Report - citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=

Report Overview

Submitted URL
citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
IP
23.254.132.83
ASN
#54290 HOSTWINDS
Submitted
2022-10-22 15:55:06
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
citizens-online-support.com	unknown	2022-10-21T11:17:31Z	2022-11-23T01:19:38Z	7.2 kB	30 kB	23.254.132.83
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	987 B	2.4 kB	93.184.220.29
lptag.liveperson.net	3393	2012-08-02T18:15:51Z	2023-03-09T05:15:12Z	831 B	9.9 kB	178.249.101.23
va.v.liveperson.net	3906	2017-01-30T06:15:13Z	2023-03-09T09:30:37Z	910 B	1.0 kB	208.89.12.87
lpcdn.lpsnmedia.net	3501	2014-04-27T12:17:58Z	2023-03-09T08:07:42Z	2.8 kB	75 kB	178.249.97.98
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	18.244.155.70
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.6 kB	4.4 kB	23.36.77.32
www3.citizensbankonline.com	125923	2012-07-05T15:46:01Z	2023-03-07T08:48:57Z	11 kB	276 kB	104.110.3.220
www4.citizensbankonline.com	159092	2015-07-16T17:40:11Z	2023-03-08T19:39:13Z	770 B	1.8 kB	104.110.3.220
cdn.appdynamics.com	3266	2017-01-26T21:49:30Z	2023-03-08T12:42:49Z	613 B	62 kB	18.165.201.17
nebula-cdn.kampyle.com	3739	2015-09-21T18:24:38Z	2023-03-09T11:23:01Z	796 B	116 kB	151.101.85.175
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-09T05:14:52Z	664 B	2.1 kB	52.31.4.32
udc-neb.kampyle.com	3039	2015-12-24T10:52:27Z	2023-03-09T10:59:45Z	2.1 kB	518 B	35.241.45.82
nexus.ensighten.com	2786	2012-05-23T20:34:00Z	2023-03-09T05:51:16Z	1.6 kB	71 kB	13.224.245.32
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	2.3 kB	6.7 kB	104.18.32.68
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	44.228.207.167
cdn.glassboxcdn.com	11045	2017-08-10T20:05:54Z	2023-03-09T09:31:51Z	695 B	1.4 kB	104.18.15.22
ocsps.ssl.com	14517	2018-11-21T11:22:19Z	2023-03-09T14:05:25Z	325 B	2.2 kB	52.6.97.148
ocsp.entrust.net	1208	2014-01-10T03:18:45Z	2023-03-09T05:17:25Z	1.6 kB	9.8 kB	104.110.10.32
accdn.lpsnmedia.net	3410	2014-02-08T00:25:14Z	2023-03-09T05:15:13Z	889 B	311 kB	178.249.101.99
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	52 kB	34.120.237.76
report.citizen.glassboxdigital.io	69073	2020-07-14T15:57:28Z	2023-03-09T15:01:48Z	3.9 kB	3.6 kB	54.235.78.87
pdx-col.eum-appdynamics.com	4816	2018-10-26T09:20:40Z	2023-03-09T10:31:39Z	504 B	937 B	35.166.110.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-22	medium	citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js	Phishing
2022-10-22	medium	citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js	Phishing
2022-10-22	medium	citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js	Phishing
2022-10-22	medium	citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d	Phishing
2022-10-22	medium	citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js	Phishing
2022-10-22	medium	citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d	Phishing
2022-10-22	medium	citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-04-25
Pretty URL www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js IP 104.110.3.220 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:42 Last Seen2024-04-25 05:26:23 Times Seen447 Hash 663628f795cb62444143fde1ebdf2b5b 1ec97b491c8a1c72055bd635f0c8dd843cae43d6 aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548	40 kB	2023-03-08	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:32:35 Last Seen2024-04-24 07:45:12 Times Seen485 Hash 0dfc7fa7d2051d776d5937b7a3a7c4dd e0548931c28581b7f1975bf8c2d8b03b94591b87 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983 Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true	39 kB	2023-03-07	2024-03-12
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-03-12 06:48:19 Times Seen234 Hash a3a38a5d6888ddc1831a811e9d428c77 2ca5b076aea8b4c6ff7ad1873de4ade91d66511f d4676cbbadec76c9f89f5b771a7f4927d544b4d76801e40e9957493e038e0db4 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548	606 kB	2023-03-08	2023-03-12
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:21:07 Last Seen2023-03-12 18:21:59 Times Seen1 Hash 7258eae7df7f283ab43602df9614f103 af97f7cff1e72751a29674eb8624e0ed69127f58 07c9f195b802b98c0a702dd5f26467c81db912f5b272a407f7c4dea462ad4637 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548	90 kB	2023-03-07	2023-03-17
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-03-17 12:47:48 Times Seen1 Hash 6ca5a9414661b75fc2ed717f14ce892c b6867a2f9e19b20634bfc45c7ed52fda6e3dcff9 99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386 Loading...

	lptag.liveperson.net/tag/tag.js?site=89632304	22 kB	2023-03-07	2024-04-12
Pretty URL lptag.liveperson.net/tag/tag.js?site=89632304 IP 178.249.101.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-12 19:27:20 Times Seen539 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3	284 kB	2023-03-10	2023-03-10
Pretty URL lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 IP 178.249.101.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:14:41 Last Seen2023-03-10 13:15:00 Times Seen1 Hash 9b1be4b59463b39af1ccd56b85bcb4a3 2f14a682df1f2a7cbcd2991fee71ca991d358b82 aacd4a313512ada959f81096f0609a6c3e66472446a0833826b558516e2561fc Loading...

	accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB	6.9 kB	2023-03-07	2023-03-17
Pretty URL accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2023-03-17 12:37:45 Times Seen1 Hash 0dc35ab59200eba2ac8dbe479dde0851 17a02389e4efc492f44443d33c7a04041177a82e 909957127d7134ea1ed1c005a622d937aa8aadff84d0b0a3b0e4ed8fcdec186e Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=	2.5 kB	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen50 Hash f922a60f645c94205e1f6e9d5e2cdccb 2e93f37ce5a8eb54dd6e4ad278c81bb26dc7a2a2 cfa7d7b285a70329eebf9b81537fa0baf56fe330fdcca07676e56cdba803ff30 Loading...

	nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D	397 B	2023-03-10	2023-03-10
Pretty URL nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D IP 13.224.245.32 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:15:00 Last Seen2023-03-10 13:15:00 Times Seen1 Hash 219445f97271fae59d8de146886b5eb6 f8bfbd83d1242123feb4ed0a4dff01b304c672e4 cbf8fa4907e237559aeffc256d8eddc73ebcabbfd9fd17d99e4437e530c18cec Loading...

	nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117	90 kB	2023-03-08	2023-04-02
Pretty URL nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117 IP 13.224.245.32 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2023-04-02 21:34:08 Times Seen14 Hash 7f943d1386ac8d666a04c5f7c1aca6a2 e734405ada56e5593d28b1c99c5944241ae4ec28 3b531a8826aeb7dd365eb418b6aee5b8204f5e38c311f588ad75bbe7de570b16 Loading...

	cdn.appdynamics.com/adrum/adrum-latest.js?	111 kB	2023-03-07	2024-02-27
Pretty URL cdn.appdynamics.com/adrum/adrum-latest.js? IP 18.165.201.17 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:55:15 Last Seen2024-02-27 00:41:08 Times Seen22 Hash deff3987ae725d726c0db6711bd5736f 0501d79c468f185c63590ac3c1a4918db7804d10 a4ea3de02f4ec1874478b152a09b89aecc2fc4f63ae2a4208ee8fb6585cebb11 Loading...

	accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB	4.8 kB	2023-03-08	2023-03-17
Pretty URL accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:35:26 Last Seen2023-03-17 12:37:45 Times Seen1 Hash cca28a24104b73db41d003d1ec91d3a9 d4a4eb10858f21a2d4c34e7089ef3e5069ce9203 741b848e9b93a18a254e2cce5268f2004b55f156e88c45229027b3ac26b9c681 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=	138 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen49 Hash e2d3b0bd12282cea9200f36be44b4f14 bf32cee71e578707194ab684a887709881585ccc 411d2d562326e1db3612706ee2907e6271e1443784ada6c347402120d3558d78 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=	3.9 kB	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen49 Hash 148c64d137f73878ebf0e770a496ec61 9c11df9ed3ecd282193a1571a7701b83f1cea663 de729accb6b0199ce0eccc94b41eace66d70c535c35a096f586f0db848108865 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548	94 kB	2023-03-07	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen448 Hash d32e789b3183ed4536dc36e4cabf74ec 6b90b3e6dc44c30dcfa273e7c48d31ec00aac82b 5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02 Loading...

	accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb25140x16789	682 B	2023-03-10	2023-03-10
Pretty URL accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb25140x16789 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:15:00 Last Seen2023-03-10 13:15:00 Times Seen1 Hash 5fac7ff2f32bc7059b80927cddafccdd bbc0142e400a85acd859bdbf527e3df184c82f7d 44571fa8d8db51dfed18c6cabdeef5f7759c0610c6d1a0a122e9bbd89a4301f7 Loading...

	va.v.liveperson.net/api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb75080x33623&t=pl&ts=1666454111933&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh	111 B	2023-03-10	2023-03-10
Pretty URL va.v.liveperson.net/api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb75080x33623&t=pl&ts=1666454111933&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:15:00 Last Seen2023-03-10 13:15:00 Times Seen1 Hash cc86028a8dffb5a2a73b8a9e3477c62c 40cab8b961f43aea209e014c6987dcc1f64932dc ad613c63b43001d98ec7c117c2977f276fe25243d43b5abc9ea6fbab93582b91 Loading...

	nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js	105 kB	2023-03-10	2023-03-10
Pretty URL nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js IP 13.224.245.32 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:53:53 Last Seen2023-03-10 14:55:53 Times Seen1 Hash e28169ebc267a281e5ca0d996e98214e 90297de8738f1fcd4d61e4bff0ce59d143978c2d 5adb5d548656117fa0e82394f44d4e2669d40ffbc850ad928e03dd774c8b4938 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=	158 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:00:58 Last Seen2024-02-14 12:12:56 Times Seen75 Hash d063dd0adcd30d7f7ad112d0da02babe 7ff2e92c27808292fc2d6a58632baa4d0a92ca9a b45d35ed1d2f794538ea853ff3d60ec817168ef505ad5462afe8a9236ecf539b Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true	38 kB	2023-03-07	2023-03-17
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:25 Last Seen2023-03-17 12:47:48 Times Seen1 Hash 61148ce23c4cd6811279ba8f2f7fe051 cae94d41e6060c6dfad074287d8cf310a4ab3ae6 a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8 Loading...

	cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js	54 kB	2023-03-07	2024-02-27
Pretty URL cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js IP 18.165.201.17 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:55:15 Last Seen2024-02-27 00:41:08 Times Seen30 Hash 2f00c36a98a61ed5bacde3c5ad0a3efe b6fcd72181d79a4225bb7cd4288260fa9aa44624 9b0f859e5508780a810e47e772554395a5d2ae5e679c338df1b6cd600d69dad2 Loading...

	va.v.liveperson.net/api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb74722x92601&t=sp&ts=1666454111907&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh&rvt=1666454072360&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226af62bef-1e94-4376-b62b-ef1e94037673%22%2C%22account%22%3A%2289632304%22%7D%5D	254 B	2023-03-10	2023-03-10
Pretty URL va.v.liveperson.net/api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb74722x92601&t=sp&ts=1666454111907&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh&rvt=1666454072360&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226af62bef-1e94-4376-b62b-ef1e94037673%22%2C%22account%22%3A%2289632304%22%7D%5D IP 208.89.12.87 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:15:00 Last Seen2023-03-10 13:15:00 Times Seen1 Hash 51631322686e34ff4c39f7055515522c 7728f897dc19752fe08337bfcb9a6795aa170a19 066278f045816e8e4ad942affea4b8b92e9b4a621efbb08bec32630133cf3d1f Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=	958 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen50 Hash af8a93628974f148067d327996088187 e716dcf0ef564b89f66a8732d10f826e3d11385f f43724e4ca408137c9b50930a5416481dde13a65dfbce942a85d27f09c660ba2 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 05:10:27 Times Seen37111472 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js	15 kB	2023-03-07	2024-04-26
Pretty URL www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js IP 104.110.3.220 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:49 Last Seen2024-04-26 01:15:02 Times Seen2868 Hash 42306a279a9e831515347ae319181cd1 d069641242e4fe1beb6de8f53a77dd964c98bce0 cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=	606 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen49 Hash dd23a19bc0a3ee76846efae627d939c1 6e62c6ee934439860343c8ce77e52bb4bea94b23 8f79346ad4fce32e9971e590ec9c76d8979f72971051fb4ff37a1e6b6acb56f4 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=	147 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen49 Hash 4455727e85ed6be9deb3422e34ea2129 30f51ab43939efd904518cf3e0bcbd961245fc4d bbb46962b6f3dc24db2df9f8747abee8bed42adea34cb385ff012131b81c7ff5 Loading...

	nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js	810 kB	2023-03-08	2023-03-10
Pretty URL nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js IP 151.101.85.175 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:26:32 Last Seen2023-03-10 19:42:54 Times Seen1 Hash ba78af14d365f8ccbd56a01ca6bf1c05 a9f3b025250ebcfbc5fd2540f12d8c53981a035e 7737fc059e071e961c41bac0799ba7bf8bc5545841a101b9d0f16fb197f4de82 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548	7.9 kB	2023-03-07	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen365 Hash d53092c1d6e0a7a3d1bb802c67a6e1e9 2556ea4f15518fa36d0b92666e22ce28edec6745 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438 Loading...

	citizensbank.demdex.net/dest5.html?d_nsid=0#http%3A%2F%2Fcitizens-online-support.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL citizensbank.demdex.net/dest5.html?d_nsid=0#http%3A%2F%2Fcitizens-online-support.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js	20 kB	2023-03-07	2024-02-14
Pretty URL www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js IP 104.110.3.220 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen91 Hash e3b11713a1b616fcac5f6c3b4b0b9e1b 82a8fc6f051d8b526d167ae7862efd2a2dab95e2 57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441 Loading...

	www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js	4.3 kB	2023-03-07	2024-04-09
Pretty URL www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js IP 104.110.3.220 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:12 Last Seen2024-04-09 04:55:43 Times Seen640 Hash b8a2edb156c147c3164f7faf6efc9f44 0b23deffad7cac9066bc216213b666ccbcb13279 babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=	33 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen52 Hash 6abbcd946457998168ba6d439131e235 1d17c8ddac7abb2e14207b93cc3a8944044a3fa3 3d8de306ff5e9f5db214def3fb090fc9a8a37efc4117276a58b5ccd4eeb46017 Loading...

	nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909	27 kB	2023-03-08	2023-03-10
Pretty URL nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909 IP 13.224.245.32 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:26:32 Last Seen2023-03-10 14:55:53 Times Seen1 Hash 42ede44761b41779f967c114c118aa3e f6b75094ac77732fee021294d9b3afa3df2df2d8 ad7f8c7c3c420d4836dafb15b1d5d1be4d29ffabe1d768888e4b01babcfdac49 Loading...

	nebula-cdn.kampyle.com/wu/356861/onsite/embed.js	1.1 kB	2023-03-08	2023-03-10
Pretty URL nebula-cdn.kampyle.com/wu/356861/onsite/embed.js IP 151.101.85.175 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:06:42 Last Seen2023-03-10 19:42:54 Times Seen1 Hash 8b72f36bbd0721428f49dda9c3bd04ac 3c787b89625f9fbff760c3be03b154aef6af8a36 4ba8fc34aa3793516de38635653f6a69d9ff1e9f14880f6b6df52d00bcfdad4c Loading...

		Size	First Seen	Last Seen
	#1 Eval - fa28bae7148454e1f6d8052e5c403243	84 kB	2023-03-07	2023-04-18
Pretty Observations First Seen2023-03-07 17:55:22 Last Seen2023-04-18 20:43:16 Times Seen32 Hash fa28bae7148454e1f6d8052e5c403243 a168b44f58bbf9c1ae68e5415d55749e810a9e02 594eaf3a5ff472b716d25d866978e1b336decf1d6efe6923a65b4627fa8e2d6b Loading...

		Size	First Seen	Last Seen
	#1 Write - 7a09c7092e8f36a0dc39b789b49dcf62	102 B	2023-03-07	2024-02-14
Pretty Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen52 Hash 7a09c7092e8f36a0dc39b789b49dcf62 97a3667b625bf026f5f16bc2fa33affaefd47a5b 8703c94f4b4a9f3c9274d316563d3edaf890f903523a5ccc7fab8488d6684d79 Loading...

