nov 2022 03:44:51 GMT
expires: Sat, 19 Nov 2022 03:44:51 GMT
last-modified: Mon, 21 Nov 2022 03:44:51 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3583969587872727040-4619609063604759424
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&_u=YEBAAUAAAAAAACAAI~&z=1812775632
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&_u=YEBAAUAAAAAAACAAI~&z=1812775632
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&_u=YEBAAUAAAAAAACAAI~&z=1812775632 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 03:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&_u=YEBAAUAAAAAAACAAI~&z=1812775632
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&_u=YEBAAUAAAAAAACAAI~&z=1812775632
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2437458-1&cid=1410321319.1668915891&jid=414144244&_u=YEBAAUAAAAAAACAAI~&z=1812775632 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 03:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
munchkin.marketo.net/162/munchkin.js
23.53.51.106200 OK 4.7 kB URL HTTP/1.1 munchkin.marketo.net/162/munchkin.js
IP 23.53.51.106:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (606)
Hash 3e9baed982956735f6e0a0e756d97ed9
9223be6a494a10959101a7942419df7b05b84d73
930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
GET /162/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Tue, 28 Feb 2023 03:44:51 GMT
Date: Sun, 20 Nov 2022 03:44:51 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
firstcitizens.sc.omtrdc.net/b/ss/fcb-production/1/JS-2.22.4-LCXS/s91468553936388?AQB=1&ndh=1&pf=1&t=20%2F10%2F2022%203%3A44%3A51%200%200&mid=51879970970672839060062507311680944834&aamlh=6&ce=UTF-8&pageName=%2F&g=http%3A%2F%2Ffirstcitizncb.com%2F&c.&getPreviousValue=3.0.1&.c&cc=USD&server=production&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=%2F&v1=%2F&c2=http%3A%2F%2Ffirstcitizncb.com%2F&v2=http%3A%2F%2Ffirstcitizncb.com%2F&c3=production&v3=51879970970672839060062507311680944834&c4=redesign%202020&v5=http%3A%2F%2Ffirstcitizncb.com%2F&v10=personal%20banking&v12=fcb%20online&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&AQE=1
15.188.95.229200 OK 43 B URL HTTP/1.1 firstcitizens.sc.omtrdc.net/b/ss/fcb-production/1/JS-2.22.4-LCXS/s91468553936388?AQB=1&ndh=1&pf=1&t=20%2F10%2F2022%203%3A44%3A51%200%200&mid=51879970970672839060062507311680944834&aamlh=6&ce=UTF-8&pageName=%2F&g=http%3A%2F%2Ffirstcitizncb.com%2F&c.&getPreviousValue=3.0.1&.c&cc=USD&server=production&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=%2F&v1=%2F&c2=http%3A%2F%2Ffirstcitizncb.com%2F&v2=http%3A%2F%2Ffirstcitizncb.com%2F&c3=production&v3=51879970970672839060062507311680944834&c4=redesign%202020&v5=http%3A%2F%2Ffirstcitizncb.com%2F&v10=personal%20banking&v12=fcb%20online&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/fcb-production/1/JS-2.22.4-LCXS/s91468553936388?AQB=1&ndh=1&pf=1&t=20%2F10%2F2022%203%3A44%3A51%200%200&mid=51879970970672839060062507311680944834&aamlh=6&ce=UTF-8&pageName=%2F&g=http%3A%2F%2Ffirstcitizncb.com%2F&c.&getPreviousValue=3.0.1&.c&cc=USD&server=production&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=%2F&v1=%2F&c2=http%3A%2F%2Ffirstcitizncb.com%2F&v2=http%3A%2F%2Ffirstcitizncb.com%2F&c3=production&v3=51879970970672839060062507311680944834&c4=redesign%202020&v5=http%3A%2F%2Ffirstcitizncb.com%2F&v10=personal%20banking&v12=fcb%20online&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&AQE=1 HTTP/1.1
Host: firstcitizens.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firstcitizncb.com/
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Sun, 20 Nov 2022 03:44:51 GMT
expires: Sat, 19 Nov 2022 03:44:51 GMT
last-modified: Mon, 21 Nov 2022 03:44:51 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3583969586440437760-4619701534251009995
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a00fff9dd1711061b285e2136c973d13
66548ac11fc58024c6994539ab81804add41d2f2
4b87c5468c15817686a8497324c2a06d18fd5574141aa0476bf98aa3b8395a8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3b1d0042dde3a7cc0f3c9a298949354
5643577b85e8c0d80cf8a5c94262727138b8d001
3efe18400af9e79682d4505e35b7b2debe378453facc569dbb575b6ba849d874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash d1265fe070ae4eaace15514276bf383d
eadaf789dcef58d75dee70944086a14dd3e5ac68
e9ab9fb2d15334f2cad0c0b9a2fcbbe8eef6a84331bdd087aafa15fc1a9f4996
