firefox.settings.services.mozilla.com/v1/
18.244.155.70200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.244.155.70:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 15:26:20 GMT
Expires: Sat, 22 Oct 2022 15:26:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dd1211d51ecc66d1523e03934a660f3a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: PXiEZgqFm6K_RnBnKMj1aMfQSy_af1H7ErwrxL0SE8AVM7_HgObqmQ==
Age: 1714
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17275
Expires: Sat, 22 Oct 2022 20:42:49 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17292
Expires: Sat, 22 Oct 2022 20:43:06 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: G3Xb659mKIX7Hyk6T20rr9lV75umHI+WaLD6UKG0kAvJYkPRMDus4vYCMxhuaCUfR7gwvZhZXBU=
x-amz-request-id: ASXDJFT4QR0Z6YM5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 15:37:37 GMT
age: 1037
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
23.254.132.83200 OK 26 kB URL HTTP/1.1 citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
IP 23.254.132.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (672), with CRLF line terminators
Hash b27bd01402693bedb7107dec85a3f2df
0129e5275b6bbdd6355d291eaebc22e6da532c41
bacfd23af9c90b604030b1fde7b8b7ca90f47c6902724d666a99e02ea36d682c
GET /citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso= HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=10000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 15:54:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
13.224.245.32200 OK 32 kB URL HTTP/1.1 nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
IP 13.224.245.32:0
File type ASCII text, with very long lines (594)
Hash 3e3e57d74e385af3525e39e1a6b268da
8c0bd74879a5678ad73d6313ec8bc6c6ed339079
fbdeaa04631ff4616c28d150742e68b3197d7541c3742a7082ca1473de886311
GET /citizensbank/olbprod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:32 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 04:24:01 GMT
ETag: W/"e28169ebc267a281e5ca0d996e98214e"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=300
x-amz-version-id: 6VlOzl96zfTglXsm.ylgZ_Vxg_x9B5Dp
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f2f35cfbe251bd412f460c97cca8770c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: SsV9V-u9aT9i3DDVCs_WM9Qt6ePfve_0bru7jeH-cqd2Yn6a_GGlAw==
Age: 902603
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Sat, 22 Oct 2022 16:53:59 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Sat, 22 Oct 2022 16:53:59 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Sat, 22 Oct 2022 16:53:59 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Sat, 22 Oct 2022 16:53:59 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
104.110.3.220200 OK 10 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
IP 104.110.3.220:0
Hash e8a5a242bcaea8c7314ccbb04612d922
101e2286a81e108dd00c618032d793b2dc5366b3
8e2a305132b87d2a48461f8e3d820dbf640d66d530ab007632c5c5d79ce8cdc7
GET /efs/efs/jsp-ns/inc/css/main.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "f405-5e885b034f92d"
last-modified: Sun, 16 Oct 2022 06:47:26 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=2162
x-olb-req-received: t=1665902334267901
content-length: 10382
cache-control: max-age=85888
expires: Sun, 23 Oct 2022 15:46:22 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js
104.110.3.220200 OK 39 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js
IP 104.110.3.220:0
Hash 2940c843ff15ab8e9f02511625f33e57
98ccd0fb1d60770a1aadf90d41daa49cab543cb3
4aed3165815cc1806999483e40a47863accf1cead25769de0162921f2f590298
GET /efs/efs/jsp-ns/scripts/plugins.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "31d24-5e885b0350b17"
last-modified: Sun, 16 Oct 2022 06:41:17 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=8368
x-olb-req-received: t=1665902334392040
content-length: 38875
cache-control: max-age=86003
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js
104.110.3.220200 OK 4.0 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js
IP 104.110.3.220:0
Hash cc2102df58511c9a2653b1dff48ca8d7
64790e6adff6768178ab7d0ad9a4fbc2849b81f2
b9abbff7d9e75763790fd3b291f21525fe85583b397fe5f4b260bc99ff48aab7
GET /efs/efs/jsp-ns/scripts/main.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "4c03-5e885b03504e5"
last-modified: Thu, 20 Oct 2022 04:19:24 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=779
x-olb-req-received: t=1665902332994710
content-length: 3967
cache-control: max-age=32023
expires: Sun, 23 Oct 2022 00:48:37 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js
23.254.132.83404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js
IP 23.254.132.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/efs/jsp-ns/pm_fp.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js
104.110.3.220200 OK 1.4 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js
IP 104.110.3.220:0
File type ASCII text, with very long lines (4237)
Hash f42064b9d324029ba5cb5afccc50b641
3993f47a728f00ee410a143361ab33b0339455f7
b02a1a4d60ab1f5c740784e9a27a7f0a85178466573fb29fb0bd7afdccf7b5f0
GET /efs/efs/jsp-ns/scripts/placeholders.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "10aa-5e885b034ca52"
last-modified: Wed, 19 Oct 2022 18:44:25 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=350
x-olb-req-received: t=1665902333087295
content-length: 1394
cache-control: max-age=43095
expires: Sun, 23 Oct 2022 03:53:09 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png
104.110.3.220200 OK 5.3 kB URL HTTP/2 www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png
IP 104.110.3.220:0
File type PNG image data, 406 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash beb4d1c9f430bb08a4ed54df069e8f0c
39950ddd690d1cbe2d08610da5c11c854450523f
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b
GET /efs/hhf/img/CTZ_Green-01.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 10 Sep 2022 01:58:56 GMT
etag: "149d-5e849015deb49"
accept-ranges: bytes
content-length: 5277
x-olb-req-received: t=1665902353036164
x-olb-req-duration: D=187
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597430
expires: Sat, 29 Oct 2022 13:52:04 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js
104.110.3.220200 OK 5.5 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js
IP 104.110.3.220:0
File type HTML document, ASCII text, with very long lines (14756)
Hash 088d590db53a3ede82a998537283c75d
87ed57fd5e2a623f35f80a3684c2de916ce4e2f8
d45c62a7108121887dc8866d445dde985d96b82143b3da2c9068e32caf316db4
GET /efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "3c36-5e885b034ca52"
last-modified: Sat, 22 Oct 2022 11:30:08 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=833
x-olb-req-received: t=1665902334348159
content-length: 5535
cache-control: max-age=74395
expires: Sun, 23 Oct 2022 12:34:49 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3506
Expires: Sat, 22 Oct 2022 16:53:20 GMT
Date: Sat, 22 Oct 2022 15:54:54 GMT
Connection: keep-alive
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
104.110.3.220200 OK 2.0 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
IP 104.110.3.220:0
Hash 07507f946ee4b2b9d4affc283b431119
00218cebeb305b00ae4ef74e4a67957d3c43e6f2
44fb4d44ce9291066e686a9861b8b31f021c816fa60e97c613bf5aadcc8e2830
GET /efs/efs/jsp-ns/inc/css/flows.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "21ce-5e885b034aefa"
last-modified: Mon, 17 Oct 2022 14:29:06 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=535
x-olb-req-received: t=1665902336855011
content-length: 1975
cache-control: max-age=58208
expires: Sun, 23 Oct 2022 08:05:02 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css
104.110.3.220200 OK 1.2 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css
IP 104.110.3.220:0
Hash e9404d7ddc1ef0b93851879620bfea8a
69575dd0119d3439f3d7ba4b45d12a3c0e47a39e
f5be5cfcdb9f541d6e355cd15b78204e715c979bb90a7dbae94d18c9bdad8772
GET /efs/efs/jsp-ns/inc/css/ad-containers.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "1dd4-5e885b034ed75"
last-modified: Sun, 16 Oct 2022 06:48:49 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=523
x-olb-req-received: t=1665902334308988
content-length: 1227
cache-control: max-age=85866
expires: Sun, 23 Oct 2022 15:46:00 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css
104.110.3.220200 OK 2.3 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css
IP 104.110.3.220:0
Hash 0a445a15e0f09a7738952731fdf3fe9d
3d4cef20189303cc4f24c27da1b8d2043e700cea
173f4f410b46ca6211eee490747009c597b7d7c475bcac07df88a18521bbef54
GET /efs/efs/jsp-ns/inc/css/normalize.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "26c2-5e885b034f92d"
last-modified: Mon, 17 Oct 2022 05:48:09 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=562
x-olb-req-received: t=1665902334194308
content-length: 2300
cache-control: max-age=3125
expires: Sat, 22 Oct 2022 16:46:59 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www4.citizensbankonline.com/akam/11/7c3ed55c
104.110.3.220404 Not Found 9 B URL HTTP/2 www4.citizensbankonline.com/akam/11/7c3ed55c
IP 104.110.3.220:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /akam/11/7c3ed55c HTTP/1.1
Host: www4.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html
content-length: 9
cache-control: max-age=0
expires: Sat, 22 Oct 2022 15:54:54 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
set-cookie: ak_bmsc=AA6BACD9E6C2228D64B657F1F6680DE7~000000000000000000000000000000~YAAQnE8kF24I9uaDAQAAUoNnABGZtvfEV8Bc1pWsocsdrPh8w/50F/EGaE5iFLtg7oUDbIl3k4AlwbAP9jKSiDyde9YW86UXvGl9HQHN8it0TEdbpd5OocPXFTkHDmcc2pr9P2xz/FdH89VGEsCZd9huKrS0PUEoMZf9Rpgr68WzZ/WUv2462N00nmzDl12UhIvTbccMfR5w51oohzRVr8qW38FT0X0jxX10wsJFhspg2/GZOWoxiyD+e9oQd9FNZEy1KyU+4cBVIQ9TN96nDh9OY1+cYxBnl1dMF9wlUShisPsCVeoP0PEmSquvdrSRD01SRixwwsB4DHmLRvT2Z4rjHjcFdICeT1F5q/RzYO3YxP2N/hM0JoR4RkR8N4UUMeH33f6NpWD2/y2MLRdNTq+miKFU; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 17:54:54 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css
104.110.3.220200 OK 3.1 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css
IP 104.110.3.220:0
File type ASCII text, with very long lines (17412)
Hash ac9a70a6f100c02749dfadb709b6eadf
69906e55ace36c217a52d428029a3c71dc16a7e4
466e6cf44306264c98e5642f77be87292e03e578ce78b17c0b39521460b1d37a
GET /efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "4a56-5e885b034bab2"
last-modified: Sun, 16 Oct 2022 06:48:15 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=723
x-olb-req-received: t=1665902337198216
content-length: 3118
cache-control: max-age=85860
expires: Sun, 23 Oct 2022 15:45:54 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
23.254.132.83404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
IP 23.254.132.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/hhf/js/citizensHeaderFooter-citizensns42588.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
23.254.132.83404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
IP 23.254.132.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/efs/jsp-ns/scripts/common.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
104.110.3.220200 OK 32 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
IP 104.110.3.220:0
File type Web Open Font Format, TrueType, length 31968, version 1.0\012- data
Hash d496c6122c776cae7c2a783bfcd7a3a1
fbdbec90d23bd77f471be50a3c6711e535ac72bc
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
GET /efs/efs/jsp-ns/inc/css/font/citizen_roman.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "7ce0-5e885b034bab2"
accept-ranges: bytes
content-length: 31968
x-olb-req-received: t=1665902333663068
x-olb-req-duration: D=206
access-control-allow-origin: *
cache-control: max-age=597450
expires: Sat, 29 Oct 2022 13:52:24 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
104.110.3.220200 OK 29 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
IP 104.110.3.220:0
File type ASCII text, with very long lines (32089)
Hash 82481a92ac472d179954d66e38f72d07
ea65071dbc1ab11ed29e76bdd30eabbe6cdbc3ec
c8e2e6f9e0e01dcfec7f2633efdd7f8f9d78ba3920e86a0d1231f487928b5fe4
GET /efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "169d6-5e885b034fd15"
last-modified: Sun, 16 Oct 2022 06:41:15 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=4665
x-olb-req-received: t=1665902417810620
content-length: 29409
cache-control: max-age=86004
expires: Sun, 23 Oct 2022 15:48:18 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
23.254.132.83404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
IP 23.254.132.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /content/930e113327rn2365aa3b7b98b0447e8d HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www3.citizensbankonline.com/efs/efs/js/tealeaf.js
104.110.3.220404 Not Found 9.9 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/js/tealeaf.js
IP 104.110.3.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a50763a326038e01ff7f9624d28066c
cae9d82811966f159a734f9402ace74eb01f17f8
c6cc63926f47095f4caf94ad78258d77933e3adcc1ce7781bd7cb2a97d596411
GET /efs/efs/js/tealeaf.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-frame-options: SAMEORIGIN