HTTP Transactions (94)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

18.244.155.70

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.244.155.70:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 15:26:20 GMT
Expires: Sat, 22 Oct 2022 15:26:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dd1211d51ecc66d1523e03934a660f3a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: PXiEZgqFm6K_RnBnKMj1aMfQSy_af1H7ErwrxL0SE8AVM7_HgObqmQ==
Age: 1714

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17275
Expires: Sat, 22 Oct 2022 20:42:49 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17292
Expires: Sat, 22 Oct 2022 20:43:06 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: G3Xb659mKIX7Hyk6T20rr9lV75umHI+WaLD6UKG0kAvJYkPRMDus4vYCMxhuaCUfR7gwvZhZXBU=
x-amz-request-id: ASXDJFT4QR0Z6YM5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 15:37:37 GMT
age: 1037
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=

23.254.132.83

200 OK

26 kB

URL HTTP/1.1
citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (672), with CRLF line terminators
Size
26 kB (26142 bytes)
Hash
b27bd01402693bedb7107dec85a3f2df
0129e5275b6bbdd6355d291eaebc22e6da532c41
bacfd23af9c90b604030b1fde7b8b7ca90f47c6902724d666a99e02ea36d682c

HTTP Headers

GET /citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=10000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 15:54:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js

13.224.245.32

200 OK

32 kB

URL HTTP/1.1
nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
IP
13.224.245.32:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (594)
Size
32 kB (32241 bytes)
Hash
3e3e57d74e385af3525e39e1a6b268da
8c0bd74879a5678ad73d6313ec8bc6c6ed339079
fbdeaa04631ff4616c28d150742e68b3197d7541c3742a7082ca1473de886311

HTTP Headers

GET /citizensbank/olbprod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:32 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 04:24:01 GMT
ETag: W/"e28169ebc267a281e5ca0d996e98214e"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=300
x-amz-version-id: 6VlOzl96zfTglXsm.ylgZ_Vxg_x9B5Dp
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f2f35cfbe251bd412f460c97cca8770c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: SsV9V-u9aT9i3DDVCs_WM9Qt6ePfve_0bru7jeH-cqd2Yn6a_GGlAw==
Age: 902603

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Sat, 22 Oct 2022 16:53:59 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Sat, 22 Oct 2022 16:53:59 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Sat, 22 Oct 2022 16:53:59 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Sat, 22 Oct 2022 16:53:59 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

104.110.3.220

200 OK

10 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
10 kB (10382 bytes)
Hash
e8a5a242bcaea8c7314ccbb04612d922
101e2286a81e108dd00c618032d793b2dc5366b3
8e2a305132b87d2a48461f8e3d820dbf640d66d530ab007632c5c5d79ce8cdc7

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/main.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "f405-5e885b034f92d"
last-modified: Sun, 16 Oct 2022 06:47:26 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=2162
x-olb-req-received: t=1665902334267901
content-length: 10382
cache-control: max-age=85888
expires: Sun, 23 Oct 2022 15:46:22 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js

104.110.3.220

200 OK

39 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
39 kB (38875 bytes)
Hash
2940c843ff15ab8e9f02511625f33e57
98ccd0fb1d60770a1aadf90d41daa49cab543cb3
4aed3165815cc1806999483e40a47863accf1cead25769de0162921f2f590298

HTTP Headers

GET /efs/efs/jsp-ns/scripts/plugins.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "31d24-5e885b0350b17"
last-modified: Sun, 16 Oct 2022 06:41:17 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=8368
x-olb-req-received: t=1665902334392040
content-length: 38875
cache-control: max-age=86003
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js

104.110.3.220

200 OK

4.0 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
4.0 kB (3967 bytes)
Hash
cc2102df58511c9a2653b1dff48ca8d7
64790e6adff6768178ab7d0ad9a4fbc2849b81f2
b9abbff7d9e75763790fd3b291f21525fe85583b397fe5f4b260bc99ff48aab7

HTTP Headers

GET /efs/efs/jsp-ns/scripts/main.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "4c03-5e885b03504e5"
last-modified: Thu, 20 Oct 2022 04:19:24 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=779
x-olb-req-received: t=1665902332994710
content-length: 3967
cache-control: max-age=32023
expires: Sun, 23 Oct 2022 00:48:37 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/efs/jsp-ns/pm_fp.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js

104.110.3.220

200 OK

1.4 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (4237)
Size
1.4 kB (1394 bytes)
Hash
f42064b9d324029ba5cb5afccc50b641
3993f47a728f00ee410a143361ab33b0339455f7
b02a1a4d60ab1f5c740784e9a27a7f0a85178466573fb29fb0bd7afdccf7b5f0

HTTP Headers

GET /efs/efs/jsp-ns/scripts/placeholders.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "10aa-5e885b034ca52"
last-modified: Wed, 19 Oct 2022 18:44:25 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=350
x-olb-req-received: t=1665902333087295
content-length: 1394
cache-control: max-age=43095
expires: Sun, 23 Oct 2022 03:53:09 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png

104.110.3.220

200 OK

5.3 kB

URL HTTP/2
www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 406 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5277 bytes)
Hash
beb4d1c9f430bb08a4ed54df069e8f0c
39950ddd690d1cbe2d08610da5c11c854450523f
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b

HTTP Headers

GET /efs/hhf/img/CTZ_Green-01.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 10 Sep 2022 01:58:56 GMT
etag: "149d-5e849015deb49"
accept-ranges: bytes
content-length: 5277
x-olb-req-received: t=1665902353036164
x-olb-req-duration: D=187
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597430
expires: Sat, 29 Oct 2022 13:52:04 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js

104.110.3.220

200 OK

5.5 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
HTML document, ASCII text, with very long lines (14756)
Size
5.5 kB (5535 bytes)
Hash
088d590db53a3ede82a998537283c75d
87ed57fd5e2a623f35f80a3684c2de916ce4e2f8
d45c62a7108121887dc8866d445dde985d96b82143b3da2c9068e32caf316db4

HTTP Headers

GET /efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "3c36-5e885b034ca52"
last-modified: Sat, 22 Oct 2022 11:30:08 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=833
x-olb-req-received: t=1665902334348159
content-length: 5535
cache-control: max-age=74395
expires: Sun, 23 Oct 2022 12:34:49 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3506
Expires: Sat, 22 Oct 2022 16:53:20 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

104.110.3.220

200 OK

2.0 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text
Size
2.0 kB (1975 bytes)
Hash
07507f946ee4b2b9d4affc283b431119
00218cebeb305b00ae4ef74e4a67957d3c43e6f2
44fb4d44ce9291066e686a9861b8b31f021c816fa60e97c613bf5aadcc8e2830

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/flows.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "21ce-5e885b034aefa"
last-modified: Mon, 17 Oct 2022 14:29:06 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=535
x-olb-req-received: t=1665902336855011
content-length: 1975
cache-control: max-age=58208
expires: Sun, 23 Oct 2022 08:05:02 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css

104.110.3.220

200 OK

1.2 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
1.2 kB (1227 bytes)
Hash
e9404d7ddc1ef0b93851879620bfea8a
69575dd0119d3439f3d7ba4b45d12a3c0e47a39e
f5be5cfcdb9f541d6e355cd15b78204e715c979bb90a7dbae94d18c9bdad8772

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/ad-containers.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "1dd4-5e885b034ed75"
last-modified: Sun, 16 Oct 2022 06:48:49 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=523
x-olb-req-received: t=1665902334308988
content-length: 1227
cache-control: max-age=85866
expires: Sun, 23 Oct 2022 15:46:00 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css

104.110.3.220

200 OK

2.3 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
2.3 kB (2300 bytes)
Hash
0a445a15e0f09a7738952731fdf3fe9d
3d4cef20189303cc4f24c27da1b8d2043e700cea
173f4f410b46ca6211eee490747009c597b7d7c475bcac07df88a18521bbef54

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/normalize.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "26c2-5e885b034f92d"
last-modified: Mon, 17 Oct 2022 05:48:09 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=562
x-olb-req-received: t=1665902334194308
content-length: 2300
cache-control: max-age=3125
expires: Sat, 22 Oct 2022 16:46:59 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www4.citizensbankonline.com/akam/11/7c3ed55c

104.110.3.220

404 Not Found

9 B

URL HTTP/2
www4.citizensbankonline.com/akam/11/7c3ed55c
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