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 20 Nov 2022 03:44:51 GMT
Last-Modified: Sun, 20 Nov 2022 02:28:57 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gL7JcubsawXvCjcKw3L-e-FV1yjl7WgaCk33-ag6xFvsSzpGqKiV2Q==
Age: 4554
cm.everesttech.net/cm/dd?d_uuid=57209513118496361260596026728132197918
54.77.60.152302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=57209513118496361260596026728132197918
IP 54.77.60.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=57209513118496361260596026728132197918 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 20 Nov 2022 03:44:51 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y3miswAAAKCQ7wOJ; Domain=.everesttech.net; Expires=Mon, 20-Nov-2023 03:44:51 GMT; Path=/
everest_session_v2=Y3miswAAAKCQ8AOJ; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3miswAAAKCQ7wOJ
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y3miswAAAKCQ7wOJ
3.248.130.194302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y3miswAAAKCQ7wOJ
IP 3.248.130.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y3miswAAAKCQ7wOJ HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://firstcitizncb.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-05c906a58.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3miswAAAKCQ7wOJ
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=73298109990308583454050967041616893484; Max-Age=15552000; Expires=Fri, 19 May 2023 03:44:51 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zDj1270WRr4=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3miswAAAKCQ7wOJ
3.248.130.194200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3miswAAAKCQ7wOJ
IP 3.248.130.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3miswAAAKCQ7wOJ HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://firstcitizncb.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-00b096905.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: GnFBtoX6QSo=
Content-Length: 59
Connection: keep-alive
296-cpx-295.mktoresp.com/webevents/visitWebPage?_mchNc=1668915891513&_mchCn=&_mchId=296-CPX-295&_mchTk=_mch-firstcitizncb.com-1668915891512-16856&_mchHo=firstcitizncb.com&_mchPo=&_mchRu=%2F&_mchPc=http%3A&_mchVr=162&_mchEcid=E6D235355CF7C1DE0A495EEC%40AdobeOrg%3A6%3A51879970970672839060062507311680944834&_mchHa=&_mchRe=&_mchQp=
192.28.144.124200 OK 28 B URL HTTP/1.1 296-cpx-295.mktoresp.com/webevents/visitWebPage?_mchNc=1668915891513&_mchCn=&_mchId=296-CPX-295&_mchTk=_mch-firstcitizncb.com-1668915891512-16856&_mchHo=firstcitizncb.com&_mchPo=&_mchRu=%2F&_mchPc=http%3A&_mchVr=162&_mchEcid=E6D235355CF7C1DE0A495EEC%40AdobeOrg%3A6%3A51879970970672839060062507311680944834&_mchHa=&_mchRe=&_mchQp=
IP 192.28.144.124:0
File type ASCII text, with no line terminators
Hash 9dafc521bd59955b4986f0fc3777f77a
5a572b4730d4a2bce2fa35597a0993c649f26c74
e4e90a7b8bacdfe395361149a9fd42f9192b68bdf1497e4454d0ab4c4917f746
POST /webevents/visitWebPage?_mchNc=1668915891513&_mchCn=&_mchId=296-CPX-295&_mchTk=_mch-firstcitizncb.com-1668915891512-16856&_mchHo=firstcitizncb.com&_mchPo=&_mchRu=%2F&_mchPc=http%3A&_mchVr=162&_mchEcid=E6D235355CF7C1DE0A495EEC%40AdobeOrg%3A6%3A51879970970672839060062507311680944834&_mchHa=&_mchRe=&_mchQp= HTTP/1.1
Host: 296-cpx-295.mktoresp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://firstcitizncb.com
Connection: keep-alive
Referer: http://firstcitizncb.com/
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 20 Nov 2022 03:44:51 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: b038e618-acde-45ff-8d27-38e308be6a04
Content-Encoding: gzip
Access-Control-Allow-Origin: *
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25aa851caa96376b563f0322e8621292
71a917b184ec9ad1bb370724f4e4c707468e865e
7ffbeca58e1a4cc8f26f1a832376ae97d17c973efef9a1f4bebb44536da5ae1c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4292
x-amzn-requestid: 5b50eebe-81f9-43fa-b259-eb9be43ff3be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i0SH1uoAMFdUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b4e-7322c4461f94c93c29542312;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:58 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pcLZxnbI_hWCZstg2gZwNR3-v6d4Y1szI-Kg_RMXsgneiIRXBZHWkA==
via: 1.1 3c22982dfb94f708939a6ef528c5e55c.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:19:52 GMT
etag: "71a917b184ec9ad1bb370724f4e4c707468e865e"
content-type: image/jpeg
age: 19505
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dhWK2NLgcbvdeL3&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dhWK2NLgcbvdeL3&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch
IP 104.17.209.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_dhWK2NLgcbvdeL3&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 78
Origin: http://firstcitizncb.com
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 03:44:51 GMT
content-type: application/json
cf-ray: 76ce30820fff0b59-OSL
access-control-allow-origin: http://firstcitizncb.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: bba8a42a056e6530
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
assets.sitescdn.net/answers/v0.13.1/answers.min.js
104.18.114.52200 OK 0 B URL HTTP/2 assets.sitescdn.net/answers/v0.13.1/answers.min.js
IP 104.18.114.52:0
GET /answers/v0.13.1/answers.min.js HTTP/1.1
Host: assets.sitescdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 03:44:48 GMT
content-type: application/javascript
x-amz-id-2: pnQfGZWIM6n4VpVytjifilMNOTvfCrKGf8SkHU5DlmNC1dEJaeFA95LgGTNJMnmagc43UofWs3c=
x-amz-request-id: 7P6C4BP49Z9V1BKD
cache-control: max-age=31536000
last-modified: Fri, 03 Apr 2020 16:08:44 GMT
x-amz-version-id: null
etag: W/"125adc663cd8df095f39b2d92196ee48"
cf-cache-status: HIT
age: 14334180
set-cookie: __cf_bm=S.ynmYtv83Xi7P7RDBHR7ZbDnow6luoaRXJposA.LJo-1668915888-0-AS1caRTFCLVimUe/SnR2wPSKmuvHNTxYpf35W177hUF31DSCGsL4a+VAlNdWKGy/ADlb496Sl3dDTzf7iKiuHQY=; path=/; expires=Sun, 20-Nov-22 04:14:48 GMT; domain=.sitescdn.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ce307019d0b4f3-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cds-sdkcfg.onlineaccess1.com/common.js
192.0.54.4200 OK 0 B URL HTTP/2 cds-sdkcfg.onlineaccess1.com/common.js
IP 192.0.54.4:0
GET /common.js HTTP/1.1
Host: cds-sdkcfg.onlineaccess1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 03:44:48 GMT
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
set-cookie: JsbWL0j2=A8yCI5OEAQAAkatcNEn3kcAF6EmfvlKVXXVlTM26pZG0ldRvlxH_xN_MrmdcAVtaKpqcuDv8wH8AAEB3AAAAAA|1|0|5f754596dfcbf273fe3154b870143f844c2a7c79; Path=/; Max-Age=31556952; Domain=onlineaccess1.com
__cf_bm=UH7gGTDtUbt11oiNG_ZRaz3BLoio8R8dRelmo0_jlsU-1668915888-0-AdwstRorEl9u5RiuWCYkoPfXwFPx0/zqS5woZPA9AMRv6qpIhOyOw55FB1oprd55039P2QG7wGfSVI30h05ZfbY=; path=/; expires=Sun, 20-Nov-22 04:14:48 GMT; domain=.cds-sdkcfg.onlineaccess1.com; HttpOnly; Secure; SameSite=None
__cfruid=f10ce7828138eb23ac544a6187b5f198cacee5cb-1668915888; path=/; domain=.cds-sdkcfg.onlineaccess1.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76ce3070af32b527-OSL
X-Firefox-Spdy: h2
zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_dhWK2NLgcbvdeL3
104.17.209.240200 OK 0 B URL HTTP/2 zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_dhWK2NLgcbvdeL3
IP 104.17.209.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_dhWK2NLgcbvdeL3 HTTP/1.1
Host: zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 03:44:51 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 76ce30805f890b59-OSL
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-wtn2fHByiZRDgw09Nkm5DW1AhBI"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/2970716/domain/firstcitizncb.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/2970716/domain/firstcitizncb.com/token
IP 54.230.111.42:0
GET /partner/2970716/domain/firstcitizncb.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://firstcitizncb.com
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 20 Nov 2022 00:07:56 GMT
cache-control: public, max-age=17060
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r557xQtaIDqX-vcWhSF8u3uJaBj4jMvlL9My4IqChtrvYEqXLvFxeQ==
age: 13014
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=firstcitizncb.com
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=firstcitizncb.com
IP 104.17.209.240:0
GET /dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=firstcitizncb.com HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://firstcitizncb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 03:44:51 GMT
content-type: application/javascript
cf-ray: 76ce3081bff00b59-OSL
access-control-allow-origin: *
age: 439144
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"f871-1845383cf10"
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=63601
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2