last-modified: Tue, 20 Apr 2021 15:35:21 GMT
etag: "26ce-5c06931abe040"
accept-ranges: bytes
content-length: 9934
x-olb-req-received: t=1666454094737970
x-olb-req-duration: D=243
access-control-allow-origin: *
content-type: text/html
cache-control: max-age=869
expires: Sat, 22 Oct 2022 16:09:23 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=156, origin; dur=59
strict-transport-security: max-age=15768000
lb-action: None, None
set-cookie: ak_bmsc=CFFF7EA84B5181182C8F68247041DCAF~000000000000000000000000000000~YAAQnE8kF3QI9uaDAQAA8INnABFek712BXfrr6PPDomQ1DLk+T0/mXPyohAmri3egB8QKloJze3MMhGlPXRy+67WGgFOMpyHW35sQXpf5HHhWlUw/aZMk/npKb3FKBjepQIZ1WojWnQ3z6HLfPATVe2MOU+M0VMNeoTbf5PuvxKYL2+n7hvmRquNsVfxSCTTaRKcIdY7dZJIDp61s+oBTM/MOC1G83sry1AhHFmoiTsqZIFCaPuVvUavIksLZCtVpfv6KR2F7fRts++hU3TLEOmZp5uTBeg2SqdOSEDhUa9AFubMlahFn0KX6AZVZE46UG2ry/znU9HZru9CGV8jf8dBxWMLajdVKBSAKgzxnbA4JCR0c0xYKtzutX4cSLcazMALJnpwjjCoJo78jTH149yQyAOx; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 17:54:54 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www4.citizensbankonline.com/akam/11/7c3ed55c
104.110.3.220404 Not Found 9 B URL HTTP/2 www4.citizensbankonline.com/akam/11/7c3ed55c
IP 104.110.3.220:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /akam/11/7c3ed55c HTTP/1.1
Host: www4.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 9
cache-control: max-age=0
expires: Sat, 22 Oct 2022 15:54:54 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
set-cookie: ak_bmsc=7BF780C4D621E1882BA7EFA1D98885E8~000000000000000000000000000000~YAAQnE8kF3kI9uaDAQAANIRnABHTmG8Km5TEPBYYalq5AxzS3DO9E8XJUuBuAcP2TcPx6QdEtrE/+CnLuIVXXzQgevg65yd3ullgUrHbaA7EQcYU2C6OCbABlIO5q/PPbnTsrg0xMKofCMfUFDTcxqCHA+sjrOlRa8QDJPGxi4f70mZ5Zm7QuvUtgo3uylOPjTACPi1TCZi5QAT+Y6W6/Eqj1IP31vZGSKGpjALQxuQednkt2a8Fn1CtkkvYOCCD4bJA3vmYxpTpJp9fat+xaLKdum3WH7iuSXQXn3B0dsKObgZ0Oqm3QAHkocXglucst92IMmbDC5QYG4gU/KET/97K2axPiButSs+T8ZZjEuyKMwHUakpJ98V8ZaCF4Conh/n55csNVxW3D6i2y0dhbekMFiqt; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 17:54:54 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/js/tealeaf.js
104.110.3.220404 Not Found 9.9 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/js/tealeaf.js
IP 104.110.3.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a50763a326038e01ff7f9624d28066c
cae9d82811966f159a734f9402ace74eb01f17f8
c6cc63926f47095f4caf94ad78258d77933e3adcc1ce7781bd7cb2a97d596411
GET /efs/efs/js/tealeaf.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-frame-options: SAMEORIGIN
last-modified: Tue, 20 Apr 2021 15:35:21 GMT
etag: "26ce-5c06931abe040"
accept-ranges: bytes
content-length: 9934
x-olb-req-received: t=1666454094737970
x-olb-req-duration: D=243
access-control-allow-origin: *
content-type: text/html
cache-control: max-age=852
expires: Sat, 22 Oct 2022 16:09:06 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=59
strict-transport-security: max-age=15768000
lb-action: None, None
set-cookie: ak_bmsc=10FC5E6C8EB517DD98C79853D31D1AFA~000000000000000000000000000000~YAAQnE8kF3oI9uaDAQAAU4RnABFblwPZKmXERJc82BOv7nGdSJ0hnJ5FxeIHXanppHUeb9PlNdxPm69gjoPNndIaD8WYP4LvQudXoKDdKItmFTLKuMbwjJiVkhpwGC3Qdt4/7RuH6LYVcDQvXEabpJh/zAYS6KSFGXPAI+fRs0N+5WHAqiZFjs1fNYb3Ejfps9V9MGNhM7clN+ZFKPrny17//lcKuL/itI3v3KesmbCjMoNoKcTiolJbvhywfHPwIIEgXdajGxXKpuZOQpWirD4moGI3TcdDybxtjW2iA+oz+fsdlzvWnwDYkea9IwjPsX7pPQ+grl/FtGE3xVasNsB3gxeCkIZxX0bc/aJt/wBBhb4yc3br2v1x9d1e37Q22tvy3KqAqBpABMeXgOcrG6UlQCYg; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 17:54:54 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png
104.110.3.220200 OK 292 B URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png
IP 104.110.3.220:0
File type PNG image data, 16 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 18ffa7c3d8f40b5da7df780d91930e20
524ca8ffaadbd033fd0504fe580d47315690afa1
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
GET /efs/efs/grafx/icon-secure.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "124-5e6a235cbd9f7"
accept-ranges: bytes
content-length: 292
x-olb-req-received: t=1665902333471989
x-olb-req-duration: D=145
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597468
expires: Sat, 29 Oct 2022 13:52:42 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png
104.110.3.220200 OK 364 B URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png
IP 104.110.3.220:0
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 35a7359b239ddca8639017dfc4b71b4a
dfdd659f24502fbe7dd79c9564e1e528233fdcad
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
GET /efs/efs/grafx/flows-tooltip.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "16c-5e6a235cbab17"
accept-ranges: bytes
content-length: 364
x-olb-req-received: t=1665902333449146
x-olb-req-duration: D=127
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597494
expires: Sat, 29 Oct 2022 13:53:08 GMT
date: Sat, 22 Oct 2022 15:54:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png
104.110.3.220200 OK 1.0 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png
IP 104.110.3.220:0
File type PNG image data, 18 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash e7b1dd2b4db648b74fc5b873e7196a87
2f053c0827091b3929ea889dd2dc5c923dcb450a
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e
GET /efs/efs/grafx/arrow-button-white.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "3f9-5e6a235ca4d07"
accept-ranges: bytes
content-length: 1017
x-olb-req-received: t=1665902333578008
x-olb-req-duration: D=97
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597312
expires: Sat, 29 Oct 2022 13:50:07 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png
104.110.3.220200 OK 1.1 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png
IP 104.110.3.220:0
File type PNG image data, 28 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash dc25c0429ceba4038c36551d05760dd7
a79832f9ae49997cd90701d48a02bd06bf29a7d0
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
GET /efs/efs/grafx/arrow-down-blue.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "41e-5e6a235ca4d07"
accept-ranges: bytes
content-length: 1054
x-olb-req-received: t=1665902333438403
x-olb-req-duration: D=100
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597491
expires: Sat, 29 Oct 2022 13:53:06 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png
104.110.3.220200 OK 165 B URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png
IP 104.110.3.220:0
File type PNG image data, 7 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash 1792e4aa4d2d86dec430ef9a60362a35
90b9e9c14f636362e9558d14fefe15782f75d256
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69
GET /efs/efs/grafx/arrow-right-orange.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "a5-5e6a235ca5357"
accept-ranges: bytes
content-length: 165
x-olb-req-received: t=1665902333683140
x-olb-req-duration: D=140
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597361
expires: Sat, 29 Oct 2022 13:50:56 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff
104.110.3.220200 OK 18 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff
IP 104.110.3.220:0
File type Web Open Font Format, TrueType, length 18524, version 0.0\012- data
Hash 022cb73ac43269074f73e97b9cca4f2d
85f96bbe6d675a4892fbb483cde78c6eb9419d78
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
GET /efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "485c-5e885b034aefa"
accept-ranges: bytes
content-length: 18524
x-olb-req-received: t=1665902333523263
x-olb-req-duration: D=197
access-control-allow-origin: *
cache-control: max-age=597480
expires: Sat, 29 Oct 2022 13:52:55 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff
104.110.3.220200 OK 32 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff
IP 104.110.3.220:0
File type Web Open Font Format, TrueType, length 31864, version 1.0\012- data
Hash 0dd22599312493e4bb7b8662f71dddcc
29f5fd587566f80d886dc0109f53ecf47eb5bbf5
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
GET /efs/efs/jsp-ns/inc/css/font/citizen_book.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "7c78-5e885b034f78f"
accept-ranges: bytes
content-length: 31864
x-olb-req-received: t=1665902334048084
x-olb-req-duration: D=227
access-control-allow-origin: *
cache-control: max-age=597443
expires: Sat, 29 Oct 2022 13:52:18 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff
104.110.3.220200 OK 28 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff
IP 104.110.3.220:0
File type Web Open Font Format, TrueType, length 27852, version 1.0\012- data
Hash 76f4964f6d001aa6967fb570438d80cc
5259516d0615338a701e5a19a37d6bc45c6bcedc
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
GET /efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "6ccc-5e885b034f545"
accept-ranges: bytes
content-length: 27852
x-olb-req-received: t=1665902334049950
x-olb-req-duration: D=159
access-control-allow-origin: *
cache-control: max-age=597451
expires: Sat, 29 Oct 2022 13:52:26 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
23.254.132.83404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
IP 23.254.132.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/hhf/js/citizensHeaderFooter-citizensns42588.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:55 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.244.155.70200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.244.155.70:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Pragma, Content-Length, Content-Type, ETag, Retry-After, Cache-Control, Last-Modified, Backoff, Expires
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 22 Oct 2022 15:36:24 GMT
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 15:06:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dc5ba6653148afa9504262089bb395dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: yAC-tE5-T015XjKCNsHR0jrU_hKb79yUKpnDyZjd9gk1Zcfh1ikXjQ==
Age: 3065
citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
23.254.132.83404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
IP 23.254.132.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /content/930e113327rn2365aa3b7b98b0447e8d HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:55 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5709
Cache-Control: max-age=150419
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 15:54:55 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:41:54 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
23.254.132.83404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
IP 23.254.132.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/efs/jsp-ns/scripts/common.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=168976e439826e385d0deba96&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CMCMID%7C13143214040837824590241260337981818122%7CMCAID%7CNONE%7CMCOPTOUT-1666461284s%7CNONE%7CMCAAMLH-1667058884%7C6%7CMCAAMB-1667058884%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19295%7CvVersion%7C5.0.1; mdLogger=false; kampyle_userid=b9ec-113e-1c1e-0850-3118-4b28-deea-9d46; kampyleUserSession=1666454084344; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; LPVID=IwMTNlOWRjMzg1MmRmMjhh
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 15:54:55 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9997
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png
104.110.3.220200 OK 14 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png
IP 104.110.3.220:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 172ee65ce7e2afc164fb89579d8060b2
1bcc0c40ce0dd35f4150e286d4da86eb5150d2da
6031e1710c50b5ade8d4fe1f9d2a7885caa5f18493944871891d9bf847dcec0e
GET /efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "3653-5e885b03510a1"
accept-ranges: bytes
content-length: 13907
x-olb-req-received: t=1665902334263596
x-olb-req-duration: D=181
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597334
expires: Sat, 29 Oct 2022 13:50:29 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png
104.110.3.220200 OK 11 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png
IP 104.110.3.220:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f62b2664dd6a40ab3a9f7af34412f8b7
02438189257c795c3726e4f45b1ce3bb921255d5
707a3217546ca6852234cb3fa3b61f458581ca943b6195032ba9efe7e1e0ee5f
GET /efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "2a77-5e885b0354b35"
accept-ranges: bytes
content-length: 10871
x-olb-req-received: t=1665902333725314
x-olb-req-duration: D=145
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=597260
expires: Sat, 29 Oct 2022 13:49:15 GMT
date: Sat, 22 Oct 2022 15:54:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D
13.224.245.32200 OK 397 B URL HTTP/1.1 nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D
IP 13.224.245.32:0
File type ASCII text, with very long lines (396)
Hash 219445f97271fae59d8de146886b5eb6
f8bfbd83d1242123feb4ed0a4dff01b304c672e4
cbf8fa4907e237559aeffc256d8eddc73ebcabbfd9fd17d99e4437e530c18cec
GET /citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 397
Connection: keep-alive
Server: nginx
Date: Sat, 22 Oct 2022 15:54:55 GMT
Expires: Sat, 22 Oct 2022 15:54:54 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 f2f35cfbe251bd412f460c97cca8770c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: hfiYOPLmccNSt1BI7-DbuNkuUgbR7oM7GM32EU-Y4QD-Dzq2yyPpjQ==
nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117
13.224.245.32200 OK 31 kB URL HTTP/1.1 nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117
IP 13.224.245.32:0
File type ASCII text, with very long lines (1970)
Hash 3d2d25ef325eac356d449d8df162c7e5
b181f4221b3190118630f334403a218e7887eb92
82b8253b53400a2508202f2329064ac51c74d09e8361d7ef393b87793199e858
GET /citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:33 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 04:24:01 GMT
ETag: W/"7f943d1386ac8d666a04c5f7c1aca6a2"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: 7Vz_bNM1vqq_ptJsDOdn8z3nddxBTl2j
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f2f35cfbe251bd412f460c97cca8770c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: dBPY4-2d7IRXOyq2WPjU8Kiv6Qu9SW_Imqf-gf7BXNtEDIzcVpinmQ==
Age: 902603
nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909
13.224.245.32200 OK 4.5 kB URL HTTP/1.1 nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909
IP 13.224.245.32:0
File type ASCII text, with very long lines (564)
Hash fd603d97b40b9255bfad0347af30b289
4dbc7e969f3d64bd0e668bb424284a2cf1c134d5
9cf6e47fb2dfb89d2ffc01f75ffc38c7eac7d9ad07f11d39597ca329067c3f6f
GET /citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:33 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 03:57:00 GMT
ETag: W/"42ede44761b41779f967c114c118aa3e"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: NiK352lECAFDggvv33Jq9naFD_ydY3Ez
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 704990717f84876e269b7e943738c392.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: wQbjXS6qF_Iq8MWHr_zjbdgcBvRvRuRB2BSjVEuBSr7_gYbRl8uxUw==
Age: 902603
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e63e513dcf53ce7553e7b0823c6a14a4
339b57dfcff07274c5760a3eca84e85313801a13
0e2fa20095d3d2116bdabd8fcda346d45c6bca2c5aab1cc87811cc5ed62d72be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 15:43:26 GMT
Expires: Sat, 29 Oct 2022 15:43:25 GMT
Etag: "339b57dfcff07274c5760a3eca84e85313801a13"
Cache-Control: max-age=603509,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a111d12b517-OSL
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fFvbFqq6CTqLy0gLOcpepQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 84UoQzZH/qtO/AB5nZZHxqqoAyg=
lptag.liveperson.net/tag/tag.js?site=89632304
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=89632304
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=89632304 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:55 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.appdynamics.com/adrum/adrum-latest.js?
18.165.201.17200 OK 40 kB URL HTTP/1.1 cdn.appdynamics.com/adrum/adrum-latest.js?
IP 18.165.201.17:0
File type ASCII text, with very long lines (644)
Hash cd86db0f552897dc33e8433d0cf9bad2
676df314ca85d1418ffb110f3979c31281da027d
fd30f76d2b4bebd4b4bd680793a8a993b46a15808c0cea0533e629fc2990889f
GET /adrum/adrum-latest.js? HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin: *
Content-Encoding: gzip
Date: Fri, 21 Oct 2022 17:25:06 GMT
Cache-Control: public, max-age=2678400, s-max-age=14400
ETag: W/"6317b609-1b2d9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 25bae94046433e736c44a6c37f27c7c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: ukoej2dZaamm61PtpUlM5Hmsar-6FeUm4lDoVAvKmjR65UHEcODQog==
Age: 80989
cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
104.18.15.22301 Moved Permanently 167 B URL HTTP/1.1 cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
IP 104.18.15.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /citizen/OLB/p/detector-dom.min.js? HTTP/1.1
Host: cdn.glassboxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 15:54:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
X-Cache: Redirect from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3dMzgCIzBCmWarPpdFVhHPbge43pGelybb4-bso8rh92kXxiyqpfPA==
CF-Cache-Status: HIT
Age: 396
Expires: Sat, 22 Oct 2022 19:54:55 GMT
Cache-Control: public, max-age=14400
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e36a137cc7b4f4-OSL
cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
18.165.201.17200 OK 20 kB URL HTTP/1.1 cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
IP 18.165.201.17:0
File type ASCII text, with very long lines (574)
Hash cca1b9c013b93bd73bf4f55b122ba8db
ed011720d910a5b69db06ebaabcd95d013255752
d5ef573c9770681c3a75ec78445d0c785ca6659a0cf25f145ddfbae414b0b77a
GET /adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 01 Oct 2022 05:28:16 GMT
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:12 GMT
ETag: W/"6317b608-d132"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Cache-Control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 25bae94046433e736c44a6c37f27c7c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: uMABiiMI8Y5ZFOSFFf2Re3sRF3VATfO5JF1CEY9aVs9pDU2HpzChdA==
Age: 1851999
nebula-cdn.kampyle.com/wu/356861/onsite/embed.js
151.101.85.175200 OK 517 B URL HTTP/2 nebula-cdn.kampyle.com/wu/356861/onsite/embed.js
IP 151.101.85.175:0
File type ASCII text, with very long lines (573)
Hash e8a4b8a535ad76225074264c54ea0715
ddac064bbfb77a8431cb810189043ff97b8e84fe
32a10a956e30f4b84dbaf4230037a1fd36c15bcdd345719b9393b9c2517f00b6
GET /wu/356861/onsite/embed.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ioqo2qnTXz9VPyGdm9U7px0r0c1Pgid1Py+qsRqCxp9kPiSNLtcKr3SrbhV53EloBo04Gq0y+98=
x-amz-request-id: T3BZVBR1VJB17J2B
last-modified: Wed, 05 Oct 2022 21:33:25 GMT
etag: "8b72f36bbd0721428f49dda9c3bd04ac"
x-amz-version-id: P0vUE_TJe.yQCf1POgYtfWkHzc0CIb7I
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 15:54:55 GMT
via: 1.1 varnish
age: 1436695
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1666454096.981130,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 517
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520016,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13bfecb517-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13fa68b4eb-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13fd6b0af6-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13f934b50f-OSL
nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
151.101.85.175200 OK 114 kB URL HTTP/2 nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
IP 151.101.85.175:0
File type Unicode text, UTF-8 text, with very long lines (53527)
Size 114 kB (114411 bytes)
Hash 875e1611678facfc534c2922ee9f04d1
d045b6a4a0bd45ae1eb134ca1365fe1ff576d8d2
b39dbd6935f69b4f403b183bad057b18b9df8e9c7ac7a3dcc2b123d66cdfbaab
GET /us/wu/356861/onsite/generic1665005603563.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 9cQsV036v9UHxHIBBS6ddnOPtu7hupqDHYzTkS5r9D6ofic601WFFGZbpPC4Zcf0I2Hddoonung=
x-amz-request-id: 531P45J50X314A2H
last-modified: Wed, 05 Oct 2022 21:33:24 GMT
etag: "ba78af14d365f8ccbd56a01ca6bf1c05"
x-amz-version-id: sS15mP2HP1_gvO6GweV7zdqjZ8tqzGJg
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 15:54:56 GMT
via: 1.1 varnish
age: 1435591
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1666454096.029603,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 114411
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fca3b625928b8f0507cf1569d9c188cc
25efc79d4d6371040b33025fe9b3a60b3d431e1e
a6900cc898a42c36f943c2bea70b80a79ec827dbf31d8f50c2a941c8b085c12f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: max-age=136413
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 15:54:56 GMT
Etag: "63537a70-1d7"
Expires: Mon, 24 Oct 2022 05:48:29 GMT
Last-Modified: Sat, 22 Oct 2022 05:06:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=13143214040837824590241260337981818122&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1666454110563
52.31.4.32200 OK 1.3 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=13143214040837824590241260337981818122&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1666454110563
IP 52.31.4.32:0
File type JSON data\012- , ASCII text, with very long lines (3749), with no line terminators
Hash 975f9ffa53b888d78f70936f981f1e50
5248fce34e5320872891851e89c887a5db0edd57
df8a3c9d19ebd3f4928a0c0c1500ce2f595d3698f17c764ffb099d1110445eeb
GET /id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=13143214040837824590241260337981818122&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1666454110563 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://citizens-online-support.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-0ea413a51.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=74049107192624089801906428995725083762; Max-Age=15552000; Expires=Thu, 20 Apr 2023 15:54:56 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: A7yP1hBoSOM=
Content-Length: 1308
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=520015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a13f9571c06-OSL
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true
178.249.97.98200 OK 18 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true
IP 178.249.97.98:0
File type ASCII text, with very long lines (38447)
Hash f4f2cca8e24e109741c7f9d551e99e59
ff979949e59c0a1aa7bd660f5f2df41060bb47de
06b66f0cdeeb0542d15a30358805d6c0c0051aad45cda55a26b022845a44a545
GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsps.ssl.com/
52.6.97.148200 OK 1.8 kB IP 52.6.97.148:0
Hash ba9a1fa780a4fc6f144a3c834eefd27b
129d065f4a8ce68f5042a1c8c2413a3f33656da0
c2ad56e8e97bc352343ea4e4c4f1882284d56db37a8fff799a2faf3ca1bb0b75
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 15:54:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Sat, 29 Oct 2022 15:30:20 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "129d065f4a8ce68f5042a1c8c2413a3f33656da0"
Last-Modified: Sat, 22 Oct 2022 15:30:21 GMT
X-Proxy-Cache: HIT
accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB
178.249.101.99200 OK 307 kB URL HTTP/2 accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB
IP 178.249.101.99:0
Size 307 kB (307189 bytes)
Hash fc19f0e42806c5bce656210f4cfc0f01
2e71bca8851d2b6cc5de9797e5a005d1f5f418a9
871f3c0a55240bcaf798b571b870373dd3ac79091468ef0276b588e9912f3682
GET /api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:5d04c41a-c3d4-4d5a-a01d-635953d37066; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
ADRUM_BTa=R:35|g:5d04c41a-c3d4-4d5a-a01d-635953d37066|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:7; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 15:55:56 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9MTY4OTc2ZTQzOTgyNmUzODVkMGRlYmE5NiZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NTQxMTA3ODciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwNjc1YWU0MmNjLTBiMjRjYTc4MTY0NzYtMzA2ZDQ2NGEtMTQwMDAwLTE4NDAwNjc1YWU1YjciLCJlbnZpcm9tZW50IjogInByb2RVc09yZWdvbiIsImFjY291bnRJZCI6IDM1Njg2MCwidXJsIjogImh0dHA6Ly9jaXRpemVucy1vbmxpbmUtc3VwcG9ydC5jb20vY2l0aXplbmJhbmsvbG9naW4ucGhwP29ubGluZV9pZD0xNjg5NzZlNDM5ODI2ZTM4NWQwZGViYTk2JmNvdW50cnk9Jmlzbz0iLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImI5ZWMtMTEzZS0xYzFlLTA4NTAtMzExOC00YjI4LWRlZWEtOWQ0NiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDU0MTEwNzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4MSwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ1NDExMDc4NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
35.241.45.82200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9MTY4OTc2ZTQzOTgyNmUzODVkMGRlYmE5NiZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NTQxMTA3ODciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwNjc1YWU0MmNjLTBiMjRjYTc4MTY0NzYtMzA2ZDQ2NGEtMTQwMDAwLTE4NDAwNjc1YWU1YjciLCJlbnZpcm9tZW50IjogInByb2RVc09yZWdvbiIsImFjY291bnRJZCI6IDM1Njg2MCwidXJsIjogImh0dHA6Ly9jaXRpemVucy1vbmxpbmUtc3VwcG9ydC5jb20vY2l0aXplbmJhbmsvbG9naW4ucGhwP29ubGluZV9pZD0xNjg5NzZlNDM5ODI2ZTM4NWQwZGViYTk2JmNvdW50cnk9Jmlzbz0iLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImI5ZWMtMTEzZS0xYzFlLTA4NTAtMzExOC00YjI4LWRlZWEtOWQ0NiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDU0MTEwNzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4MSwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ1NDExMDc4NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
IP 35.241.45.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9MTY4OTc2ZTQzOTgyNmUzODVkMGRlYmE5NiZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NTQxMTA3ODciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwNjc1YWU0MmNjLTBiMjRjYTc4MTY0NzYtMzA2ZDQ2NGEtMTQwMDAwLTE4NDAwNjc1YWU1YjciLCJlbnZpcm9tZW50IjogInByb2RVc09yZWdvbiIsImFjY291bnRJZCI6IDM1Njg2MCwidXJsIjogImh0dHA6Ly9jaXRpemVucy1vbmxpbmUtc3VwcG9ydC5jb20vY2l0aXplbmJhbmsvbG9naW4ucGhwP29ubGluZV9pZD0xNjg5NzZlNDM5ODI2ZTM4NWQwZGViYTk2JmNvdW50cnk9Jmlzbz0iLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImI5ZWMtMTEzZS0xYzFlLTA4NTAtMzExOC00YjI4LWRlZWEtOWQ0NiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDU0MTEwNzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4MSwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ1NDExMDc4NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-mmdt
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 3.1 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
File type ASCII text, with very long lines (8603), with no line terminators
Hash de2ebef28669ca9a7e1c58f0270966f8
db24fe01acb8139558592ddf9d4545ffb0335131
b483fb303814d6313574d22cc0b9e8852a93db9c089ce6d69dee30a9596499bb
GET /le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:41 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3460
Expires: Sat, 22 Oct 2022 16:52:36 GMT
Date: Sat, 22 Oct 2022 15:54:56 GMT
Connection: keep-alive
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 31 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
Hash 52a11bc0692f73fff13ca061ed3b6f9d
b5a668c5b1576e0f6f911a09d0d3eddfb1d5f831
ae90114eb163ec826b255316a889af28c6f139eb09c104ca8334aee0b4a077c9
GET /le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 15 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
Hash 99050c6271b800097866911ce332f8a6
43ff621e1b311a7d4fb61d840dfd25a1724623b2
20e809929b6e95fefcd2d68b505567b703d5663cafc867d132ab612a14f037c9
GET /le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:40 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3460
Expires: Sat, 22 Oct 2022 16:52:36 GMT
Date: Sat, 22 Oct 2022 15:54:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3460
Expires: Sat, 22 Oct 2022 16:52:36 GMT
Date: Sat, 22 Oct 2022 15:54:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
34.120.237.76200 OK 2.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AsSDzjeB5RvDY9ZCxMe-b1bTQiQI6r2yB-PPBo9Qap4hWMINj4wmSA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 13:22:13 GMT
age: 9163
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 63291
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ef386b42bd6b9efb747cfeb3d64fb7a
db63f62383d513348c1ef231ea4fb58d7e1e044e
988cb73f0fef893d2d65a66fad0b171350102f4496fa5ba22e415d5929373d0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10684
x-amzn-requestid: 643c8e7b-15e9-4241-8ba1-e3f4a4592373
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okE7AoAMFjDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-705159c619bc23880acd4d42;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Npq_KhYynsGPhwdVvIa_JeWi13m74Qgm7vw5GyWDydH7tzON7p0MYA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 64464
etag: "db63f62383d513348c1ef231ea4fb58d7e1e044e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26c47e4b0147f8dee3e71a53a8f2830c
381edb4758da428db5ffe884f8fb38bf11044f69
b507898359abbcb1f57821c147a58df66d7e81acc198afc997527b58cd835b39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11151
x-amzn-requestid: 5c32e307-f2a7-4050-a96f-a47667ec4752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-NEFTKoAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b9-2fc77f394ca297126abaed94;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ib4A9F4pA6k1iYdefeQokFkEkmqlEASJ2d20BQ6gqRYj3teYDu8Cyg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:20 GMT
age: 63636
etag: "381edb4758da428db5ffe884f8fb38bf11044f69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hitgYm684zdpmL8IbPzFxhPWRrc2-VmnlofdTiPhJzkrc26mgXTTTA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:41 GMT
age: 64455
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 64464
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=1&cfg=27baeec&pv=2&aid=
54.235.78.87200 OK 140 B URL HTTP/1.1 report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=1&cfg=27baeec&pv=2&aid=
IP 54.235.78.87:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0502320d2bbbf631c17e7e4cd83ba0ad
83ca6151f5b88d84c4482f52f8bc656f34df88e0
01443509621836b99c1c78ecd2b59e3c30afdf2ebd2e0407a34ed034da1628d8
POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=1&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4698
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_cfgver=27baeec; _cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c; _cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0; AWSALBCORS=e3vDPTt/laWJtxa6f3mXblnMdv7LcvJ2t71RwjPy0lDyd4Z7w2XzUcXLcDqS6CtmRa6uyLFO6nVyxsVJZnOSl/aJScBKaUGJs436TDJrwjLaag2rQ5MRzRknBO/N
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=7D0VVL2vyFVruvAuNUyFFk8IP9lKYFhBiN8ICBoikMCvlWYpimfDwFeMHmfXeatOdc2h3zuge4QRQbS0MXdt5bb8xOxNmdf9/shLoh11HpkQmajvUwIy5+G9umkQ; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/
AWSALBCORS=7D0VVL2vyFVruvAuNUyFFk8IP9lKYFhBiN8ICBoikMCvlWYpimfDwFeMHmfXeatOdc2h3zuge4QRQbS0MXdt5bb8xOxNmdf9/shLoh11HpkQmajvUwIy5+G9umkQ; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5025
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=2&cfg=27baeec&pv=2&aid=
54.235.78.87200 OK 140 B URL HTTP/1.1 report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=2&cfg=27baeec&pv=2&aid=
IP 54.235.78.87:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0502320d2bbbf631c17e7e4cd83ba0ad
83ca6151f5b88d84c4482f52f8bc656f34df88e0
01443509621836b99c1c78ecd2b59e3c30afdf2ebd2e0407a34ed034da1628d8
POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=2&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 8245
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_cfgver=27baeec; _cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c; _cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0; AWSALBCORS=e3vDPTt/laWJtxa6f3mXblnMdv7LcvJ2t71RwjPy0lDyd4Z7w2XzUcXLcDqS6CtmRa6uyLFO6nVyxsVJZnOSl/aJScBKaUGJs436TDJrwjLaag2rQ5MRzRknBO/N
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=cgiu6A5lgMif2GSx6GRXedOnV21o8uOBUZ2vRUgvG9cNbkHfM3uA2KgLilO39h/44QcVV3MSaMQpbS3ndorOhByVPwFRvTLOwXMaHCPP9mCiyEVM8r8gqwTb7zAS; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/
AWSALBCORS=cgiu6A5lgMif2GSx6GRXedOnV21o8uOBUZ2vRUgvG9cNbkHfM3uA2KgLilO39h/44QcVV3MSaMQpbS3ndorOhByVPwFRvTLOwXMaHCPP9mCiyEVM8r8gqwTb7zAS; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5025
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 913f1b27298f63f2a7fd4e4bd111c122
5b7617638b7cb79d235be543f55e2242de9329f7
3edb79be98abcf38d13935f26dd4432747020edf620904eaa8888db00820706a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 11:37:43 GMT
Expires: Fri, 28 Oct 2022 11:37:42 GMT
Etag: "5b7617638b7cb79d235be543f55e2242de9329f7"
Cache-Control: max-age=502364,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e36a1e2c7fb517-OSL
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=3&cfg=27baeec&pv=2&aid=
54.235.78.87200 OK 140 B URL HTTP/1.1 report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=3&cfg=27baeec&pv=2&aid=
IP 54.235.78.87:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0502320d2bbbf631c17e7e4cd83ba0ad
83ca6151f5b88d84c4482f52f8bc656f34df88e0
01443509621836b99c1c78ecd2b59e3c30afdf2ebd2e0407a34ed034da1628d8
POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=3&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 584
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_cfgver=27baeec; _cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c; _cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0; AWSALBCORS=7D0VVL2vyFVruvAuNUyFFk8IP9lKYFhBiN8ICBoikMCvlWYpimfDwFeMHmfXeatOdc2h3zuge4QRQbS0MXdt5bb8xOxNmdf9/shLoh11HpkQmajvUwIy5+G9umkQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=CK05w/79c7mOlP+3axR6A2T+ZzQNSOpbrxaKtlj5qqk7KccCvUANJGINIfo+82pb/nGZdPlO7pXwoEpwfajGOp4bwE05sfI9v3T9VcQz+eyerX7T4b4nS4zcdYRK; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/
AWSALBCORS=CK05w/79c7mOlP+3axR6A2T+ZzQNSOpbrxaKtlj5qqk7KccCvUANJGINIfo+82pb/nGZdPlO7pXwoEpwfajGOp4bwE05sfI9v3T9VcQz+eyerX7T4b4nS4zcdYRK; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5025
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=4&cfg=27baeec&pv=2&aid=
54.235.78.87200 OK 140 B URL HTTP/1.1 report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=4&cfg=27baeec&pv=2&aid=
IP 54.235.78.87:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0502320d2bbbf631c17e7e4cd83ba0ad
83ca6151f5b88d84c4482f52f8bc656f34df88e0
01443509621836b99c1c78ecd2b59e3c30afdf2ebd2e0407a34ed034da1628d8
POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0&_cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c&pid=3240de5d-da11-4bdb-bb60-627ee36b483c&sn=4&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 329
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_cfgver=27baeec; _cls_v=470c1e2a-8286-49a3-823d-8c09dabb467c; _cls_s=77e77d4f-10d0-4a3f-af5d-99c13b701256:0; AWSALBCORS=cgiu6A5lgMif2GSx6GRXedOnV21o8uOBUZ2vRUgvG9cNbkHfM3uA2KgLilO39h/44QcVV3MSaMQpbS3ndorOhByVPwFRvTLOwXMaHCPP9mCiyEVM8r8gqwTb7zAS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 15:54:57 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=L1cRjBcNOWySiMdduDOtITaLrJ1cwGjnHPe261kBYXrswzw7ZkTCpiNrHEJv9lg8wCEcc39Pnk60bhwXTWXYworskEfTMyKWmcTMVJbl6wZR8vfXU1cKMt3mxFwF; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/
AWSALBCORS=L1cRjBcNOWySiMdduDOtITaLrJ1cwGjnHPe261kBYXrswzw7ZkTCpiNrHEJv9lg8wCEcc39Pnk60bhwXTWXYworskEfTMyKWmcTMVJbl6wZR8vfXU1cKMt3mxFwF; Expires=Sat, 29 Oct 2022 15:54:57 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5025
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a03e874f79f96ea8f359696750b166e9
7568be3098bdd9506411e8451ef8afc71bb41b12
ac0f6cb3b5455698612fd7363b89e669a7503d824331d07e8166e1f600abdabb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5570
Cache-Control: max-age=90186
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 15:55:02 GMT
Etag: "6352b9de-1d7"
Expires: Sun, 23 Oct 2022 16:58:08 GMT
Last-Modified: Fri, 21 Oct 2022 15:25:18 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 471
cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
104.18.15.22200 OK 0 B URL HTTP/2 cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
IP 104.18.15.22:0
GET /citizen/OLB/p/detector-dom.min.js? HTTP/1.1
Host: cdn.glassboxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:55 GMT
content-type: application/javascript
last-modified: Thu, 13 May 2021 10:48:21 GMT
x-amz-version-id: bbfnKPP3ulrtofSzPJqgXAlMwVq2hNWe
content-encoding: gzip
etag: W/"845173368b011e7fa14658b57426fe09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: TjES7ym4ShstKtpj1GLznZjl8VeU-G2N0yGQlAXn4IB-OQXucq9_RQ==
cf-cache-status: HIT
age: 396
expires: Sat, 22 Oct 2022 19:54:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 75e36a13feb90b49-OSL
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb74722x92601&t=sp&ts=1666454111907&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh&rvt=1666454072360&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226af62bef-1e94-4376-b62b-ef1e94037673%22%2C%22account%22%3A%2289632304%22%7D%5D
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb74722x92601&t=sp&ts=1666454111907&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh&rvt=1666454072360&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226af62bef-1e94-4376-b62b-ef1e94037673%22%2C%22account%22%3A%2289632304%22%7D%5D
IP 208.89.12.87:0
GET /api/js/89632304?sid=88D-sqrbTGe6u8XRLFhtFw&cb=lpCb74722x92601&t=sp&ts=1666454111907&pid=2868287914&tid=957869324&vid=IwMTNlOWRjMzg1MmRmMjhh&rvt=1666454072360&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D168976e439826e385d0deba96%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226af62bef-1e94-4376-b62b-ef1e94037673%22%2C%22account%22%3A%2289632304%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:57 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
GET /le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/adrum
35.166.110.234200 OK 0 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/adrum
IP 35.166.110.234:0
POST /eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12511
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:55:02 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:35|g:b6dda4dc-81aa-41f0-b275-d3ae991a46a5;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30
ADRUM_BTa=R:35|g:b6dda4dc-81aa-41f0-b275-d3ae991a46a5|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30;Secure
ADRUM_BT1=R:35|i:559461;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30
ADRUM_BT1=R:35|i:559461|e:6;Path=/;Expires=Sat, 22-Oct-2022 15:55:32 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.101.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.101.23:0
GET /lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:55 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:94b99ae0-3ddb-490b-880a-c175dfde4962; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
ADRUM_BTa=R:35|g:94b99ae0-3ddb-490b-880a-c175dfde4962|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:5; Max-Age=30; Expires=Sat, 22-Oct-2022 15:55:26 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 15:55:56 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
GET /le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 15:54:56 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:46 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 15:54:56 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2