GET /akam/11/7c3ed55c HTTP/1.1
Host: www4.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html
content-length: 9
cache-control: max-age=0
expires: Sat, 22 Oct 2022 15:54:54 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
set-cookie: ak_bmsc=AA6BACD9E6C2228D64B657F1F6680DE7~000000000000000000000000000000~YAAQnE8kF24I9uaDAQAAUoNnABGZtvfEV8Bc1pWsocsdrPh8w/50F/EGaE5iFLtg7oUDbIl3k4AlwbAP9jKSiDyde9YW86UXvGl9HQHN8it0TEdbpd5OocPXFTkHDmcc2pr9P2xz/FdH89VGEsCZd9huKrS0PUEoMZf9Rpgr68WzZ/WUv2462N00nmzDl12UhIvTbccMfR5w51oohzRVr8qW38FT0X0jxX10wsJFhspg2/GZOWoxiyD+e9oQd9FNZEy1KyU+4cBVIQ9TN96nDh9OY1+cYxBnl1dMF9wlUShisPsCVeoP0PEmSquvdrSRD01SRixwwsB4DHmLRvT2Z4rjHjcFdICeT1F5q/RzYO3YxP2N/hM0JoR4RkR8N4UUMeH33f6NpWD2/y2MLRdNTq+miKFU; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 17:54:54 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css

104.110.3.220

200 OK

3.1 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (17412)
Size
3.1 kB (3118 bytes)
Hash
ac9a70a6f100c02749dfadb709b6eadf
69906e55ace36c217a52d428029a3c71dc16a7e4
466e6cf44306264c98e5642f77be87292e03e578ce78b17c0b39521460b1d37a

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "4a56-5e885b034bab2"
last-modified: Sun, 16 Oct 2022 06:48:15 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=723
x-olb-req-received: t=1665902337198216
content-length: 3118
cache-control: max-age=85860
expires: Sun, 23 Oct 2022 15:45:54 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/hhf/js/citizensHeaderFooter-citizensns42588.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/efs/jsp-ns/scripts/common.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff

104.110.3.220

200 OK

32 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 31968, version 1.0\012- data
Size
32 kB (31968 bytes)
Hash
d496c6122c776cae7c2a783bfcd7a3a1
fbdbec90d23bd77f471be50a3c6711e535ac72bc
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/font/citizen_roman.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "7ce0-5e885b034bab2"
accept-ranges: bytes
content-length: 31968
x-olb-req-received: t=1665902333663068
x-olb-req-duration: D=206
access-control-allow-origin: *
cache-control: max-age=597450
expires: Sat, 29 Oct 2022 13:52:24 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js

104.110.3.220

200 OK

29 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32089)
Size
29 kB (29409 bytes)
Hash
82481a92ac472d179954d66e38f72d07
ea65071dbc1ab11ed29e76bdd30eabbe6cdbc3ec
c8e2e6f9e0e01dcfec7f2633efdd7f8f9d78ba3920e86a0d1231f487928b5fe4

HTTP Headers

GET /efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "169d6-5e885b034fd15"
last-modified: Sun, 16 Oct 2022 06:41:15 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=4665
x-olb-req-received: t=1665902417810620
content-length: 29409
cache-control: max-age=86004
expires: Sun, 23 Oct 2022 15:48:18 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /content/930e113327rn2365aa3b7b98b0447e8d HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www3.citizensbankonline.com/efs/efs/js/tealeaf.js

104.110.3.220

404 Not Found

9.9 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/js/tealeaf.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
9.9 kB (9934 bytes)
Hash
7a50763a326038e01ff7f9624d28066c
cae9d82811966f159a734f9402ace74eb01f17f8
c6cc63926f47095f4caf94ad78258d77933e3adcc1ce7781bd7cb2a97d596411

HTTP Headers

GET /efs/efs/js/tealeaf.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
x-frame-options: SAMEORIGIN
last-modified: Tue, 20 Apr 2021 15:35:21 GMT
etag: "26ce-5c06931abe040"
accept-ranges: bytes
content-length: 9934
x-olb-req-received: t=1666454094737970
x-olb-req-duration: D=243
access-control-allow-origin: *
content-type: text/html
cache-control: max-age=869
expires: Sat, 22 Oct 2022 16:09:23 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=156, origin; dur=59
strict-transport-security: max-age=15768000
lb-action: None, None
set-cookie: ak_bmsc=CFFF7EA84B5181182C8F68247041DCAF~000000000000000000000000000000~YAAQnE8kF3QI9uaDAQAA8INnABFek712BXfrr6PPDomQ1DLk+T0/mXPyohAmri3egB8QKloJze3MMhGlPXRy+67WGgFOMpyHW35sQXpf5HHhWlUw/aZMk/npKb3FKBjepQIZ1WojWnQ3z6HLfPATVe2MOU+M0VMNeoTbf5PuvxKYL2+n7hvmRquNsVfxSCTTaRKcIdY7dZJIDp61s+oBTM/MOC1G83sry1AhHFmoiTsqZIFCaPuVvUavIksLZCtVpfv6KR2F7fRts++hU3TLEOmZp5uTBeg2SqdOSEDhUa9AFubMlahFn0KX6AZVZE46UG2ry/znU9HZru9CGV8jf8dBxWMLajdVKBSAKgzxnbA4JCR0c0xYKtzutX4cSLcazMALJnpwjjCoJo78jTH149yQyAOx; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 17:54:54 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

www4.citizensbankonline.com/akam/11/7c3ed55c

104.110.3.220

404 Not Found

9 B

URL HTTP/2
www4.citizensbankonline.com/akam/11/7c3ed55c
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

GET /akam/11/7c3ed55c HTTP/1.1
Host: www4.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 9
cache-control: max-age=0
expires: Sat, 22 Oct 2022 15:54:54 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
set-cookie: ak_bmsc=7BF780C4D621E1882BA7EFA1D98885E8~000000000000000000000000000000~YAAQnE8kF3kI9uaDAQAANIRnABHTmG8Km5TEPBYYalq5AxzS3DO9E8XJUuBuAcP2TcPx6QdEtrE/+CnLuIVXXzQgevg65yd3ullgUrHbaA7EQcYU2C6OCbABlIO5q/PPbnTsrg0xMKofCMfUFDTcxqCHA+sjrOlRa8QDJPGxi4f70mZ5Zm7QuvUtgo3uylOPjTACPi1TCZi5QAT+Y6W6/Eqj1IP31vZGSKGpjALQxuQednkt2a8Fn1CtkkvYOCCD4bJA3vmYxpTpJp9fat+xaLKdum3WH7iuSXQXn3B0dsKObgZ0Oqm3QAHkocXglucst92IMmbDC5QYG4gU/KET/97K2axPiButSs+T8ZZjEuyKMwHUakpJ98V8ZaCF4Conh/n55csNVxW3D6i2y0dhbekMFiqt; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 17:54:54 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/js/tealeaf.js

104.110.3.220

404 Not Found

9.9 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/js/tealeaf.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
9.9 kB (9934 bytes)
Hash
7a50763a326038e01ff7f9624d28066c
cae9d82811966f159a734f9402ace74eb01f17f8
c6cc63926f47095f4caf94ad78258d77933e3adcc1ce7781bd7cb2a97d596411

HTTP Headers

GET /efs/efs/js/tealeaf.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
x-frame-options: SAMEORIGIN
last-modified: Tue, 20 Apr 2021 15:35:21 GMT
etag: "26ce-5c06931abe040"
accept-ranges: bytes
content-length: 9934
x-olb-req-received: t=1666454094737970
x-olb-req-duration: D=243
access-control-allow-origin: *
content-type: text/html
cache-control: max-age=852
expires: Sat, 22 Oct 2022 16:09:06 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=59
strict-transport-security: max-age=15768000
lb-action: None, None
set-cookie: ak_bmsc=10FC5E6C8EB517DD98C79853D31D1AFA~000000000000000000000000000000~YAAQnE8kF3oI9uaDAQAAU4RnABFblwPZKmXERJc82BOv7nGdSJ0hnJ5FxeIHXanppHUeb9PlNdxPm69gjoPNndIaD8WYP4LvQudXoKDdKItmFTLKuMbwjJiVkhpwGC3Qdt4/7RuH6LYVcDQvXEabpJh/zAYS6KSFGXPAI+fRs0N+5WHAqiZFjs1fNYb3Ejfps9V9MGNhM7clN+ZFKPrny17//lcKuL/itI3v3KesmbCjMoNoKcTiolJbvhywfHPwIIEgXdajGxXKpuZOQpWirD4moGI3TcdDybxtjW2iA+oz+fsdlzvWnwDYkea9IwjPsX7pPQ+grl/FtGE3xVasNsB3gxeCkIZxX0bc/aJt/wBBhb4yc3br2v1x9d1e37Q22tvy3KqAqBpABMeXgOcrG6UlQCYg; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 17:54:54 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png

104.110.3.220

200 OK

292 B

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 16 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
292 B (292 bytes)
Hash
18ffa7c3d8f40b5da7df780d91930e20
524ca8ffaadbd033fd0504fe580d47315690afa1
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46

HTTP Headers

GET /efs/efs/grafx/icon-secure.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "124-5e6a235cbd9f7"
accept-ranges: bytes
content-length: 292
x-olb-req-received: t=1665902333471989
x-olb-req-duration: D=145
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597468
expires: Sat, 29 Oct 2022 13:52:42 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png

104.110.3.220

200 OK

364 B

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
35a7359b239ddca8639017dfc4b71b4a
dfdd659f24502fbe7dd79c9564e1e528233fdcad
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2

HTTP Headers

GET /efs/efs/grafx/flows-tooltip.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "16c-5e6a235cbab17"
accept-ranges: bytes
content-length: 364
x-olb-req-received: t=1665902333449146
x-olb-req-duration: D=127
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597494
expires: Sat, 29 Oct 2022 13:53:08 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png

104.110.3.220

200 OK

1.0 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 18 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1017 bytes)
Hash
e7b1dd2b4db648b74fc5b873e7196a87
2f053c0827091b3929ea889dd2dc5c923dcb450a
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

HTTP Headers

GET /efs/efs/grafx/arrow-button-white.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "3f9-5e6a235ca4d07"
accept-ranges: bytes
content-length: 1017
x-olb-req-received: t=1665902333578008
x-olb-req-duration: D=97
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597312
expires: Sat, 29 Oct 2022 13:50:07 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png

104.110.3.220

200 OK

1.1 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 28 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1054 bytes)
Hash
dc25c0429ceba4038c36551d05760dd7
a79832f9ae49997cd90701d48a02bd06bf29a7d0
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c

HTTP Headers

GET /efs/efs/grafx/arrow-down-blue.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "41e-5e6a235ca4d07"
accept-ranges: bytes
content-length: 1054
x-olb-req-received: t=1665902333438403
x-olb-req-duration: D=100
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597491
expires: Sat, 29 Oct 2022 13:53:06 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png

104.110.3.220

200 OK

165 B

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 7 x 9, 8-bit/color RGBA, non-interlaced\012- data
Size
165 B (165 bytes)
Hash
1792e4aa4d2d86dec430ef9a60362a35
90b9e9c14f636362e9558d14fefe15782f75d256
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69

HTTP Headers

GET /efs/efs/grafx/arrow-right-orange.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "a5-5e6a235ca5357"
accept-ranges: bytes
content-length: 165
x-olb-req-received: t=1665902333683140
x-olb-req-duration: D=140
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597361
expires: Sat, 29 Oct 2022 13:50:56 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff

104.110.3.220

200 OK

18 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 18524, version 0.0\012- data
Size
18 kB (18524 bytes)
Hash
022cb73ac43269074f73e97b9cca4f2d
85f96bbe6d675a4892fbb483cde78c6eb9419d78
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "485c-5e885b034aefa"
accept-ranges: bytes
content-length: 18524
x-olb-req-received: t=1665902333523263
x-olb-req-duration: D=197
access-control-allow-origin: *
cache-control: max-age=597480
expires: Sat, 29 Oct 2022 13:52:55 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff

104.110.3.220

200 OK

32 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 31864, version 1.0\012- data
Size
32 kB (31864 bytes)
Hash
0dd22599312493e4bb7b8662f71dddcc
29f5fd587566f80d886dc0109f53ecf47eb5bbf5
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/font/citizen_book.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "7c78-5e885b034f78f"
accept-ranges: bytes
content-length: 31864
x-olb-req-received: t=1665902334048084
x-olb-req-duration: D=227
access-control-allow-origin: *
cache-control: max-age=597443
expires: Sat, 29 Oct 2022 13:52:18 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff

104.110.3.220

200 OK

28 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 27852, version 1.0\012- data
Size
28 kB (27852 bytes)
Hash
76f4964f6d001aa6967fb570438d80cc
5259516d0615338a701e5a19a37d6bc45c6bcedc
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "6ccc-5e885b034f545"
accept-ranges: bytes
content-length: 27852
x-olb-req-received: t=1665902334049950
x-olb-req-duration: D=159
access-control-allow-origin: *
cache-control: max-age=597451
expires: Sat, 29 Oct 2022 13:52:26 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/hhf/js/citizensHeaderFooter-citizensns42588.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:55 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.244.155.70

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.244.155.70:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Pragma, Content-Length, Content-Type, ETag, Retry-After, Cache-Control, Last-Modified, Backoff, Expires
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 22 Oct 2022 15:36:24 GMT
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 15:06:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dc5ba6653148afa9504262089bb395dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: yAC-tE5-T015XjKCNsHR0jrU_hKb79yUKpnDyZjd9gk1Zcfh1ikXjQ==
Age: 3065

citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /content/930e113327rn2365aa3b7b98b0447e8d HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:55 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5709
Cache-Control: max-age=150419
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 15:54:55 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:41:54 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/efs/jsp-ns/scripts/common.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:55 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9997
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png

104.110.3.220

200 OK

14 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13907 bytes)
Hash
172ee65ce7e2afc164fb89579d8060b2
1bcc0c40ce0dd35f4150e286d4da86eb5150d2da
6031e1710c50b5ade8d4fe1f9d2a7885caa5f18493944871891d9bf847dcec0e

HTTP Headers

GET /efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "3653-5e885b03510a1"
accept-ranges: bytes
content-length: 13907
x-olb-req-received: t=1665902334263596
x-olb-req-duration: D=181
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597334
expires: Sat, 29 Oct 2022 13:50:29 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png

104.110.3.220

200 OK

11 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10871 bytes)
Hash
f62b2664dd6a40ab3a9f7af34412f8b7
02438189257c795c3726e4f45b1ce3bb921255d5
707a3217546ca6852234cb3fa3b61f458581ca943b6195032ba9efe7e1e0ee5f

HTTP Headers

GET /efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "2a77-5e885b0354b35"
accept-ranges: bytes
content-length: 10871
x-olb-req-received: t=1665902333725314
x-olb-req-duration: D=145
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597260
expires: Sat, 29 Oct 2022 13:49:15 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D

13.224.245.32

200 OK

397 B

URL HTTP/1.1
nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D
IP
13.224.245.32:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (396)
Size
397 B (397 bytes)
Hash
219445f97271fae59d8de146886b5eb6
f8bfbd83d1242123feb4ed0a4dff01b304c672e4
cbf8fa4907e237559aeffc256d8eddc73ebcabbfd9fd17d99e4437e530c18cec

HTTP Headers

GET /citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 397
Connection: keep-alive
Server: nginx
Date: Sat, 22 Oct 2022 15:54:55 GMT
Expires: Sat, 22 Oct 2022 15:54:54 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 f2f35cfbe251bd412f460c97cca8770c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: hfiYOPLmccNSt1BI7-DbuNkuUgbR7oM7GM32EU-Y4QD-Dzq2yyPpjQ==

nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117

13.224.245.32

200 OK

31 kB

URL HTTP/1.1
nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117
IP
13.224.245.32:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1970)
Size
31 kB (30934 bytes)
Hash
3d2d25ef325eac356d449d8df162c7e5
b181f4221b3190118630f334403a218e7887eb92
82b8253b53400a2508202f2329064ac51c74d09e8361d7ef393b87793199e858

HTTP Headers

GET /citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:33 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 04:24:01 GMT
ETag: W/"7f943d1386ac8d666a04c5f7c1aca6a2"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: 7Vz_bNM1vqq_ptJsDOdn8z3nddxBTl2j
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f2f35cfbe251bd412f460c97cca8770c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: dBPY4-2d7IRXOyq2WPjU8Kiv6Qu9SW_Imqf-gf7BXNtEDIzcVpinmQ==
Age: 902603

nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909

13.224.245.32

200 OK

4.5 kB

URL HTTP/1.1
nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909
IP
13.224.245.32:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (564)
Size
4.5 kB (4516 bytes)
Hash
fd603d97b40b9255bfad0347af30b289
4dbc7e969f3d64bd0e668bb424284a2cf1c134d5
9cf6e47fb2dfb89d2ffc01f75ffc38c7eac7d9ad07f11d39597ca329067c3f6f

HTTP Headers

GET /citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:33 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 03:57:00 GMT
ETag: W/"42ede44761b41779f967c114c118aa3e"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: NiK352lECAFDggvv33Jq9naFD_ydY3Ez
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 704990717f84876e269b7e943738c392.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: wQbjXS6qF_Iq8MWHr_zjbdgcBvRvRuRB2BSjVEuBSr7_gYbRl8uxUw==
Age: 902603

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e63e513dcf53ce7553e7b0823c6a14a4
339b57dfcff07274c5760a3eca84e85313801a13
0e2fa20095d3d2116bdabd8fcda346d45c6bca2c5aab1cc87811cc5ed62d72be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 15:43:26 GMT
Expires: Sat, 29 Oct 2022 15:43:25 GMT
Etag: "339b57dfcff07274c5760a3eca84e85313801a13"
Cache-Control: max-age=603509,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a111d12b517-OSL

push.services.mozilla.com/

44.228.207.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.207.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fFvbFqq6CTqLy0gLOcpepQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 84UoQzZH/qtO/AB5nZZHxqqoAyg=

lptag.liveperson.net/tag/tag.js?site=89632304

178.249.101.23

200 OK

7.6 kB

URL HTTP/2
lptag.liveperson.net/tag/tag.js?site=89632304
IP
178.249.101.23:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.6 kB (7567 bytes)
Hash
6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd

HTTP Headers

GET /tag/tag.js?site=89632304 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:55 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.appdynamics.com/adrum/adrum-latest.js?

18.165.201.17

200 OK

40 kB

URL HTTP/1.1
cdn.appdynamics.com/adrum/adrum-latest.js?
IP
18.165.201.17:0
ASN
#0

File type
ASCII text, with very long lines (644)
Size
40 kB (40203 bytes)
Hash
cd86db0f552897dc33e8433d0cf9bad2
676df314ca85d1418ffb110f3979c31281da027d
fd30f76d2b4bebd4b4bd680793a8a993b46a15808c0cea0533e629fc2990889f

HTTP Headers

GET /adrum/adrum-latest.js? HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin: *
Content-Encoding: gzip
Date: Fri, 21 Oct 2022 17:25:06 GMT
Cache-Control: public, max-age=2678400, s-max-age=14400
ETag: W/"6317b609-1b2d9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 25bae94046433e736c44a6c37f27c7c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: ukoej2dZaamm61PtpUlM5Hmsar-6FeUm4lDoVAvKmjR65UHEcODQog==
Age: 80989

cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?

104.18.15.22

301 Moved Permanently

167 B

URL HTTP/1.1
cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
IP
104.18.15.22:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /citizen/OLB/p/detector-dom.min.js? HTTP/1.1
Host: cdn.glassboxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 15:54:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
X-Cache: Redirect from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3dMzgCIzBCmWarPpdFVhHPbge43pGelybb4-bso8rh92kXxiyqpfPA==
CF-Cache-Status: HIT
Age: 396
Expires: Sat, 22 Oct 2022 19:54:55 GMT
Cache-Control: public, max-age=14400
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e36a137cc7b4f4-OSL

cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js

18.165.201.17

200 OK

20 kB

URL HTTP/1.1
cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
IP
18.165.201.17:0
ASN
#0

File type
ASCII text, with very long lines (574)
Size
20 kB (20314 bytes)
Hash
cca1b9c013b93bd73bf4f55b122ba8db
ed011720d910a5b69db06ebaabcd95d013255752
d5ef573c9770681c3a75ec78445d0c785ca6659a0cf25f145ddfbae414b0b77a

HTTP Headers

GET /adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 01 Oct 2022 05:28:16 GMT
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:12 GMT
ETag: W/"6317b608-d132"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Cache-Control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 25bae94046433e736c44a6c37f27c7c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: uMABiiMI8Y5ZFOSFFf2Re3sRF3VATfO5JF1CEY9aVs9pDU2HpzChdA==
Age: 1851999

nebula-cdn.kampyle.com/wu/356861/onsite/embed.js

151.101.85.175

200 OK

517 B

URL HTTP/2
nebula-cdn.kampyle.com/wu/356861/onsite/embed.js
IP
151.101.85.175:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (573)
Size
517 B (517 bytes)
Hash
e8a4b8a535ad76225074264c54ea0715
ddac064bbfb77a8431cb810189043ff97b8e84fe
32a10a956e30f4b84dbaf4230037a1fd36c15bcdd345719b9393b9c2517f00b6

HTTP Headers

GET /wu/356861/onsite/embed.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ioqo2qnTXz9VPyGdm9U7px0r0c1Pgid1Py+qsRqCxp9kPiSNLtcKr3SrbhV53EloBo04Gq0y+98=
x-amz-request-id: T3BZVBR1VJB17J2B
last-modified: Wed, 05 Oct 2022 21:33:25 GMT
etag: "8b72f36bbd0721428f49dda9c3bd04ac"
x-amz-version-id: P0vUE_TJe.yQCf1POgYtfWkHzc0CIb7I
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 15:54:55 GMT
via: 1.1 varnish
age: 1436695
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1666454096.981130,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 517
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520016,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13bfecb517-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13fa68b4eb-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13fd6b0af6-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13f934b50f-OSL

nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js

151.101.85.175

200 OK

114 kB

URL HTTP/2
nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
IP
151.101.85.175:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (53527)
Size
114 kB (114411 bytes)
Hash
875e1611678facfc534c2922ee9f04d1
d045b6a4a0bd45ae1eb134ca1365fe1ff576d8d2
b39dbd6935f69b4f403b183bad057b18b9df8e9c7ac7a3dcc2b123d66cdfbaab

HTTP Headers

GET /us/wu/356861/onsite/generic1665005603563.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 9cQsV036v9UHxHIBBS6ddnOPtu7hupqDHYzTkS5r9D6ofic601WFFGZbpPC4Zcf0I2Hddoonung=
x-amz-request-id: 531P45J50X314A2H
last-modified: Wed, 05 Oct 2022 21:33:24 GMT
etag: "ba78af14d365f8ccbd56a01ca6bf1c05"
x-amz-version-id: sS15mP2HP1_gvO6GweV7zdqjZ8tqzGJg
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 15:54:56 GMT
via: 1.1 varnish
age: 1435591
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1666454096.029603,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 114411
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fca3b625928b8f0507cf1569d9c188cc
25efc79d4d6371040b33025fe9b3a60b3d431e1e
a6900cc898a42c36f943c2bea70b80a79ec827dbf31d8f50c2a941c8b085c12f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: max-age=136413
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 15:54:56 GMT
Etag: "63537a70-1d7"
Expires: Mon, 24 Oct 2022 05:48:29 GMT
Last-Modified: Sat, 22 Oct 2022 05:06:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=13143214040837824590241260337981818122&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1666454110563

52.31.4.32

200 OK

1.3 kB

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=13143214040837824590241260337981818122&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1666454110563
IP
52.31.4.32:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (3749), with no line terminators
Size
1.3 kB (1308 bytes)
Hash
975f9ffa53b888d78f70936f981f1e50
5248fce34e5320872891851e89c887a5db0edd57
df8a3c9d19ebd3f4928a0c0c1500ce2f595d3698f17c764ffb099d1110445eeb

HTTP Headers

GET /id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=13143214040837824590241260337981818122&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1666454110563 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://citizens-online-support.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-0ea413a51.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=74049107192624089801906428995725083762; Max-Age=15552000; Expires=Thu, 20 Apr 2023 15:54:56 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: A7yP1hBoSOM=
Content-Length: 1308
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13f9571c06-OSL

lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true

178.249.97.98

200 OK

18 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (38447)
Size
18 kB (17694 bytes)
Hash
f4f2cca8e24e109741c7f9d551e99e59
ff979949e59c0a1aa7bd660f5f2df41060bb47de
06b66f0cdeeb0542d15a30358805d6c0c0051aad45cda55a26b022845a44a545

HTTP Headers

GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

ocsps.ssl.com/

52.6.97.148

200 OK

1.8 kB

URL HTTP/1.1
ocsps.ssl.com/
IP
52.6.97.148:0
ASN
#14618 AMAZON-AES

File type
data
Size
1.8 kB (1810 bytes)
Hash
ba9a1fa780a4fc6f144a3c834eefd27b
129d065f4a8ce68f5042a1c8c2413a3f33656da0
c2ad56e8e97bc352343ea4e4c4f1882284d56db37a8fff799a2faf3ca1bb0b75

HTTP Headers

POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Sat, 29 Oct 2022 15:30:20 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "129d065f4a8ce68f5042a1c8c2413a3f33656da0"
Last-Modified: Sat, 22 Oct 2022 15:30:21 GMT
X-Proxy-Cache: HIT

accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB

178.249.101.99

200 OK

307 kB

URL HTTP/2
accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type
data
Size
307 kB (307189 bytes)
Hash
fc19f0e42806c5bce656210f4cfc0f01
2e71bca8851d2b6cc5de9797e5a005d1f5f418a9
871f3c0a55240bcaf798b571b870373dd3ac79091468ef0276b588e9912f3682

HTTP Headers

GET /api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:5d04c41a-c3d4-4d5a-a01d-635953d37066; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
ADRUM_BTa=R:35|g:5d04c41a-c3d4-4d5a-a01d-635953d37066|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:7; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 15:55:56 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9MTY4OTc2ZTQzOTgyNmUzODVkMGRlYmE5NiZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NTQxMTA3ODciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwNjc1YWU0MmNjLTBiMjRjYTc4MTY0NzYtMzA2ZDQ2NGEtMTQwMDAwLTE4NDAwNjc1YWU1YjciLCJlbnZpcm9tZW50IjogInByb2RVc09yZWdvbiIsImFjY291bnRJZCI6IDM1Njg2MCwidXJsIjogImh0dHA6Ly9jaXRpemVucy1vbmxpbmUtc3VwcG9ydC5jb20vY2l0aXplbmJhbmsvbG9naW4ucGhwP29ubGluZV9pZD0xNjg5NzZlNDM5ODI2ZTM4NWQwZGViYTk2JmNvdW50cnk9Jmlzbz0iLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImI5ZWMtMTEzZS0xYzFlLTA4NTAtMzExOC00YjI4LWRlZWEtOWQ0NiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDU0MTEwNzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4MSwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ1NDExMDc4NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==

35.241.45.82

200 OK

0 B

URL HTTP/2
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9MTY4OTc2ZTQzOTgyNmUzODVkMGRlYmE5NiZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NTQxMTA3ODciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwNjc1YWU0MmNjLTBiMjRjYTc4MTY0NzYtMzA2ZDQ2NGEtMTQwMDAwLTE4NDAwNjc1YWU1YjciLCJlbnZpcm9tZW50IjogInByb2RVc09yZWdvbiIsImFjY291bnRJZCI6IDM1Njg2MCwidXJsIjogImh0dHA6Ly9jaXRpemVucy1vbmxpbmUtc3VwcG9ydC5jb20vY2l0aXplbmJhbmsvbG9naW4ucGhwP29ubGluZV9pZD0xNjg5NzZlNDM5ODI2ZTM4NWQwZGViYTk2JmNvdW50cnk9Jmlzbz0iLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImI5ZWMtMTEzZS0xYzFlLTA4NTAtMzExOC00YjI4LWRlZWEtOWQ0NiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDU0MTEwNzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4MSwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ1NDExMDc4NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9MTY4OTc2ZTQzOTgyNmUzODVkMGRlYmE5NiZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NTQxMTA3ODciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwNjc1YWU0MmNjLTBiMjRjYTc4MTY0NzYtMzA2ZDQ2NGEtMTQwMDAwLTE4NDAwNjc1YWU1YjciLCJlbnZpcm9tZW50IjogInByb2RVc09yZWdvbiIsImFjY291bnRJZCI6IDM1Njg2MCwidXJsIjogImh0dHA6Ly9jaXRpemVucy1vbmxpbmUtc3VwcG9ydC5jb20vY2l0aXplbmJhbmsvbG9naW4ucGhwP29ubGluZV9pZD0xNjg5NzZlNDM5ODI2ZTM4NWQwZGViYTk2JmNvdW50cnk9Jmlzbz0iLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImI5ZWMtMTEzZS0xYzFlLTA4NTAtMzExOC00YjI4LWRlZWEtOWQ0NiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDU0MTEwNzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4MSwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ1NDExMDc4NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-mmdt
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

3.1 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (8603), with no line terminators
Size
3.1 kB (3085 bytes)
Hash
de2ebef28669ca9a7e1c58f0270966f8
db24fe01acb8139558592ddf9d4545ffb0335131
b483fb303814d6313574d22cc0b9e8852a93db9c089ce6d69dee30a9596499bb

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:41 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3460
Expires: Sat, 22 Oct 2022 16:52:36 GMT
Date: Sat, 22 Oct 2022 15:54:56 GMT
Connection: keep-alive

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

31 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
data
Size
31 kB (31379 bytes)
Hash
52a11bc0692f73fff13ca061ed3b6f9d
b5a668c5b1576e0f6f911a09d0d3eddfb1d5f831
ae90114eb163ec826b255316a889af28c6f139eb09c104ca8334aee0b4a077c9

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

15 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
data
Size
15 kB (14887 bytes)
Hash
99050c6271b800097866911ce332f8a6
43ff621e1b311a7d4fb61d840dfd25a1724623b2
20e809929b6e95fefcd2d68b505567b703d5663cafc867d132ab612a14f037c9

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:40 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3460
Expires: Sat, 22 Oct 2022 16:52:36 GMT
Date: Sat, 22 Oct 2022 15:54:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3460
Expires: Sat, 22 Oct 2022 16:52:36 GMT
Date: Sat, 22 Oct 2022 15:54:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg

34.120.237.76

200 OK

2.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.3 kB (2305 bytes)
Hash
76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AsSDzjeB5RvDY9ZCxMe-b1bTQiQI6r2yB-PPBo9Qap4hWMINj4wmSA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 13:22:13 GMT
age: 9163
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8856 bytes)
Hash
a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 63291
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10684 bytes)
Hash
5ef386b42bd6b9efb747cfeb3d64fb7a
db63f62383d513348c1ef231ea4fb58d7e1e044e
988cb73f0fef893d2d65a66fad0b171350102f4496fa5ba22e415d5929373d0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10684
x-amzn-requestid: 643c8e7b-15e9-4241-8ba1-e3f4a4592373
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okE7AoAMFjDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-705159c619bc23880acd4d42;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Npq_KhYynsGPhwdVvIa_JeWi13m74Qgm7vw5GyWDydH7tzON7p0MYA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 64464
etag: "db63f62383d513348c1ef231ea4fb58d7e1e044e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11151 bytes)
Hash
26c47e4b0147f8dee3e71a53a8f2830c
381edb4758da428db5ffe884f8fb38bf11044f69
b507898359abbcb1f57821c147a58df66d7e81acc198afc997527b58cd835b39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11151
x-amzn-requestid: 5c32e307-f2a7-4050-a96f-a47667ec4752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-NEFTKoAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b9-2fc77f394ca297126abaed94;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ib4A9F4pA6k1iYdefeQokFkEkmqlEASJ2d20BQ6gqRYj3teYDu8Cyg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:20 GMT
age: 63636
etag: "381edb4758da428db5ffe884f8fb38bf11044f69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5517 bytes)
Hash
1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hitgYm684zdpmL8IbPzFxhPWRrc2-VmnlofdTiPhJzkrc26mgXTTTA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:41 GMT
age: 64455
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7372 bytes)
Hash
616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 64464
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=1&cfg=27baeec&pv=2&aid=

54.235.78.87

200 OK

140 B

URL HTTP/1.1
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=1&cfg=27baeec&pv=2&aid=
IP
54.235.78.87:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
140 B (140 bytes)
Hash
0502320d2bbbf631c17e7e4cd83ba0ad
83ca6151f5b88d84c4482f52f8bc656f34df88e0
01443509621836b99c1c78ecd2b59e3c30afdf2ebd2e0407a34ed034da1628d8

HTTP Headers

POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=1&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4698
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_cfgver=27baeec; _cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c; _cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0; AWSALBCORS=e3vDPTt/laWJtxa6f3mXblnMdv7LcvJ2t71RwjPy0lDyd4Z7w2XzUcXLcDqS6CtmRa6uyLFO6nVyxsVJZnOSl/aJScBKaUGJs436TDJrwjLaag2rQ5MRzRknBO/N
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=7D0VVL2vyFVruvAuNUyFFk8IP9lKYFhBiN8ICBoikMCvlWYpimfDwFeMHmfXeatOdc2h3zuge4QRQbS0MXdt5bb8xOxNmdf9/shLoh11HpkQmajvUwIy5+G9umkQ; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/
AWSALBCORS=7D0VVL2vyFVruvAuNUyFFk8IP9lKYFhBiN8ICBoikMCvlWYpimfDwFeMHmfXeatOdc2h3zuge4QRQbS0MXdt5bb8xOxNmdf9/shLoh11HpkQmajvUwIy5+G9umkQ; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5025

54.235.78.87

200 OK

140 B

URL HTTP/1.1
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=2&cfg=27baeec&pv=2&aid=
IP
54.235.78.87:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
140 B (140 bytes)
Hash
0502320d2bbbf631c17e7e4cd83ba0ad
83ca6151f5b88d84c4482f52f8bc656f34df88e0
01443509621836b99c1c78ecd2b59e3c30afdf2ebd2e0407a34ed034da1628d8

HTTP Headers

POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=2&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 8245
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_cfgver=27baeec; _cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c; _cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0; AWSALBCORS=e3vDPTt/laWJtxa6f3mXblnMdv7LcvJ2t71RwjPy0lDyd4Z7w2XzUcXLcDqS6CtmRa6uyLFO6nVyxsVJZnOSl/aJScBKaUGJs436TDJrwjLaag2rQ5MRzRknBO/N
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=cgiu6A5lgMif2GSx6GRXedOnV21o8uOBUZ2vRUgvG9cNbkHfM3uA2KgLilO39h/44QcVV3MSaMQpbS3ndorOhByVPwFRvTLOwXMaHCPP9mCiyEVM8r8gqwTb7zAS; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/
AWSALBCORS=cgiu6A5lgMif2GSx6GRXedOnV21o8uOBUZ2vRUgvG9cNbkHfM3uA2KgLilO39h/44QcVV3MSaMQpbS3ndorOhByVPwFRvTLOwXMaHCPP9mCiyEVM8r8gqwTb7zAS; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5025

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
913f1b27298f63f2a7fd4e4bd111c122
5b7617638b7cb79d235be543f55e2242de9329f7
3edb79be98abcf38d13935f26dd4432747020edf620904eaa8888db00820706a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 11:37:43 GMT
Expires: Fri, 28 Oct 2022 11:37:42 GMT
Etag: "5b7617638b7cb79d235be543f55e2242de9329f7"
Cache-Control: max-age=502364,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a1e2c7fb517-OSL

54.235.78.87

200 OK

140 B

URL HTTP/1.1
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=3&cfg=27baeec&pv=2&aid=
IP
54.235.78.87:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
140 B (140 bytes)
Hash
0502320d2bbbf631c17e7e4cd83ba0ad
83ca6151f5b88d84c4482f52f8bc656f34df88e0
01443509621836b99c1c78ecd2b59e3c30afdf2ebd2e0407a34ed034da1628d8

HTTP Headers

POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=3&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 584
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_cfgver=27baeec; _cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c; _cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0; AWSALBCORS=7D0VVL2vyFVruvAuNUyFFk8IP9lKYFhBiN8ICBoikMCvlWYpimfDwFeMHmfXeatOdc2h3zuge4QRQbS0MXdt5bb8xOxNmdf9/shLoh11HpkQmajvUwIy5+G9umkQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=CK05w/79c7mOlP+3axR6A2T+ZzQNSOpbrxaKtlj5qqk7KccCvUANJGINIfo+82pb/nGZdPlO7pXwoEpwfajGOp4bwE05sfI9v3T9VcQz+eyerX7T4b4nS4zcdYRK; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/
AWSALBCORS=CK05w/79c7mOlP+3axR6A2T+ZzQNSOpbrxaKtlj5qqk7KccCvUANJGINIfo+82pb/nGZdPlO7pXwoEpwfajGOp4bwE05sfI9v3T9VcQz+eyerX7T4b4nS4zcdYRK; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5025

54.235.78.87

200 OK

140 B

URL HTTP/1.1
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=4&cfg=27baeec&pv=2&aid=
IP
54.235.78.87:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
140 B (140 bytes)
Hash
0502320d2bbbf631c17e7e4cd83ba0ad
83ca6151f5b88d84c4482f52f8bc656f34df88e0
01443509621836b99c1c78ecd2b59e3c30afdf2ebd2e0407a34ed034da1628d8

HTTP Headers

POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=4&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 329
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_cfgver=27baeec; _cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c; _cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0; AWSALBCORS=cgiu6A5lgMif2GSx6GRXedOnV21o8uOBUZ2vRUgvG9cNbkHfM3uA2KgLilO39h/44QcVV3MSaMQpbS3ndorOhByVPwFRvTLOwXMaHCPP9mCiyEVM8r8gqwTb7zAS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=L1cRjBcNOWySiMdduDOtITaLrJ1cwGjnHPe261kBYXrswzw7ZkTCpiNrHEJv9lg8wCEcc39Pnk60bhwXTWXYworskEfTMyKWmcTMVJbl6wZR8vfXU1cKMt3mxFwF; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/
AWSALBCORS=L1cRjBcNOWySiMdduDOtITaLrJ1cwGjnHPe261kBYXrswzw7ZkTCpiNrHEJv9lg8wCEcc39Pnk60bhwXTWXYworskEfTMyKWmcTMVJbl6wZR8vfXU1cKMt3mxFwF; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5025

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a03e874f79f96ea8f359696750b166e9
7568be3098bdd9506411e8451ef8afc71bb41b12
ac0f6cb3b5455698612fd7363b89e669a7503d824331d07e8166e1f600abdabb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5570
Cache-Control: max-age=90186
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 15:55:02 GMT
Etag: "6352b9de-1d7"
Expires: Sun, 23 Oct 2022 16:58:08 GMT
Last-Modified: Fri, 21 Oct 2022 15:25:18 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 471

cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?

104.18.15.22

200 OK

0 B

URL HTTP/2
cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
IP
104.18.15.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /citizen/OLB/p/detector-dom.min.js? HTTP/1.1
Host: cdn.glassboxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:55 GMT
content-type: application/javascript
last-modified: Thu, 13 May 2021 10:48:21 GMT
x-amz-version-id: bbfnKPP3ulrtofSzPJqgXAlMwVq2hNWe
content-encoding: gzip
etag: W/"845173368b011e7fa14658b57426fe09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: TjES7ym4ShstKtpj1GLznZjl8VeU-G2N0yGQlAXn4IB-OQXucq9_RQ==
cf-cache-status: HIT
age: 396
expires: Sat, 22 Oct 2022 19:54:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 75e36a13feb90b49-OSL
X-Firefox-Spdy: h2

va.v.liveperson.net/api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb74722x92601&t=sp&ts=1666454111907&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh&rvt=1666454072360&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226af62bef-1e94-4376-b62b-ef1e94037673%22%2C%22account%22%3A%2289632304%22%7D%5D

208.89.12.87

200 OK

0 B

URL HTTP/2
va.v.liveperson.net/api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb74722x92601&t=sp&ts=1666454111907&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh&rvt=1666454072360&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226af62bef-1e94-4376-b62b-ef1e94037673%22%2C%22account%22%3A%2289632304%22%7D%5D
IP
208.89.12.87:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb74722x92601&t=sp&ts=1666454111907&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh&rvt=1666454072360&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226af62bef-1e94-4376-b62b-ef1e94037673%22%2C%22account%22%3A%2289632304%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:57 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/adrum

35.166.110.234

200 OK

0 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/adrum
IP
35.166.110.234:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12511
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:55:02 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:35|g:b6dda4dc-81aa-41f0-b275-d3ae991a46a5;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30
ADRUM_BTa=R:35|g:b6dda4dc-81aa-41f0-b275-d3ae991a46a5|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30;Secure
ADRUM_BT1=R:35|i:559461;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30
ADRUM_BT1=R:35|i:559461|e:6;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3

178.249.101.23

200 OK

0 B

URL HTTP/2
lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP
178.249.101.23:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:55 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

178.249.101.99

200 OK

0 B

URL HTTP/2
accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:94b99ae0-3ddb-490b-880a-c175dfde4962; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
ADRUM_BTa=R:35|g:94b99ae0-3ddb-490b-880a-c175dfde4962|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:5; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 15:55:56 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:46 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations