Report - citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=

Report Overview

Submitted URL
citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=
IP
23.254.132.83
ASN
#54290 HOSTWINDS
Submitted
2022-10-22 18:34:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
accdn.lpsnmedia.net	3410	2014-02-08T00:25:14Z	2023-03-09T05:15:13Z	1.3 kB	5.6 kB	178.249.101.99
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	18.244.155.120
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.3 kB	3.5 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
ocsp.entrust.net	1208	2014-01-10T03:18:45Z	2023-03-09T05:17:25Z	1.6 kB	9.8 kB	104.110.10.32
nexus.ensighten.com	2786	2012-05-23T20:34:00Z	2023-03-09T05:51:16Z	1.6 kB	71 kB	13.224.245.122
citizensbank.demdex.net	68781	2017-03-23T22:06:39Z	2023-03-07T08:48:58Z	490 B	3.4 kB	52.211.12.99
cm.everesttech.net	996	2017-01-30T05:59:57Z	2023-03-09T05:14:52Z	425 B	475 B	34.248.32.199
report.citizen.glassboxdigital.io	69073	2020-07-14T15:57:28Z	2023-03-09T15:01:48Z	2.5 kB	3.2 kB	3.87.234.62
nebula-cdn.kampyle.com	3739	2015-09-21T18:24:38Z	2023-03-09T11:23:01Z	1.1 kB	117 kB	151.101.85.175
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	676 B	2.0 kB	108.138.212.95
citizens-online-support.com	unknown	2022-10-21T11:17:31Z	2022-11-23T01:19:38Z	3.4 kB	30 kB	23.254.132.83
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	35.161.231.36
lptag.liveperson.net	3393	2012-08-02T18:15:51Z	2023-03-09T05:15:12Z	831 B	424 kB	178.249.101.23
udc-neb.kampyle.com	3039	2015-12-24T10:52:27Z	2023-03-09T10:59:45Z	2.1 kB	518 B	35.241.45.82
www4.citizensbankonline.com	159092	2015-07-16T17:40:11Z	2023-03-08T19:39:13Z	770 B	1.8 kB	104.110.3.220
lpcdn.lpsnmedia.net	3501	2014-04-27T12:17:58Z	2023-03-09T08:07:42Z	2.9 kB	349 kB	178.249.97.98
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
www3.citizensbankonline.com	125923	2012-07-05T15:46:01Z	2023-03-07T08:48:57Z	9.8 kB	263 kB	104.110.3.220
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	1.3 kB	3.2 kB	93.184.220.29
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-09T05:14:52Z	2.2 kB	4.6 kB	54.77.35.16
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	61 kB	34.120.237.76
va.v.liveperson.net	3906	2017-01-30T06:15:13Z	2023-03-09T09:30:37Z	840 B	1.2 kB	208.89.12.87
cdn.glassboxcdn.com	11045	2017-08-10T20:05:54Z	2023-03-09T09:31:51Z	695 B	1.4 kB	104.18.14.22
cdn.appdynamics.com	3266	2017-01-26T21:49:30Z	2023-03-08T12:42:49Z	613 B	62 kB	18.165.201.17
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	2.6 kB	7.7 kB	172.64.155.188
ocsps.ssl.com	14517	2018-11-21T11:22:19Z	2023-03-09T14:05:25Z	325 B	2.2 kB	52.6.97.148

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-22	medium	citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js	Phishing
2022-10-22	medium	citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js	Phishing
2022-10-22	medium	citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js	Phishing
2022-10-22	medium	citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d	Phishing
2022-10-22	medium	citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js	Phishing
2022-10-22	medium	citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d	Phishing
2022-10-22	medium	citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js	105 kB	2023-03-10	2023-03-10
Pretty URL nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js IP 13.224.245.122 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:53:53 Last Seen2023-03-10 14:55:53 Times Seen1 Hash e28169ebc267a281e5ca0d996e98214e 90297de8738f1fcd4d61e4bff0ce59d143978c2d 5adb5d548656117fa0e82394f44d4e2669d40ffbc850ad928e03dd774c8b4938 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 11:46:07 Times Seen37062568 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548	606 kB	2023-03-08	2023-03-12
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:21:07 Last Seen2023-03-12 18:21:59 Times Seen1 Hash 7258eae7df7f283ab43602df9614f103 af97f7cff1e72751a29674eb8624e0ed69127f58 07c9f195b802b98c0a702dd5f26467c81db912f5b272a407f7c4dea462ad4637 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548	7.9 kB	2023-03-07	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen365 Hash d53092c1d6e0a7a3d1bb802c67a6e1e9 2556ea4f15518fa36d0b92666e22ce28edec6745 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438 Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true	39 kB	2023-03-07	2024-03-12
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-03-12 06:48:19 Times Seen234 Hash a3a38a5d6888ddc1831a811e9d428c77 2ca5b076aea8b4c6ff7ad1873de4ade91d66511f d4676cbbadec76c9f89f5b771a7f4927d544b4d76801e40e9957493e038e0db4 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/desktopEmbedded.js?version=10.22.0.0-release_5548	981 kB	2023-03-08	2023-03-12
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/desktopEmbedded.js?version=10.22.0.0-release_5548 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:21:05 Last Seen2023-03-12 18:22:00 Times Seen1 Hash 846df34faf4c810fcbbb736bc34ab903 523355d29ea3f01a90574f0a4410e5eaa666bd8d 04ad75bb75fb9bd7ccfc6ced51ab98904f932b3737be7e03ca4dd2a01eb2ec88 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=	33 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen52 Hash 6abbcd946457998168ba6d439131e235 1d17c8ddac7abb2e14207b93cc3a8944044a3fa3 3d8de306ff5e9f5db214def3fb090fc9a8a37efc4117276a58b5ccd4eeb46017 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=	158 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:00:58 Last Seen2024-02-14 12:12:56 Times Seen75 Hash d063dd0adcd30d7f7ad112d0da02babe 7ff2e92c27808292fc2d6a58632baa4d0a92ca9a b45d35ed1d2f794538ea853ff3d60ec817168ef505ad5462afe8a9236ecf539b Loading...

	nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117	90 kB	2023-03-08	2023-04-02
Pretty URL nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117 IP 13.224.245.122 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2023-04-02 21:34:08 Times Seen14 Hash 7f943d1386ac8d666a04c5f7c1aca6a2 e734405ada56e5593d28b1c99c5944241ae4ec28 3b531a8826aeb7dd365eb418b6aee5b8204f5e38c311f588ad75bbe7de570b16 Loading...

	cdn.appdynamics.com/adrum/adrum-latest.js?	111 kB	2023-03-07	2024-02-27
Pretty URL cdn.appdynamics.com/adrum/adrum-latest.js? IP 18.165.201.17 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:55:15 Last Seen2024-02-27 00:41:08 Times Seen22 Hash deff3987ae725d726c0db6711bd5736f 0501d79c468f185c63590ac3c1a4918db7804d10 a4ea3de02f4ec1874478b152a09b89aecc2fc4f63ae2a4208ee8fb6585cebb11 Loading...

	cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js	54 kB	2023-03-07	2024-02-27
Pretty URL cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js IP 18.165.201.17 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:55:15 Last Seen2024-02-27 00:41:08 Times Seen30 Hash 2f00c36a98a61ed5bacde3c5ad0a3efe b6fcd72181d79a4225bb7cd4288260fa9aa44624 9b0f859e5508780a810e47e772554395a5d2ae5e679c338df1b6cd600d69dad2 Loading...

	www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js	15 kB	2023-03-07	2024-04-24
Pretty URL www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js IP 104.110.3.220 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:49 Last Seen2024-04-24 16:21:44 Times Seen2856 Hash 42306a279a9e831515347ae319181cd1 d069641242e4fe1beb6de8f53a77dd964c98bce0 cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8 Loading...

	cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?	373 kB	2023-03-07	2023-03-17
Pretty URL cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js? IP 104.18.14.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2023-03-17 12:37:45 Times Seen1 Hash 845173368b011e7fa14658b57426fe09 e848d5550ae3d080f6d17dcb7bb9bda7f30e0f35 539fb8c821a40281df9376733a982048cbee054507dc38c35b9a5df712f6abc5 Loading...

	accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB	6.9 kB	2023-03-07	2023-03-17
Pretty URL accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2023-03-17 12:37:45 Times Seen1 Hash 0dc35ab59200eba2ac8dbe479dde0851 17a02389e4efc492f44443d33c7a04041177a82e 909957127d7134ea1ed1c005a622d937aa8aadff84d0b0a3b0e4ed8fcdec186e Loading...

	accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb25335x14284	682 B	2023-03-10	2023-03-10
Pretty URL accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb25335x14284 IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:20:05 Last Seen2023-03-10 13:20:05 Times Seen1 Hash 52fde2d0580ed125a356a2bdfdbbb5cc f8e46883fa218bcc19af6c831cc7db1c4c0fff94 5d66ad1fb222f2b42ca14887a4465a1ccea35f720cf123b5ba81a931d2a7adff Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=	606 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen49 Hash dd23a19bc0a3ee76846efae627d939c1 6e62c6ee934439860343c8ce77e52bb4bea94b23 8f79346ad4fce32e9971e590ec9c76d8979f72971051fb4ff37a1e6b6acb56f4 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=	3.9 kB	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen49 Hash 148c64d137f73878ebf0e770a496ec61 9c11df9ed3ecd282193a1571a7701b83f1cea663 de729accb6b0199ce0eccc94b41eace66d70c535c35a096f586f0db848108865 Loading...

	nebula-cdn.kampyle.com/wu/356861/onsite/embed.js	1.1 kB	2023-03-08	2023-03-10
Pretty URL nebula-cdn.kampyle.com/wu/356861/onsite/embed.js IP 151.101.85.175 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:06:42 Last Seen2023-03-10 19:42:54 Times Seen1 Hash 8b72f36bbd0721428f49dda9c3bd04ac 3c787b89625f9fbff760c3be03b154aef6af8a36 4ba8fc34aa3793516de38635653f6a69d9ff1e9f14880f6b6df52d00bcfdad4c Loading...

	lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3	284 kB	2023-03-10	2023-03-10
Pretty URL lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 IP 178.249.101.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:20:05 Last Seen2023-03-10 13:20:05 Times Seen1 Hash 6e62a460fdca33d9200b59063762e56c c07776523a9a8c91676b716428e7daed47dad5dd 3ddc1276b9067dab8acd1de307bfc3f230d1bc9a17b175bc90f90437b7a05f92 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548	40 kB	2023-03-08	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:32:35 Last Seen2024-04-24 07:45:12 Times Seen485 Hash 0dfc7fa7d2051d776d5937b7a3a7c4dd e0548931c28581b7f1975bf8c2d8b03b94591b87 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548	94 kB	2023-03-07	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen448 Hash d32e789b3183ed4536dc36e4cabf74ec 6b90b3e6dc44c30dcfa273e7c48d31ec00aac82b 5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02 Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true	38 kB	2023-03-07	2023-03-17
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:25 Last Seen2023-03-17 12:47:48 Times Seen1 Hash 61148ce23c4cd6811279ba8f2f7fe051 cae94d41e6060c6dfad074287d8cf310a4ab3ae6 a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=	958 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen50 Hash af8a93628974f148067d327996088187 e716dcf0ef564b89f66a8732d10f826e3d11385f f43724e4ca408137c9b50930a5416481dde13a65dfbce942a85d27f09c660ba2 Loading...

	www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js	20 kB	2023-03-07	2024-02-14
Pretty URL www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js IP 104.110.3.220 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen91 Hash e3b11713a1b616fcac5f6c3b4b0b9e1b 82a8fc6f051d8b526d167ae7862efd2a2dab95e2 57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=	138 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen49 Hash e2d3b0bd12282cea9200f36be44b4f14 bf32cee71e578707194ab684a887709881585ccc 411d2d562326e1db3612706ee2907e6271e1443784ada6c347402120d3558d78 Loading...

	nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D	397 B	2023-03-10	2023-03-10
Pretty URL nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D IP 13.224.245.122 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:20:04 Last Seen2023-03-10 13:20:05 Times Seen1 Hash 0e04f1a1d421ab4c3013810d045db743 2d1bd80b7650c07ad562d00de4d13f7eedee9272 4c965d4f2d98a489594c2884c5ed7bc72dfa29ea992ff3a2f10e79e95961c39b Loading...

	va.v.liveperson.net/api/js/89632304?&cb=lpCb89452x69999&t=sp&ts=1666463705251&pid=3689134738&tid=8080834376&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22aa6a9853-a643-4df8-aa98-53a643cdf868%22%2C%22account%22%3A%2289632304%22%7D%5D	254 B	2023-03-10	2023-03-10
Pretty URL va.v.liveperson.net/api/js/89632304?&cb=lpCb89452x69999&t=sp&ts=1666463705251&pid=3689134738&tid=8080834376&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22aa6a9853-a643-4df8-aa98-53a643cdf868%22%2C%22account%22%3A%2289632304%22%7D%5D IP 208.89.12.87 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:20:05 Last Seen2023-03-10 13:20:05 Times Seen1 Hash 0e774844fed324040fe0b766af127521 a011b90d31497187009e606332e71349aae262df 87f6c8276d12764b530d680bfdc327f7d1d3a49b8b304784fae70f9a49c97b80 Loading...

	va.v.liveperson.net/api/js/89632304?sid=BbrFFll3Tm6vNt9GKkL6Dg&cb=lpCb82322x31121&t=pl&ts=1666463706341&pid=3689134738&tid=8080834376&vid=NmZmM2YWVhYmIxNTU1Y2Zi	111 B	2023-03-10	2023-03-10
Pretty URL va.v.liveperson.net/api/js/89632304?sid=BbrFFll3Tm6vNt9GKkL6Dg&cb=lpCb82322x31121&t=pl&ts=1666463706341&pid=3689134738&tid=8080834376&vid=NmZmM2YWVhYmIxNTU1Y2Zi IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:20:05 Last Seen2023-03-10 13:20:05 Times Seen1 Hash 8efae38310b59afd08341db399b884c1 20c0eb46405a540c525cf1aaa160fffec892b21d ce0f0f4aa074ff76ea1998edebcdb1ea56983a38391e3bb71ef996925ac85b85 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=	2.5 kB	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen50 Hash f922a60f645c94205e1f6e9d5e2cdccb 2e93f37ce5a8eb54dd6e4ad278c81bb26dc7a2a2 cfa7d7b285a70329eebf9b81537fa0baf56fe330fdcca07676e56cdba803ff30 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548	90 kB	2023-03-07	2023-03-17
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-03-17 12:47:48 Times Seen1 Hash 6ca5a9414661b75fc2ed717f14ce892c b6867a2f9e19b20634bfc45c7ed52fda6e3dcff9 99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386 Loading...

	www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-04-25
Pretty URL www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js IP 104.110.3.220 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:42 Last Seen2024-04-25 05:26:23 Times Seen447 Hash 663628f795cb62444143fde1ebdf2b5b 1ec97b491c8a1c72055bd635f0c8dd843cae43d6 aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801 Loading...

	www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js	4.3 kB	2023-03-07	2024-04-09
Pretty URL www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:12 Last Seen2024-04-09 04:55:43 Times Seen640 Hash b8a2edb156c147c3164f7faf6efc9f44 0b23deffad7cac9066bc216213b666ccbcb13279 babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5 Loading...

	citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=	147 B	2023-03-07	2024-02-14
Pretty URL citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= IP 23.254.132.83 ASN #54290 HOSTWINDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen49 Hash 4455727e85ed6be9deb3422e34ea2129 30f51ab43939efd904518cf3e0bcbd961245fc4d bbb46962b6f3dc24db2df9f8747abee8bed42adea34cb385ff012131b81c7ff5 Loading...

	nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909	27 kB	2023-03-08	2023-03-10
Pretty URL nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909 IP 13.224.245.122 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:26:32 Last Seen2023-03-10 14:55:53 Times Seen1 Hash 42ede44761b41779f967c114c118aa3e f6b75094ac77732fee021294d9b3afa3df2df2d8 ad7f8c7c3c420d4836dafb15b1d5d1be4d29ffabe1d768888e4b01babcfdac49 Loading...

	lptag.liveperson.net/tag/tag.js?site=89632304	22 kB	2023-03-07	2024-04-12
Pretty URL lptag.liveperson.net/tag/tag.js?site=89632304 IP 178.249.101.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-12 19:27:20 Times Seen539 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	citizensbank.demdex.net/dest5.html?d_nsid=0#http%3A%2F%2Fcitizens-online-support.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL citizensbank.demdex.net/dest5.html?d_nsid=0#http%3A%2F%2Fcitizens-online-support.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB	4.8 kB	2023-03-10	2023-03-10
Pretty URL accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:53:53 Last Seen2023-03-10 13:23:12 Times Seen1 Hash 1d639c169d9519992c232c0cac5aae9b a3d40f6513a9f65086e06b11dc63101b9e569b24 3cb4d3cf28b94d5aecc42939bf11e0f429a2179e0efe7f003bef7ee86f96f427 Loading...

	va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1666463705294&loc=http%3A%2F%2Fcitizens-online-support.com	11 kB	2023-03-07	2024-01-24
Pretty URL va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1666463705294&loc=http%3A%2F%2Fcitizens-online-support.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:29 Last Seen2024-01-24 23:53:16 Times Seen76 Hash 684a1d2bbad42091bd0b0f0e93b4789c d3b36b031484bebf727128400274618226131a37 7271e3119ee8205a39f0c06adafde464aa535e02519a0884296950aede89f177 Loading...

		Size	First Seen	Last Seen
	#1 Eval - fa28bae7148454e1f6d8052e5c403243	84 kB	2023-03-07	2023-04-18
Pretty Observations First Seen2023-03-07 17:55:22 Last Seen2023-04-18 20:43:16 Times Seen32 Hash fa28bae7148454e1f6d8052e5c403243 a168b44f58bbf9c1ae68e5415d55749e810a9e02 594eaf3a5ff472b716d25d866978e1b336decf1d6efe6923a65b4627fa8e2d6b Loading...

		Size	First Seen	Last Seen
	#1 Write - 7a09c7092e8f36a0dc39b789b49dcf62	102 B	2023-03-07	2024-02-14
Pretty Observations First Seen2023-03-07 17:55:22 Last Seen2024-02-14 12:12:56 Times Seen52 Hash 7a09c7092e8f36a0dc39b789b49dcf62 97a3667b625bf026f5f16bc2fa33affaefd47a5b 8703c94f4b4a9f3c9274d316563d3edaf890f903523a5ccc7fab8488d6684d79 Loading...

HTTP Transactions (100)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

18.244.155.120

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.244.155.120:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 18:26:25 GMT
Expires: Sat, 22 Oct 2022 19:01:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 fee1af928fb542120a907076855ee8f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: VQhqLCFlFF4aGJumFnVsADc9rs2F9wbpmYvU3tKz_D4Af18wuzDVzg==
Age: 502

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7682
Expires: Sat, 22 Oct 2022 20:42:49 GMT
Date: Sat, 22 Oct 2022 18:34:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7699
Expires: Sat, 22 Oct 2022 20:43:06 GMT
Date: Sat, 22 Oct 2022 18:34:47 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mqW6DiM2BoRfExBBVgAY5QO0iG545c2Qto6bomzIIkhdxMQxVYAYM1afGmCR1ElNpUvt/b8rS3w=
x-amz-request-id: KQDTK7Z60X7XD1ZR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 18:07:44 GMT
age: 1623
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=

23.254.132.83

200 OK

26 kB

URL HTTP/1.1
citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (672), with CRLF line terminators
Size
26 kB (26142 bytes)
Hash
b27bd01402693bedb7107dec85a3f2df
0129e5275b6bbdd6355d291eaebc22e6da532c41
bacfd23af9c90b604030b1fde7b8b7ca90f47c6902724d666a99e02ea36d682c

HTTP Headers

GET /citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso= HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=10000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 18:34:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3432
Expires: Sat, 22 Oct 2022 19:31:59 GMT
Date: Sat, 22 Oct 2022 18:34:47 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3432
Expires: Sat, 22 Oct 2022 19:31:59 GMT
Date: Sat, 22 Oct 2022 18:34:47 GMT
Connection: keep-alive

nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js

13.224.245.122

200 OK

32 kB

URL HTTP/1.1
nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
IP
13.224.245.122:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (594)
Size
32 kB (32241 bytes)
Hash
3e3e57d74e385af3525e39e1a6b268da
8c0bd74879a5678ad73d6313ec8bc6c6ed339079
fbdeaa04631ff4616c28d150742e68b3197d7541c3742a7082ca1473de886311

HTTP Headers

GET /citizensbank/olbprod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:32 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 04:24:01 GMT
ETag: W/"e28169ebc267a281e5ca0d996e98214e"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=300
x-amz-version-id: 6VlOzl96zfTglXsm.ylgZ_Vxg_x9B5Dp
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1b5424f4e08ca48fc35e311bea9e9ff6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: mvLkBri2ZJp5YQeV7lA10cRJ9X-E7GcrmHTUCeA6LGxo5t2IOJrMTQ==
Age: 912196

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3432
Expires: Sat, 22 Oct 2022 19:31:59 GMT
Date: Sat, 22 Oct 2022 18:34:47 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3392
Expires: Sat, 22 Oct 2022 19:31:19 GMT
Date: Sat, 22 Oct 2022 18:34:47 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3432
Expires: Sat, 22 Oct 2022 19:31:59 GMT
Date: Sat, 22 Oct 2022 18:34:47 GMT
Connection: keep-alive

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css

104.110.3.220

200 OK

2.3 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
2.3 kB (2300 bytes)
Hash
0a445a15e0f09a7738952731fdf3fe9d
3d4cef20189303cc4f24c27da1b8d2043e700cea
173f4f410b46ca6211eee490747009c597b7d7c475bcac07df88a18521bbef54

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/normalize.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "26c2-5e885b034f92d"
last-modified: Mon, 17 Oct 2022 05:48:09 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=562
x-olb-req-received: t=1665902334194308
content-length: 2300
cache-control: max-age=3125
expires: Sat, 22 Oct 2022 19:26:52 GMT
date: Sat, 22 Oct 2022 18:34:47 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/efs/jsp-ns/pm_fp.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 18:34:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www4.citizensbankonline.com/akam/11/7c3ed55c

104.110.3.220

404 Not Found

9 B

URL HTTP/2
www4.citizensbankonline.com/akam/11/7c3ed55c
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

GET /akam/11/7c3ed55c HTTP/1.1
Host: www4.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html
content-length: 9
cache-control: max-age=0
expires: Sat, 22 Oct 2022 18:34:47 GMT
date: Sat, 22 Oct 2022 18:34:47 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
set-cookie: ak_bmsc=FE57543C3796899FE9876BF38A365D9A~000000000000000000000000000000~YAAQnE8kF97Y+uaDAQAANuX5ABGrrF8BU7k4zlc62eFYgBR2mmOJ+vXu2OV4fA6wJTdpYkZTd0neAd4XGMWPkVem5cSrOPxnJoFPRpCLbB5sHyH1RYnZ39ym1DnTkOpqYGjPOk+NR9cOpi6s7vK7O+O3nAopcZ63b/nYD6lUKs0AbKR8p9BQSAupVfNG4Qu7+kVrfWWKPNthM4rtCjWk08WWDCT27w9A2xfwoetTOHERkNyLdR9i/nmDUkfU8SBrPKR2IyvpjTp9g1jE3nVTPl1BCMK/F3A13QRo9lStXV2lckVMeo4Y+EtQaZmibr4qqqTUKUNPyNWMRJD2Ce/gDhN5vcP5/48DX0qPZZDvH9SeQnTlekHCgnfff0g2UwLuI/NZWcbDNuFAWM9H3t2jMpkGv/pN; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 20:34:47 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js

104.110.3.220

200 OK

39 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
39 kB (38875 bytes)
Hash
2940c843ff15ab8e9f02511625f33e57
98ccd0fb1d60770a1aadf90d41daa49cab543cb3
4aed3165815cc1806999483e40a47863accf1cead25769de0162921f2f590298

HTTP Headers

GET /efs/efs/jsp-ns/scripts/plugins.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "31d24-5e885b0350b17"
last-modified: Sun, 16 Oct 2022 06:41:17 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=8368
x-olb-req-received: t=1665902334392040
content-length: 38875
cache-control: max-age=76410
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 18:34:47 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js

104.110.3.220

200 OK

4.0 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
4.0 kB (3967 bytes)
Hash
cc2102df58511c9a2653b1dff48ca8d7
64790e6adff6768178ab7d0ad9a4fbc2849b81f2
b9abbff7d9e75763790fd3b291f21525fe85583b397fe5f4b260bc99ff48aab7

HTTP Headers

GET /efs/efs/jsp-ns/scripts/main.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "4c03-5e885b03504e5"
last-modified: Thu, 20 Oct 2022 04:19:24 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=779
x-olb-req-received: t=1665902332994710
content-length: 3967
cache-control: max-age=32023
expires: Sun, 23 Oct 2022 03:28:31 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png

104.110.3.220

200 OK

5.3 kB

URL HTTP/2
www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 406 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5277 bytes)
Hash
beb4d1c9f430bb08a4ed54df069e8f0c
39950ddd690d1cbe2d08610da5c11c854450523f
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b

HTTP Headers

GET /efs/hhf/img/CTZ_Green-01.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 10 Sep 2022 01:58:56 GMT
etag: "149d-5e849015deb49"
accept-ranges: bytes
content-length: 5277
x-olb-req-received: t=1665902353036164
x-olb-req-duration: D=187
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=587836
expires: Sat, 29 Oct 2022 13:52:04 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css

104.110.3.220

200 OK

3.1 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (17412)
Size
3.1 kB (3118 bytes)
Hash
ac9a70a6f100c02749dfadb709b6eadf
69906e55ace36c217a52d428029a3c71dc16a7e4
466e6cf44306264c98e5642f77be87292e03e578ce78b17c0b39521460b1d37a

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "4a56-5e885b034bab2"
last-modified: Sun, 16 Oct 2022 06:48:15 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=723
x-olb-req-received: t=1665902337198216
content-length: 3118
cache-control: max-age=76410
expires: Sun, 23 Oct 2022 15:48:18 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js

104.110.3.220

200 OK

5.5 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
HTML document, ASCII text, with very long lines (14756)
Size
5.5 kB (5535 bytes)
Hash
088d590db53a3ede82a998537283c75d
87ed57fd5e2a623f35f80a3684c2de916ce4e2f8
d45c62a7108121887dc8866d445dde985d96b82143b3da2c9068e32caf316db4

HTTP Headers

GET /efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "3c36-5e885b034ca52"
last-modified: Sat, 22 Oct 2022 11:30:08 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=833
x-olb-req-received: t=1665902334348159
content-length: 5535
cache-control: max-age=74395
expires: Sun, 23 Oct 2022 15:14:43 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

104.110.3.220

200 OK

10 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
10 kB (10382 bytes)
Hash
e8a5a242bcaea8c7314ccbb04612d922
101e2286a81e108dd00c618032d793b2dc5366b3
8e2a305132b87d2a48461f8e3d820dbf640d66d530ab007632c5c5d79ce8cdc7

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/main.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "f405-5e885b034f92d"
last-modified: Sun, 16 Oct 2022 06:47:26 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=2162
x-olb-req-received: t=1665902334267901
content-length: 10382
cache-control: max-age=76409
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

104.110.3.220

200 OK

2.0 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text
Size
2.0 kB (1975 bytes)
Hash
07507f946ee4b2b9d4affc283b431119
00218cebeb305b00ae4ef74e4a67957d3c43e6f2
44fb4d44ce9291066e686a9861b8b31f021c816fa60e97c613bf5aadcc8e2830

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/flows.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "21ce-5e885b034aefa"
last-modified: Mon, 17 Oct 2022 14:29:06 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=535
x-olb-req-received: t=1665902336855011
content-length: 1975
cache-control: max-age=58208
expires: Sun, 23 Oct 2022 10:44:56 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css

104.110.3.220

200 OK

1.2 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
1.2 kB (1227 bytes)
Hash
e9404d7ddc1ef0b93851879620bfea8a
69575dd0119d3439f3d7ba4b45d12a3c0e47a39e
f5be5cfcdb9f541d6e355cd15b78204e715c979bb90a7dbae94d18c9bdad8772

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/ad-containers.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "1dd4-5e885b034ed75"
last-modified: Sun, 16 Oct 2022 06:48:49 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=523
x-olb-req-received: t=1665902334308988
content-length: 1227
cache-control: max-age=76409
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/hhf/js/citizensHeaderFooter-citizensns42588.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 18:34:48 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff

104.110.3.220

200 OK

32 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 31968, version 1.0\012- data
Size
32 kB (31968 bytes)
Hash
d496c6122c776cae7c2a783bfcd7a3a1
fbdbec90d23bd77f471be50a3c6711e535ac72bc
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/font/citizen_roman.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "7ce0-5e885b034bab2"
accept-ranges: bytes
content-length: 31968
x-olb-req-received: t=1665902333663068
x-olb-req-duration: D=206
access-control-allow-origin: *
cache-control: max-age=587856
expires: Sat, 29 Oct 2022 13:52:24 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/efs/jsp-ns/scripts/common.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 18:34:48 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js

104.110.3.220

200 OK

29 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32089)
Size
29 kB (29409 bytes)
Hash
82481a92ac472d179954d66e38f72d07
ea65071dbc1ab11ed29e76bdd30eabbe6cdbc3ec
c8e2e6f9e0e01dcfec7f2633efdd7f8f9d78ba3920e86a0d1231f487928b5fe4

HTTP Headers

GET /efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "169d6-5e885b034fd15"
last-modified: Sun, 16 Oct 2022 06:41:15 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=4665
x-olb-req-received: t=1665902417810620
content-length: 29409
cache-control: max-age=76410
expires: Sun, 23 Oct 2022 15:48:18 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2

citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /content/930e113327rn2365aa3b7b98b0447e8d HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 18:34:48 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www3.citizensbankonline.com/efs/efs/js/tealeaf.js

104.110.3.220

404 Not Found

9.9 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/js/tealeaf.js
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
9.9 kB (9934 bytes)
Hash
7a50763a326038e01ff7f9624d28066c
cae9d82811966f159a734f9402ace74eb01f17f8
c6cc63926f47095f4caf94ad78258d77933e3adcc1ce7781bd7cb2a97d596411

HTTP Headers

GET /efs/efs/js/tealeaf.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
x-frame-options: SAMEORIGIN
last-modified: Tue, 20 Apr 2021 15:23:40 GMT
etag: "26ce-5c06907e37700"
accept-ranges: bytes
content-length: 9934
x-olb-req-received: t=1666463688097069
x-olb-req-duration: D=186
access-control-allow-origin: *
content-type: text/html
cache-control: max-age=900
expires: Sat, 22 Oct 2022 18:49:48 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=195, origin; dur=77
strict-transport-security: max-age=15768000
lb-action: None, None
set-cookie: ak_bmsc=6E3452646824E937390112E8461C9616~000000000000000000000000000000~YAAQnE8kF/LY+uaDAQAAbOb5ABEkrT8ugkzqJEr88TsvC3ayHmAkgWMMB4aR+j6kvrqvZdq3lrt6Rgwmo0vA8n2gHFZscuLAsmUwVNA+AWmdgw0B6voFR4dI2RUDJs/+QnPdxnef65S3Gxv64sn8TIFpwG+WDDlEsSb+LdIuB5LKoYe9y+dTEs9nSUPJR2eHztIvleqSOmtHWnuozBEFV1w+OSxG0aGH6zqRJnKoZij7n0VU/pHbTP86sa2v1okoJQEg7K2DfLIZvWUYdNvJ68ri+UxFRPgKdN/AE6B/6zWwMm5pxb/3D27F69r4vMq+hd3th/3u8A45VJi6MC1ZZ7AXMkC0TwE6+xS8l6+csYWHNG8YMbO/jHib97vpmJmvnXSNKks/guzxl5VgguIqBnsgfK1P; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 20:34:48 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

www4.citizensbankonline.com/akam/11/7c3ed55c

104.110.3.220

404 Not Found

9 B

URL HTTP/2
www4.citizensbankonline.com/akam/11/7c3ed55c
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

GET /akam/11/7c3ed55c HTTP/1.1
Host: www4.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 9
cache-control: max-age=0
expires: Sat, 22 Oct 2022 18:34:48 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
set-cookie: ak_bmsc=32DD3FC1D9B1E9F282DF9F98439CAD31~000000000000000000000000000000~YAAQnE8kF/PY+uaDAQAAceb5ABFl6WP14q9fEzgkrwHfxSqRmbrdd+rJdtTaXMMAsD3wDR0texmvQX84RhUt+QCGgupAs2G4L9bQUUhx4jFISDQfTy5weoAyUs59BqH7IxyDpXHxDPhsGqik26jE9asBhRJxwfxYIwpbHA2N+KFC433yeexwpB3Gn7Zswrtv6Emw8cbsKQi3RDlh38riPkp+YJ6yIH6i1IXNaNz9nybI3KXBHH9cTUhGYpurQjDcMRG0Q/hlgv0q7SrWiVzSgJMrJl7Ug/6IHK9Y+9XewyxVN2EScnQ0DvZid1fPHAeskpCe01B77foZ4XToi64gZFVJ0SK8uGqZNaKGvaB93xNIR4xxQOhlQMh5wz1bz5Kr7pm7gPJ9kf1KOLkPG7Joemlwjk6w; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 20:34:48 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png

104.110.3.220

200 OK

292 B

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 16 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
292 B (292 bytes)
Hash
18ffa7c3d8f40b5da7df780d91930e20
524ca8ffaadbd033fd0504fe580d47315690afa1
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46

HTTP Headers

GET /efs/efs/grafx/icon-secure.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "124-5e6a235cbd9f7"
accept-ranges: bytes
content-length: 292
x-olb-req-received: t=1665902333471989
x-olb-req-duration: D=145
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=587874
expires: Sat, 29 Oct 2022 13:52:42 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png

104.110.3.220

200 OK

364 B

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
35a7359b239ddca8639017dfc4b71b4a
dfdd659f24502fbe7dd79c9564e1e528233fdcad
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2

HTTP Headers

GET /efs/efs/grafx/flows-tooltip.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "16c-5e6a235cbab17"
accept-ranges: bytes
content-length: 364
x-olb-req-received: t=1665902333449146
x-olb-req-duration: D=127
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=587900
expires: Sat, 29 Oct 2022 13:53:08 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png

104.110.3.220

200 OK

1.0 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 18 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1017 bytes)
Hash
e7b1dd2b4db648b74fc5b873e7196a87
2f053c0827091b3929ea889dd2dc5c923dcb450a
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

HTTP Headers

GET /efs/efs/grafx/arrow-button-white.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "3f9-5e6a235ca4d07"
accept-ranges: bytes
content-length: 1017
x-olb-req-received: t=1665902333578008
x-olb-req-duration: D=97
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=587719
expires: Sat, 29 Oct 2022 13:50:07 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png

104.110.3.220

200 OK

1.1 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 28 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1054 bytes)
Hash
dc25c0429ceba4038c36551d05760dd7
a79832f9ae49997cd90701d48a02bd06bf29a7d0
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c

HTTP Headers

GET /efs/efs/grafx/arrow-down-blue.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "41e-5e6a235ca4d07"
accept-ranges: bytes
content-length: 1054
x-olb-req-received: t=1665902333438403
x-olb-req-duration: D=100
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=587898
expires: Sat, 29 Oct 2022 13:53:06 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png

104.110.3.220

200 OK

165 B

URL HTTP/2
www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 7 x 9, 8-bit/color RGBA, non-interlaced\012- data
Size
165 B (165 bytes)
Hash
1792e4aa4d2d86dec430ef9a60362a35
90b9e9c14f636362e9558d14fefe15782f75d256
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69

HTTP Headers

GET /efs/efs/grafx/arrow-right-orange.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "a5-5e6a235ca5357"
accept-ranges: bytes
content-length: 165
x-olb-req-received: t=1665902333683140
x-olb-req-duration: D=140
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=587768
expires: Sat, 29 Oct 2022 13:50:56 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff

104.110.3.220

200 OK

18 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 18524, version 0.0\012- data
Size
18 kB (18524 bytes)
Hash
022cb73ac43269074f73e97b9cca4f2d
85f96bbe6d675a4892fbb483cde78c6eb9419d78
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "485c-5e885b034aefa"
accept-ranges: bytes
content-length: 18524
x-olb-req-received: t=1665902333523263
x-olb-req-duration: D=197
access-control-allow-origin: *
cache-control: max-age=587887
expires: Sat, 29 Oct 2022 13:52:55 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff

104.110.3.220

200 OK

32 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 31864, version 1.0\012- data
Size
32 kB (31864 bytes)
Hash
0dd22599312493e4bb7b8662f71dddcc
29f5fd587566f80d886dc0109f53ecf47eb5bbf5
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/font/citizen_book.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "7c78-5e885b034f78f"
accept-ranges: bytes
content-length: 31864
x-olb-req-received: t=1665902334048084
x-olb-req-duration: D=227
access-control-allow-origin: *
cache-control: max-age=587850
expires: Sat, 29 Oct 2022 13:52:18 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff

104.110.3.220

200 OK

28 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 27852, version 1.0\012- data
Size
28 kB (27852 bytes)
Hash
76f4964f6d001aa6967fb570438d80cc
5259516d0615338a701e5a19a37d6bc45c6bcedc
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759

HTTP Headers

GET /efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "6ccc-5e885b034f545"
accept-ranges: bytes
content-length: 27852
x-olb-req-received: t=1665902334049950
x-olb-req-duration: D=159
access-control-allow-origin: *
cache-control: max-age=587858
expires: Sat, 29 Oct 2022 13:52:26 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/hhf/js/citizensHeaderFooter-citizensns42588.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CvVersion%7C5.0.1

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 18:34:48 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.244.155.120

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.244.155.120:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Pragma, Content-Length, Content-Type, ETag, Retry-After, Cache-Control, Last-Modified, Backoff, Expires
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 22 Oct 2022 18:03:52 GMT
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 18:24:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8f636bf03a771a87b28d04c076408cc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: hn8VReLwEYy_2xuMajuFYjE4eHHFqq59kRenTNI5d-UAnV7qtIwd8Q==
Age: 1858

citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /content/930e113327rn2365aa3b7b98b0447e8d HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CvVersion%7C5.0.1

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 18:34:48 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3586
Cache-Control: max-age=138703
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 18:34:48 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:06:31 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js

23.254.132.83

404 Not Found

315 B

URL HTTP/1.1
citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
IP
23.254.132.83:0
ASN
#54290 HOSTWINDS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /efs/efs/jsp-ns/scripts/common.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php?online_id=4921f827b966178616342b635&country=&iso=
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CvVersion%7C5.0.1

HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 18:34:48 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9997
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png

104.110.3.220

200 OK

14 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13907 bytes)
Hash
172ee65ce7e2afc164fb89579d8060b2
1bcc0c40ce0dd35f4150e286d4da86eb5150d2da
6031e1710c50b5ade8d4fe1f9d2a7885caa5f18493944871891d9bf847dcec0e

HTTP Headers

GET /efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "3653-5e885b03510a1"
accept-ranges: bytes
content-length: 13907
x-olb-req-received: t=1665902334263596
x-olb-req-duration: D=181
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=587741
expires: Sat, 29 Oct 2022 13:50:29 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png

104.110.3.220

200 OK

11 kB

URL HTTP/2
www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png
IP
104.110.3.220:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10871 bytes)
Hash
f62b2664dd6a40ab3a9f7af34412f8b7
02438189257c795c3726e4f45b1ce3bb921255d5
707a3217546ca6852234cb3fa3b61f458581ca943b6195032ba9efe7e1e0ee5f

HTTP Headers

GET /efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "2a77-5e885b0354b35"
accept-ranges: bytes
content-length: 10871
x-olb-req-received: t=1665902333725314
x-olb-req-duration: D=145
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=587667
expires: Sat, 29 Oct 2022 13:49:15 GMT
date: Sat, 22 Oct 2022 18:34:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2

nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D

13.224.245.122

200 OK

397 B

URL HTTP/1.1
nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D
IP
13.224.245.122:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (396)
Size
397 B (397 bytes)
Hash
0e04f1a1d421ab4c3013810d045db743
2d1bd80b7650c07ad562d00de4d13f7eedee9272
4c965d4f2d98a489594c2884c5ed7bc72dfa29ea992ff3a2f10e79e95961c39b

HTTP Headers

GET /citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 397
Connection: keep-alive
Server: nginx
Date: Sat, 22 Oct 2022 18:34:48 GMT
Expires: Sat, 22 Oct 2022 18:34:47 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 1b5424f4e08ca48fc35e311bea9e9ff6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: 9R1MHdTBuACI-xA4AHGxcDSZzXHJDNJi4aL6N53UB3Za0ImTkq3PIA==

nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117

13.224.245.122

200 OK

31 kB

URL HTTP/1.1
nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117
IP
13.224.245.122:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1970)
Size
31 kB (30934 bytes)
Hash
3d2d25ef325eac356d449d8df162c7e5
b181f4221b3190118630f334403a218e7887eb92
82b8253b53400a2508202f2329064ac51c74d09e8361d7ef393b87793199e858

HTTP Headers

GET /citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:33 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 04:24:01 GMT
ETag: W/"7f943d1386ac8d666a04c5f7c1aca6a2"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: 7Vz_bNM1vqq_ptJsDOdn8z3nddxBTl2j
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1b5424f4e08ca48fc35e311bea9e9ff6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: IstYH2AL0rXlC8fVRkoNPRgg83CGeXA0PXpl-Dzjh9JEjddJ7gV--A==
Age: 912196

nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909

13.224.245.122

200 OK

4.5 kB

URL HTTP/1.1
nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909
IP
13.224.245.122:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (564)
Size
4.5 kB (4516 bytes)
Hash
fd603d97b40b9255bfad0347af30b289
4dbc7e969f3d64bd0e668bb424284a2cf1c134d5
9cf6e47fb2dfb89d2ffc01f75ffc38c7eac7d9ad07f11d39597ca329067c3f6f

HTTP Headers

GET /citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:33 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 03:57:00 GMT
ETag: W/"42ede44761b41779f967c114c118aa3e"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: NiK352lECAFDggvv33Jq9naFD_ydY3Ez
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c168f60079706d202ff05ad02be79d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: VtMJ5H-celYxlJndY6SkWyxRfL5VDS1ccm41E4UC4_kd4P76K_lT7A==
Age: 912196

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fca3b625928b8f0507cf1569d9c188cc
25efc79d4d6371040b33025fe9b3a60b3d431e1e
a6900cc898a42c36f943c2bea70b80a79ec827dbf31d8f50c2a941c8b085c12f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3794
Cache-Control: max-age=128122
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 18:34:48 GMT
Etag: "63537a70-1d7"
Expires: Mon, 24 Oct 2022 06:10:10 GMT
Last-Modified: Sat, 22 Oct 2022 05:06:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.161.231.36

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.231.36:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PDGqrULrbOoGKVD7AxShhg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0zBT1CawzKLUPvlLOFiRM+m04+o=

dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666463702808

54.77.35.16

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666463702808
IP
54.77.35.16:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666463702808 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://citizens-online-support.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-0722c3202.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666463702808
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=55225571734803115632532037716455636374; Max-Age=15552000; Expires=Thu, 20 Apr 2023 18:34:48 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: ucL1Mpn/Qr0=
Content-Length: 0
Connection: keep-alive

cdn.appdynamics.com/adrum/adrum-latest.js?

18.165.201.17

200 OK

40 kB

URL HTTP/1.1
cdn.appdynamics.com/adrum/adrum-latest.js?
IP
18.165.201.17:0
ASN
#0

File type
ASCII text, with very long lines (644)
Size
40 kB (40203 bytes)
Hash
cd86db0f552897dc33e8433d0cf9bad2
676df314ca85d1418ffb110f3979c31281da027d
fd30f76d2b4bebd4b4bd680793a8a993b46a15808c0cea0533e629fc2990889f

HTTP Headers

GET /adrum/adrum-latest.js? HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin: *
Content-Encoding: gzip
Date: Fri, 21 Oct 2022 17:25:06 GMT
Cache-Control: public, max-age=2678400, s-max-age=14400
ETag: W/"6317b609-1b2d9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5059e7bd12388ef6673ed156d17eb756.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: uRBg60xCUTOeceOeULRKigZ_S1KFfnYp7HxcnVPVKpQX3poruie1Vw==
Age: 90582

dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666463702808

54.77.35.16

200 OK

124 B

URL HTTP/1.1
dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666463702808
IP
54.77.35.16:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
124 B (124 bytes)
Hash
1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca

HTTP Headers

GET /id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666463702808 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://citizens-online-support.com
Content-Type: application/x-www-form-urlencoded
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://citizens-online-support.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-0e9d243f4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: YqQVR3eXRQs=
Content-Length: 124
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e63e513dcf53ce7553e7b0823c6a14a4
339b57dfcff07274c5760a3eca84e85313801a13
0e2fa20095d3d2116bdabd8fcda346d45c6bca2c5aab1cc87811cc5ed62d72be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 15:43:26 GMT
Expires: Sat, 29 Oct 2022 15:43:25 GMT
Etag: "339b57dfcff07274c5760a3eca84e85313801a13"
Cache-Control: max-age=593915,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e45447a88bb4f4-OSL

lptag.liveperson.net/tag/tag.js?site=89632304

178.249.101.23

200 OK

7.6 kB

URL HTTP/2
lptag.liveperson.net/tag/tag.js?site=89632304
IP
178.249.101.23:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.6 kB (7567 bytes)
Hash
6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd

HTTP Headers

GET /tag/tag.js?site=89632304 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?

104.18.14.22

301 Moved Permanently

167 B

URL HTTP/1.1
cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
IP
104.18.14.22:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /citizen/OLB/p/detector-dom.min.js? HTTP/1.1
Host: cdn.glassboxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
X-Cache: Redirect from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PWqtMm8vX7gBYS-Iu4iO-LeRc7CqmlqqBRjfXeDR6QKfw0gxTBolwQ==
CF-Cache-Status: HIT
Age: 586
Expires: Sat, 22 Oct 2022 22:34:49 GMT
Cache-Control: public, max-age=14400
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e454496cf7b509-OSL

cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js

18.165.201.17

200 OK

20 kB

URL HTTP/1.1
cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
IP
18.165.201.17:0
ASN
#0

File type
ASCII text, with very long lines (574)
Size
20 kB (20314 bytes)
Hash
cca1b9c013b93bd73bf4f55b122ba8db
ed011720d910a5b69db06ebaabcd95d013255752
d5ef573c9770681c3a75ec78445d0c785ca6659a0cf25f145ddfbae414b0b77a

HTTP Headers

GET /adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 01 Oct 2022 05:28:16 GMT
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:12 GMT
ETag: W/"6317b608-d132"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Cache-Control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5059e7bd12388ef6673ed156d17eb756.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: WwtAyxoAmGTPRqP1lGrY-Pt9O2Tye9GCFD_old7cfst5j0QusxBsDQ==
Age: 1861593

nebula-cdn.kampyle.com/wu/356861/onsite/embed.js

151.101.85.175

200 OK

517 B

URL HTTP/2
nebula-cdn.kampyle.com/wu/356861/onsite/embed.js
IP
151.101.85.175:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (573)
Size
517 B (517 bytes)
Hash
e8a4b8a535ad76225074264c54ea0715
ddac064bbfb77a8431cb810189043ff97b8e84fe
32a10a956e30f4b84dbaf4230037a1fd36c15bcdd345719b9393b9c2517f00b6

HTTP Headers

GET /wu/356861/onsite/embed.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ioqo2qnTXz9VPyGdm9U7px0r0c1Pgid1Py+qsRqCxp9kPiSNLtcKr3SrbhV53EloBo04Gq0y+98=
x-amz-request-id: T3BZVBR1VJB17J2B
last-modified: Wed, 05 Oct 2022 21:33:25 GMT
etag: "8b72f36bbd0721428f49dda9c3bd04ac"
x-amz-version-id: P0vUE_TJe.yQCf1POgYtfWkHzc0CIb7I
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 18:34:49 GMT
via: 1.1 varnish
age: 1446288
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1666463689.236881,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 517
X-Firefox-Spdy: h2

nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js

151.101.85.175

301 Moved Permanently

0 B

URL HTTP/1.1
nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
IP
151.101.85.175:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /us/wu/356861/onsite/generic1665005603563.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/

HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
Accept-Ranges: bytes
Date: Sat, 22 Oct 2022 18:34:49 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1665-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1666463689.297631,VS0,VE0
Strict-Transport-Security: max-age=31557600

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d89a4b4ba755569eb543022e0c46108b
5cae32d30c2d5928bf66be8c43601f21231c6935
02b872da64948f665f2bda563556b8f76fbe98b1c4b4e2b7a941df0f5576ddc5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103827
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 18:34:49 GMT
Etag: "63532a5c-1d7"
Expires: Sun, 23 Oct 2022 23:25:16 GMT
Last-Modified: Fri, 21 Oct 2022 23:25:16 GMT
Server: nginx
Content-Length: 471

nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js

151.101.85.175

200 OK

114 kB

URL HTTP/2
nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
IP
151.101.85.175:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (53527)
Size
114 kB (114411 bytes)
Hash
875e1611678facfc534c2922ee9f04d1
d045b6a4a0bd45ae1eb134ca1365fe1ff576d8d2
b39dbd6935f69b4f403b183bad057b18b9df8e9c7ac7a3dcc2b123d66cdfbaab

HTTP Headers

GET /us/wu/356861/onsite/generic1665005603563.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 9cQsV036v9UHxHIBBS6ddnOPtu7hupqDHYzTkS5r9D6ofic601WFFGZbpPC4Zcf0I2Hddoonung=
x-amz-request-id: 531P45J50X314A2H
last-modified: Wed, 05 Oct 2022 21:33:24 GMT
etag: "ba78af14d365f8ccbd56a01ca6bf1c05"
x-amz-version-id: sS15mP2HP1_gvO6GweV7zdqjZ8tqzGJg
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 18:34:49 GMT
via: 1.1 varnish
age: 1445184
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1666463689.318316,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 114411
X-Firefox-Spdy: h2

dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=06015967020168812714116973086715041997&ts=1666463704210

54.77.35.16

200 OK

1.3 kB

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=06015967020168812714116973086715041997&ts=1666463704210
IP
54.77.35.16:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (3749), with no line terminators
Size
1.3 kB (1316 bytes)
Hash
959b6fd9aae1dd8e2cb444137ab9563d
ee186b91e7cab5eb6932dfb615af2a9e8d59cd82
e70127c0377b3e6d84851daec19aadc51cbd17f944c33077539ac6018d29f3bd

HTTP Headers

GET /id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=06015967020168812714116973086715041997&ts=1666463704210 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://citizens-online-support.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-04c5fceec.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=06008072158303836324120053465197225642; Max-Age=15552000; Expires=Thu, 20 Apr 2023 18:34:49 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: MIgmn2SoSVg=
Content-Length: 1316
Connection: keep-alive

citizensbank.demdex.net/dest5.html?d_nsid=0

52.211.12.99

200 OK

2.8 kB

URL HTTP/1.1
citizensbank.demdex.net/dest5.html?d_nsid=0
IP
52.211.12.99:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
2.8 kB (2791 bytes)
Hash
ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12

HTTP Headers

GET /dest5.html?d_nsid=0 HTTP/1.1
Host: citizensbank.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 22 Oct 2022 18:34:49 GMT
DCS: dcs-prod-irl1-2-v044-0f7f1a203.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:47:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: tNcAtbSQTYk=
Content-Length: 2791
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

108.138.212.95

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
108.138.212.95:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bb043e61ac0670929773ae8023472fd6
7d2e7cde176070da47e7a6ca990f42b6f917bf72
4d0af8861597b19883a0175ec395d724910d1bfb7e689635ea94fd4f67166400

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115884
Date: Sat, 22 Oct 2022 18:34:49 GMT
Etag: "63534ab2-1d7"
Expires: Mon, 24 Oct 2022 02:46:13 GMT
Last-Modified: Sat, 22 Oct 2022 01:43:14 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 ced85969afddede813acbcc2593f7a50.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: LfXYJuJqNLCwc8iIxgLEeaQPIuqaLCh_Ed1cMfPwHCVb-inbgo002Q==
Age: 3779

ocsps.ssl.com/

52.6.97.148

200 OK

1.8 kB

URL HTTP/1.1
ocsps.ssl.com/
IP
52.6.97.148:0
ASN
#14618 AMAZON-AES

File type
data
Size
1.8 kB (1810 bytes)
Hash
a37e83991546d6ad4bdee00d63458598
836d2050586105ce94f0541cc43745a803a2aba0
a9ecbb6c6a5a4bbe19d31cb6411cf448ab622c8d6ff2a6bb1875934ed1066240

HTTP Headers

POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Sat, 29 Oct 2022 13:43:55 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "836d2050586105ce94f0541cc43745a803a2aba0"
Last-Modified: Sat, 22 Oct 2022 13:43:56 GMT
X-Proxy-Cache: HIT

report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f%3A0&_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169&pv=2&f_cls_s=true

3.87.234.62

200 OK

430 B

URL HTTP/1.1
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f%3A0&_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169&pv=2&f_cls_s=true
IP
3.87.234.62:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (737), with no line terminators
Size
430 B (430 bytes)
Hash
6aa2a807e1f18fb78b688e07004f5795
29c8e1e45a6f9b904ce11e1346b9e335eb8ac370
92deced6cd1aa7f331feb3e9f51ecfa99b3c824bd0be50ee47d74857d9f7b19a

HTTP Headers

GET /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f%3A0&_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169&pv=2&f_cls_s=true HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Type: application/json
Content-Length: 430
Connection: keep-alive
Set-Cookie: AWSALB=6OgAiDjhq/8H1dx6i2MhGHvFiBj/Haol5aNg19OJ2m6/W+6+WcFy8geAlDb1+/kWb7YA/iNNnrVcQsKYMOlE2IEmJyVgaCAoXiDgFoY7mwbS5Qxk1K4p8/ujdvMI; Expires=Sat, 29 Oct 2022 18:34:49 GMT; Path=/
AWSALBCORS=6OgAiDjhq/8H1dx6i2MhGHvFiBj/Haol5aNg19OJ2m6/W+6+WcFy8geAlDb1+/kWb7YA/iNNnrVcQsKYMOlE2IEmJyVgaCAoXiDgFoY7mwbS5Qxk1K4p8/ujdvMI; Expires=Sat, 29 Oct 2022 18:34:49 GMT; Path=/; SameSite=None; Secure
_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169; Secure; SameSite=None
_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f:0; Secure; SameSite=None
_cls_cfgver=27baeec; Secure; SameSite=None
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5015

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9NDkyMWY4MjdiOTY2MTc4NjE2MzQyYjYzNSZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NjM3MDQyNzEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwZmEyNGI3NDE1LTAwMjRjNjY5NzNhYzFjLTMwNmQ0NjRhLTE0MDAwMC0xODQwMGZhMjRiODRmYyIsImVudmlyb21lbnQiOiAicHJvZFVzT3JlZ29uIiwiYWNjb3VudElkIjogMzU2ODYwLCJ1cmwiOiAiaHR0cDovL2NpdGl6ZW5zLW9ubGluZS1zdXBwb3J0LmNvbS9jaXRpemVuYmFuay9sb2dpbi5waHA/b25saW5lX2lkPTQ5MjFmODI3Yjk2NjE3ODYxNjM0MmI2MzUmY291bnRyeT0maXNvPSIsIndlYnNpdGVJZCI6IDM1Njg2MSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZTJkNy00Mzk0LWYxOGUtYmUxMS1jODczLTU1N2QtMjE2ZS03MWJmIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjY0NjM3MDQyNjgiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNDY3LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY2NDYzNzA0MjcxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwiZmVlZGJhY2tfY29ycmVsYXRpb25fdXVpZCI6IG51bGx9Cl19

35.241.45.82

200 OK

0 B

URL HTTP/2
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9NDkyMWY4MjdiOTY2MTc4NjE2MzQyYjYzNSZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NjM3MDQyNzEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwZmEyNGI3NDE1LTAwMjRjNjY5NzNhYzFjLTMwNmQ0NjRhLTE0MDAwMC0xODQwMGZhMjRiODRmYyIsImVudmlyb21lbnQiOiAicHJvZFVzT3JlZ29uIiwiYWNjb3VudElkIjogMzU2ODYwLCJ1cmwiOiAiaHR0cDovL2NpdGl6ZW5zLW9ubGluZS1zdXBwb3J0LmNvbS9jaXRpemVuYmFuay9sb2dpbi5waHA/b25saW5lX2lkPTQ5MjFmODI3Yjk2NjE3ODYxNjM0MmI2MzUmY291bnRyeT0maXNvPSIsIndlYnNpdGVJZCI6IDM1Njg2MSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZTJkNy00Mzk0LWYxOGUtYmUxMS1jODczLTU1N2QtMjE2ZS03MWJmIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjY0NjM3MDQyNjgiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNDY3LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY2NDYzNzA0MjcxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwiZmVlZGJhY2tfY29ycmVsYXRpb25fdXVpZCI6IG51bGx9Cl19
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocD9vbmxpbmVfaWQ9NDkyMWY4MjdiOTY2MTc4NjE2MzQyYjYzNSZjb3VudHJ5PSZpc289IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjY0NjM3MDQyNzEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NDAwZmEyNGI3NDE1LTAwMjRjNjY5NzNhYzFjLTMwNmQ0NjRhLTE0MDAwMC0xODQwMGZhMjRiODRmYyIsImVudmlyb21lbnQiOiAicHJvZFVzT3JlZ29uIiwiYWNjb3VudElkIjogMzU2ODYwLCJ1cmwiOiAiaHR0cDovL2NpdGl6ZW5zLW9ubGluZS1zdXBwb3J0LmNvbS9jaXRpemVuYmFuay9sb2dpbi5waHA/b25saW5lX2lkPTQ5MjFmODI3Yjk2NjE3ODYxNjM0MmI2MzUmY291bnRyeT0maXNvPSIsIndlYnNpdGVJZCI6IDM1Njg2MSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZTJkNy00Mzk0LWYxOGUtYmUxMS1jODczLTU1N2QtMjE2ZS03MWJmIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjY0NjM3MDQyNjgiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNDY3LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY2NDYzNzA0MjcxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwiZmVlZGJhY2tfY29ycmVsYXRpb25fdXVpZCI6IG51bGx9Cl19 HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-vv0s
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

108.138.212.95

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
108.138.212.95:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4ac8ee6776b0cd89f9687d570b9073b3
fb6a810b5189cb0ab88f4f1999556b85f0466d49
a97d94db2c5cf6eebcf12d578912ec6185a7cd11ab35e3d6f7a8fde1c7e19737

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156086
Date: Sat, 22 Oct 2022 18:34:49 GMT
Etag: "6353e98a-1d7"
Expires: Mon, 24 Oct 2022 13:56:15 GMT
Last-Modified: Sat, 22 Oct 2022 13:00:58 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 ced85969afddede813acbcc2593f7a50.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: tHMGmNowH_zjyWEVsti-EWRv_iXTSZguX6t3fMvgmc6pXdb6DEq-kw==
Age: 3318

cm.everesttech.net/cm/dd?d_uuid=06008072158303836324120053465197225642

34.248.32.199

302

0 B

URL HTTP/1.1
cm.everesttech.net/cm/dd?d_uuid=06008072158303836324120053465197225642
IP
34.248.32.199:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm/dd?d_uuid=06008072158303836324120053465197225642 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y1Q3yQAAAEaHaQN6; Domain=.everesttech.net; Expires=Sun, 22-Oct-2023 18:34:49 GMT; Path=/
everest_session_v2=Y1Q3yQAAAEaHagN6; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1Q3yQAAAEaHaQN6
Server: AMO-cookiemap/1.1

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=510422,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4544df886b4f4-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=510422,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4544e0b9bb505-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=510422,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4544e0b58fabc-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=510422,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4544e08051c12-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8445
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 18:34:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8445
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 18:34:50 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=510421,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4544e2e14b50b-OSL

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7372 bytes)
Hash
616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 74058
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5517 bytes)
Hash
1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hitgYm684zdpmL8IbPzFxhPWRrc2-VmnlofdTiPhJzkrc26mgXTTTA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:41 GMT
age: 74049
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10973 bytes)
Hash
6bd5e942443ffd011faf10dc88d92081
beff4ae9e24599addce8a961c955788045c56645
2c59d984971e73d497975032c23700b5602fccf403f4683a8047f5f42d4e261f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: 081470ca-0107-4052-be55-9c713105bb27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-TEKPoAMFZfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-17199f8c0fc0fb7443a902f1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C8HRcZnP8nrEFWU_vn1olwnkXdvlqUu2_w0YIED9MSXDtO3U2mKO-w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:17:59 GMT
age: 73011
etag: "beff4ae9e24599addce8a961c955788045c56645"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10720 bytes)
Hash
cdaacab30d73a7d05180cc16f4a96a3f
6cc0e39e0decbc20c765f171f63affd85fc9e6da
f015c3b1d838bd7d100ee104551bed2bb06a512b20ce3e5ac419d54b747fadd0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10720
x-amzn-requestid: 96267527-f482-4bfa-ba7a-12467408efe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MvGutIAMFc8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b7-25f2624559b0fb7d62ced3a3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4--AiSTKMMOm9HnJL_ervFnd5rkQ-WZfGM-FNkxXKO892SPw67cxXA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:42 GMT
age: 73388
etag: "6cc0e39e0decbc20c765f171f63affd85fc9e6da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8856 bytes)
Hash
a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 72885
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11151 bytes)
Hash
26c47e4b0147f8dee3e71a53a8f2830c
381edb4758da428db5ffe884f8fb38bf11044f69
b507898359abbcb1f57821c147a58df66d7e81acc198afc997527b58cd835b39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11151
x-amzn-requestid: 5c32e307-f2a7-4050-a96f-a47667ec4752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-NEFTKoAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b9-2fc77f394ca297126abaed94;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ib4A9F4pA6k1iYdefeQokFkEkmqlEASJ2d20BQ6gqRYj3teYDu8Cyg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:20 GMT
age: 73230
etag: "381edb4758da428db5ffe884f8fb38bf11044f69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dpm.demdex.net/ibs:dpid=411&dpuuid=Y1Q3yQAAAEaHaQN6

54.77.35.16

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y1Q3yQAAAEaHaQN6
IP
54.77.35.16:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ibs:dpid=411&dpuuid=Y1Q3yQAAAEaHaQN6 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-05525f3f4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1Q3yQAAAEaHaQN6
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=55949918823604096204445401465585911492; Max-Age=15552000; Expires=Thu, 20 Apr 2023 18:34:50 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Skkm+c+jTus=
Content-Length: 0
Connection: keep-alive

accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb25335x14284

178.249.101.99

200 OK

373 B

URL HTTP/2
accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb25335x14284
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type
data
Size
373 B (373 bytes)
Hash
d7fe2c854e89d0a5915cd22855c15790
ae23e935f44c3783adae0049eca7348edef28b4b
ecafa03e2cfe4cc593ed011ebf0fc845d594c4967b6daed9be2246c34b893790

HTTP Headers

GET /api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb25335x14284 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:50 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:12fbe2ac-4fe4-4d9a-884c-4c37e85595bb; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:20 GMT; Path=/
ADRUM_BTa=R:28|g:12fbe2ac-4fe4-4d9a-884c-4c37e85595bb|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:20 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:20 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:20 GMT; Path=/
ADRUM_BT1=R:28|i:2241585|e:7; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:20 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 18:35:50 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3

178.249.101.23

200 OK

414 kB

URL HTTP/2
lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP
178.249.101.23:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (65536), with no line terminators
Size
414 kB (413993 bytes)
Hash
ac3e6f1e88739e49cc7cce4a0e483476
9e095c1a55d3f851e77a4c911d959b312cbf4b67
a3983804fba076ebe110ed655faa9d7571d836e1e51460f5a463c4e2e75e0782

HTTP Headers

GET /lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true

178.249.97.98

200 OK

16 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32175)
Size
16 kB (15878 bytes)
Hash
2d5783392db55081ca489880f7631509
c5f2072bee30a29aff2417ed655ec10bbaf840b0
15f0c1a6604b3b489144f5bfd764de55fe73eeaadab27261a1f80b2e8d4d2538

HTTP Headers

GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:50 GMT
content-type: text/html
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 18:34:50 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
59fc99cc47caa4b6130aab98a9928a66
f69c09fc42619141fcaba7b824d611c484c5e118
01900b9b7fdda1c968ad78ff22f84d84d11bad28d782035c0835a5866b56e35f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 13:42:44 GMT
Expires: Wed, 26 Oct 2022 13:42:43 GMT
Etag: "f69c09fc42619141fcaba7b824d611c484c5e118"
Cache-Control: max-age=327472,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e454536f84b4f4-OSL

report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f:0&_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169&pid=42043be1-b89e-4d5b-ace8-b55fc2a049b4&sn=3&cfg=27baeec&pv=2&aid=

3.87.234.62

200 OK

140 B

URL HTTP/1.1
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f:0&_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169&pid=42043be1-b89e-4d5b-ace8-b55fc2a049b4&sn=3&cfg=27baeec&pv=2&aid=
IP
3.87.234.62:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
140 B (140 bytes)
Hash
4c572cf7038945d6076b921f8b59c2f3
038b8953750028d36004337868399f39d0e63b59
6a56613d22711a8b3055932389a71781153b02c8962130af833aec4ba9a6e036

HTTP Headers

POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f:0&_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169&pid=42043be1-b89e-4d5b-ace8-b55fc2a049b4&sn=3&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 577
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_v=e375cac4-195e-4dbb-9c44-33819c84e169; _cls_s=b168d46a-eb12-460e-935b-563fd9d9030f:0; _cls_cfgver=27baeec; AWSALBCORS=sRrAbPzGEQblxzVXby91aqyXQdS7GA/tA8wh9HH9u8xLweHl16d2dhe+kpmXrkxw+owczR2hSUcDVNUxt6rIXgkJCP4bkULzzfZCJv1z9qeS3CAK+PeL4l70Ynwh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:51 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=fIk3iJqfEqUg10XY2EVqFWlsqpJFZeeTnlbtPFdjMHpDSw/xt1RGkMGogCExOzJKsKPVa+w6C38ig8wGv/g5mOxSLr2qTXjRnqaCFwx16CI+lkSTB2bpgEfg/2/0; Expires=Sat, 29 Oct 2022 18:34:51 GMT; Path=/
AWSALBCORS=fIk3iJqfEqUg10XY2EVqFWlsqpJFZeeTnlbtPFdjMHpDSw/xt1RGkMGogCExOzJKsKPVa+w6C38ig8wGv/g5mOxSLr2qTXjRnqaCFwx16CI+lkSTB2bpgEfg/2/0; Expires=Sat, 29 Oct 2022 18:34:51 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5015

3.87.234.62

200 OK

140 B

URL HTTP/1.1
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f:0&_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169&pid=42043be1-b89e-4d5b-ace8-b55fc2a049b4&sn=4&cfg=27baeec&pv=2&aid=
IP
3.87.234.62:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
140 B (140 bytes)
Hash
4c572cf7038945d6076b921f8b59c2f3
038b8953750028d36004337868399f39d0e63b59
6a56613d22711a8b3055932389a71781153b02c8962130af833aec4ba9a6e036

HTTP Headers

POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=b168d46a-eb12-460e-935b-563fd9d9030f:0&_cls_v=e375cac4-195e-4dbb-9c44-33819c84e169&pid=42043be1-b89e-4d5b-ace8-b55fc2a049b4&sn=4&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 329
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_v=e375cac4-195e-4dbb-9c44-33819c84e169; _cls_s=b168d46a-eb12-460e-935b-563fd9d9030f:0; _cls_cfgver=27baeec; AWSALBCORS=VDL1Z1Oxl9GoEoM1HZe0vPqeu0TevoX2wcb09NzbOQEcNRWCTl1tGALgz65Zdp7sgrGwDScPQwZMaRyWgI9qjDDJbJUuKhn3/lQJcnGdnqEWZ1JsvNbxiirTurMD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:51 GMT
Content-Type: application/json
Content-Length: 140
Connection: keep-alive
Set-Cookie: AWSALB=QKhzROt7wbjaUXY2TJD5X4douBcqMv28ZcSnvpfPyLIQMpfvZdRlHFA7fGvfcgUIXYAGUYMpbbDuKJu5icOK/Jrv9hX+b9ivschDpk01V5cgcmHlHuTC/YFi+Zwl; Expires=Sat, 29 Oct 2022 18:34:51 GMT; Path=/
AWSALBCORS=QKhzROt7wbjaUXY2TJD5X4douBcqMv28ZcSnvpfPyLIQMpfvZdRlHFA7fGvfcgUIXYAGUYMpbbDuKJu5icOK/Jrv9hX+b9ivschDpk01V5cgcmHlHuTC/YFi+Zwl; Expires=Sat, 29 Oct 2022 18:34:51 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5015

lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true

178.249.97.98

200 OK

326 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
data
Size
326 kB (325590 bytes)
Hash
8e6908977c42a2a54ac1350ab58091f7
a28ac7b29fe0e74296207fb67f12f46ee0c9bc68
579e060b4692ec69c1bd061f683ce68d2a9881d9c091d3cc8bf814390fc930e1

HTTP Headers

GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:50 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 18:34:50 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
913f1b27298f63f2a7fd4e4bd111c122
5b7617638b7cb79d235be543f55e2242de9329f7
3edb79be98abcf38d13935f26dd4432747020edf620904eaa8888db00820706a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 18:34:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 11:37:43 GMT
Expires: Fri, 28 Oct 2022 11:37:42 GMT
Etag: "5b7617638b7cb79d235be543f55e2242de9329f7"
Cache-Control: max-age=492770,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4545a292ab4f4-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b527845e4ef66e541722f05b967d3ab8
fae2f305648740155528de9488b4293ac3851613
aaf990706f177eceb80da0ed746955f908e748e061ddd06e7523226550bf278f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1985
Cache-Control: max-age=163417
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 18:34:56 GMT
Etag: "63540b68-1d7"
Expires: Mon, 24 Oct 2022 15:58:33 GMT
Last-Modified: Sat, 22 Oct 2022 15:25:28 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 471

cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?

104.18.14.22

200 OK

0 B

URL HTTP/2
cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
IP
104.18.14.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /citizen/OLB/p/detector-dom.min.js? HTTP/1.1
Host: cdn.glassboxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
content-type: application/javascript
last-modified: Thu, 13 May 2021 10:48:21 GMT
x-amz-version-id: bbfnKPP3ulrtofSzPJqgXAlMwVq2hNWe
content-encoding: gzip
etag: W/"845173368b011e7fa14658b57426fe09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: TjES7ym4ShstKtpj1GLznZjl8VeU-G2N0yGQlAXn4IB-OQXucq9_RQ==
cf-cache-status: HIT
age: 586
expires: Sat, 22 Oct 2022 22:34:49 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 75e45449aa30b4fa-OSL
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

178.249.101.99

200 OK

0 B

URL HTTP/2
accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:9607a889-065b-4f9c-b8ff-50557fda2fe8; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/
ADRUM_BTa=R:35|g:9607a889-065b-4f9c-b8ff-50557fda2fe8|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:7; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 18:35:49 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB

178.249.101.99

200 OK

0 B

URL HTTP/2
accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:ec385b43-24fe-4132-9620-472e8c5deec1; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/
ADRUM_BTa=R:35|g:ec385b43-24fe-4132-9620-472e8c5deec1|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:11; Max-Age=30; Expires=Sat, 22-Oct-2022 18:35:19 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 18:35:49 GMT
x-envoy-upstream-service-time: 2
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 18:34:49 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:40 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 18:34:49 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/lpChatV3.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:49 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 18:34:49 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

va.v.liveperson.net/api/js/89632304?&cb=lpCb89452x69999&t=sp&ts=1666463705251&pid=3689134738&tid=8080834376&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22aa6a9853-a643-4df8-aa98-53a643cdf868%22%2C%22account%22%3A%2289632304%22%7D%5D

208.89.12.87

200 OK

0 B

URL HTTP/2
va.v.liveperson.net/api/js/89632304?&cb=lpCb89452x69999&t=sp&ts=1666463705251&pid=3689134738&tid=8080834376&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22aa6a9853-a643-4df8-aa98-53a643cdf868%22%2C%22account%22%3A%2289632304%22%7D%5D
IP
208.89.12.87:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/js/89632304?&cb=lpCb89452x69999&t=sp&ts=1666463705251&pid=3689134738&tid=8080834376&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php%3Fonline_id%3D4921f827b966178616342b635%26country%3D%26iso%3D&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22aa6a9853-a643-4df8-aa98-53a643cdf868%22%2C%22account%22%3A%2289632304%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:52 GMT
content-type: application/javascript
set-cookie: LPVisitorID=NmZmM2YWVhYmIxNTU1Y2Zi; Expires=Sun, 22-Oct-2023 18:34:52 GMT; Path=/; HttpOnly
LPSessionID=BbrFFll3Tm6vNt9GKkL6Dg; Path=/api/js/89632304; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 22 Oct 2022 18:34:50 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:41 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 18:34:50 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP