Overview

URL citigroupstore.com/
IP20.88.160.189
ASNMICROSOFT-CORP-MSN-AS-BLOCK
Location United States
Report completed2022-10-05 17:53:19 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-05 2 citigroupstore.com/ Phishing
2022-10-05 2 citigroupstore.com/ Phishing
2022-10-05 2 citigroupstore.com/site.css?v=33e6b3bef408d4835bf0e61e2f01da1c Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (55)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS tags.w55c.net (4) 3703 2012-05-22 04:24:43 UTC 2022-10-05 17:50:08 UTC 18.157.92.103
mnemonic passive DNS tags.srv.stackadapt.com (4) 3857 2017-12-30 12:16:27 UTC 2022-10-05 10:30:14 UTC 54.175.93.244
mnemonic passive DNS pixel.pointmediatracker.com (1) 2947 2020-02-11 11:29:16 UTC 2022-10-05 10:26:08 UTC 54.230.111.78
mnemonic passive DNS d2hrivdxn8ekm8.cloudfront.net (2) 0 2022-01-07 14:44:57 UTC 2022-10-05 07:33:00 UTC 54.230.245.59 Unknown ranking
mnemonic passive DNS p.tvpixel.com (2) 1352 2018-04-17 12:54:27 UTC 2022-10-05 07:02:06 UTC 54.196.132.16
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-05 07:13:38 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-05 05:01:05 UTC 34.117.237.239
mnemonic passive DNS acornsprod-dataplane.rudderstack.com (2) 66092 2021-05-10 15:40:56 UTC 2022-10-04 17:12:15 UTC 34.197.86.132
mnemonic passive DNS tr.snapchat.com (4) 978 2017-04-26 06:25:03 UTC 2022-10-05 11:40:07 UTC 35.190.43.134
mnemonic passive DNS ocsp.pki.goog (17) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-05 11:20:17 UTC 142.250.74.168
mnemonic passive DNS analytics.twitter.com (1) 526 2013-04-10 19:53:18 UTC 2022-10-05 10:00:49 UTC 104.244.42.131
mnemonic passive DNS dvqigh9b7wa32.cloudfront.net (1) 0 2021-11-04 15:01:03 UTC 2022-10-05 07:33:01 UTC 54.230.245.61 Unknown ranking
mnemonic passive DNS ocsp.sca1b.amazontrust.com (8) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-05 16:26:49 UTC 142.250.74.174
mnemonic passive DNS e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-10-05 11:38:43 UTC 23.36.77.32
mnemonic passive DNS us-central1-adaptive-growth.cloudfunctions.net (2) 3390 2017-06-26 09:18:55 UTC 2022-10-05 05:58:01 UTC 216.239.36.54
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-05 14:02:21 UTC 54.230.111.118
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-10-05 16:07:29 UTC 93.184.220.29
mnemonic passive DNS www.google.com (2) 7 2016-08-04 12:36:31 UTC 2022-10-05 16:49:33 UTC 142.250.74.164
mnemonic passive DNS ocsp.starfieldtech.com (1) 6616 2012-06-22 18:08:50 UTC 2022-10-05 06:26:08 UTC 192.124.249.24
mnemonic passive DNS t.co (1) 569 2012-07-25 19:09:44 UTC 2022-10-05 10:00:49 UTC 104.244.42.133
mnemonic passive DNS c.tvpixel.com (1) 8255 2018-09-25 06:23:22 UTC 2022-10-05 12:07:37 UTC 54.230.111.129
mnemonic passive DNS www.redditstatic.com (1) 1440 2012-06-30 12:33:28 UTC 2022-10-05 14:41:31 UTC 151.101.85.140
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-05 08:04:57 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS citigroupstore.com (4) 0 2021-08-05 19:35:40 UTC 2021-08-05 19:35:40 UTC 20.88.160.189 Unknown ranking
mnemonic passive DNS a627150995.cdn.optimizely.com (1) 383510 2017-12-27 15:34:04 UTC 2022-06-18 16:01:44 UTC 104.110.8.48
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-10-05 08:04:56 UTC 31.13.72.12
mnemonic passive DNS capi.acorns.com (1) 484603 2021-09-03 07:12:34 UTC 2022-08-23 10:18:15 UTC 216.239.38.21
mnemonic passive DNS cdn.blisspointmedia.com (1) 4310 2019-08-05 18:01:29 UTC 2022-10-05 12:50:48 UTC 54.230.111.119
mnemonic passive DNS cdn.rudderlabs.com (1) 19160 2020-11-19 22:24:42 UTC 2022-10-05 05:49:24 UTC 54.230.111.7
mnemonic passive DNS d1lu3pmaz2ilpx.cloudfront.net (1) 0 2022-01-07 14:44:57 UTC 2022-10-05 07:33:01 UTC 54.230.245.138 Unknown ranking
mnemonic passive DNS aacdn.nagich.com (6) 17244 2018-05-15 10:18:13 UTC 2022-10-05 05:46:05 UTC 104.26.14.45
mnemonic passive DNS static.ads-twitter.com (1) 614 2017-01-30 05:00:15 UTC 2022-10-05 10:00:49 UTC 151.101.84.157
mnemonic passive DNS logx.optimizely.com (1) 1233 2016-10-05 13:33:23 UTC 2022-10-05 12:32:04 UTC 3.221.229.103
mnemonic passive DNS www.google.no (2) 25607 2016-04-05 19:50:59 UTC 2022-10-05 11:20:17 UTC 142.250.74.3
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-10-05 04:35:03 UTC 31.13.72.36
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-05 09:14:56 UTC 52.13.69.101
mnemonic passive DNS secure.adnxs.com (2) 396 2012-05-22 16:37:37 UTC 2022-10-05 07:10:41 UTC 37.252.173.22
mnemonic passive DNS d21y75miwcfqoq.cloudfront.net (1) 0 2021-11-30 08:48:25 UTC 2022-10-05 06:52:18 UTC 54.230.245.9 Unknown ranking
mnemonic passive DNS api.rudderlabs.com (2) 8843 2019-11-25 05:35:41 UTC 2022-10-05 06:08:54 UTC 54.230.111.60
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-10-05 15:14:22 UTC 104.18.32.68
mnemonic passive DNS d330aiyvva2oww.cloudfront.net (1) 0 2021-09-29 06:29:54 UTC 2022-10-05 07:33:01 UTC 54.230.245.138 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-05 06:03:19 UTC 34.160.144.191
mnemonic passive DNS alb.reddit.com (1) 1521 2017-06-15 05:33:56 UTC 2022-10-05 14:41:31 UTC 151.101.85.140
mnemonic passive DNS sqy7rm.media.zestyio.com (64) 344897 2017-09-20 19:42:45 UTC 2022-08-19 15:39:44 UTC 151.101.194.49
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-05 11:30:49 UTC 104.17.25.14
mnemonic passive DNS cdn.optimizely.com (1) 694 2018-03-19 19:09:21 UTC 2022-10-05 07:32:08 UTC 23.38.200.155
mnemonic passive DNS collector-4820.tvsquared.com (3) 481022 2019-06-22 10:47:41 UTC 2022-06-18 15:58:09 UTC 18.219.172.244
mnemonic passive DNS stats.g.doubleclick.net (2) 96 2013-06-02 22:47:44 UTC 2022-10-05 11:20:17 UTC 108.177.14.154
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-10-05 12:33:02 UTC 34.120.237.76
mnemonic passive DNS analytics.tiktok.com (14) 1182 2020-02-29 13:09:05 UTC 2022-10-05 11:40:05 UTC 23.36.79.32
mnemonic passive DNS sc-static.net (1) 1183 2022-01-24 20:13:30 UTC 2022-10-05 10:07:37 UTC 54.230.82.240
mnemonic passive DNS cdn.pdst.fm (1) 3387 2019-01-23 14:37:22 UTC 2022-10-05 05:58:45 UTC 35.244.142.80
mnemonic passive DNS d.impactradius-event.com (1) 2612 2017-02-01 08:42:43 UTC 2022-10-05 06:37:46 UTC 35.186.249.72


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 20.88.160.189

Date UQ / IDS / BL URL IP
2022-10-05 17:53:19 +0000
0 - 0 - 3 citigroupstore.com/ 20.88.160.189

Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK

Date UQ / IDS / BL URL IP
2022-12-08 08:59:52 +0000
5 - 0 - 1 app.secads.club/subu8870195e4983687bb781f16f3 (...) 20.113.187.208
2022-12-08 08:54:35 +0000
0 - 0 - 1 www.email-delivery-system.com/l/index.aspx?co (...) 40.127.192.238
2022-12-08 08:47:06 +0000
0 - 0 - 1 hotmailactivate.us/ 20.103.85.33
2022-12-08 08:18:01 +0000
0 - 0 - 1 hotmail-upgrades.info/ 20.112.52.29
2022-12-08 08:00:13 +0000
0 - 0 - 9 m.wbc699.com/ 20.205.124.61

Last 1 reports on domain: citigroupstore.com

Date UQ / IDS / BL URL IP
2022-10-05 17:53:19 +0000
0 - 0 - 3 citigroupstore.com/ 20.88.160.189

No other reports with similar screenshot



JavaScript

Executed Scripts (59)


Executed Evals (6)

#1 JavaScript::Eval (size: 149, repeated: 1) - SHA256: 144edd9e1a9311c72986acfd3d05f9daca006aaa3a20aed4dcbba1f98a2aa9fe

                                        (function() {
    if (/\S+@\S+\.\S+/.test(google_tag_manager["GTM-5Z5XQQ"].macro(2))) {
        var a = sha256(google_tag_manager["GTM-5Z5XQQ"].macro(3));
        return a
    }
})();
                                    

#2 JavaScript::Eval (size: 260, repeated: 1) - SHA256: e680adc4c3744cbb0737d06f40f7c0a5984e39d5c3d2e3ffcf7f75a866923a5e

                                        (function() {
    return "gtm.historyChange" === google_tag_manager["GTM-5Z5XQQ"].macro(6) && google_tag_manager["GTM-5Z5XQQ"].macro(7) ? google_tag_manager["GTM-5Z5XQQ"].macro(8) + "#" + google_tag_manager["GTM-5Z5XQQ"].macro(9) : google_tag_manager["GTM-5Z5XQQ"].macro(10)
})();
                                    

#3 JavaScript::Eval (size: 133, repeated: 1) - SHA256: d0e13568c6b4683b25d30584308b149734a9f0b8b4cb39bc7e94c42afaeb38f1

                                        (function() {
    var a = String(google_tag_manager["GTM-5Z5XQQ"].macro(12)) + String(google_tag_manager["GTM-5Z5XQQ"].macro(13));
    return a
})();
                                    

#4 JavaScript::Eval (size: 67, repeated: 1) - SHA256: 648fc5f302d3aa34320cff493ccef0834269f35806a752e162e974158d5e1862

                                        (function() {
    var a = sessionStorage.getItem("USER_UUID");
    return a
})();
                                    

#5 JavaScript::Eval (size: 151, repeated: 1) - SHA256: df211f8ac02b48f1b55e0e93c97e07bcf1c9a93adf9a8892442844670db4c3ac

                                        (function() {
    if (/\S+@\S+\.\S+/.test(google_tag_manager["GTM-5Z5XQQ"].macro(14))) {
        var a = sha256(google_tag_manager["GTM-5Z5XQQ"].macro(15));
        return a
    }
})();
                                    

#6 JavaScript::Eval (size: 133, repeated: 1) - SHA256: 1dbe49e5cba51118b4f6c9c7f6d353c9ab91b402bb474cc7d7892c8c62687ad9

                                        (function() {
    var a = String(google_tag_manager["GTM-5Z5XQQ"].macro(16)) + String(google_tag_manager["GTM-5Z5XQQ"].macro(17));
    return a
})();
                                    

Executed Writes (0)



HTTP Transactions (199)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: citigroupstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         20.88.160.189
HTTP/1.1 302 Found
                                        
content-length: 0
location: https://citigroupstore.com/
cache-control: no-cache


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SiKkzN8WjkOPOX5X-3-4_6nzEgz1-bXrLR9P5TxfXL7OtEKZUzEY6Q==
Age: 7550


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9317
Expires: Wed, 05 Oct 2022 20:28:25 GMT
Date: Wed, 05 Oct 2022 17:53:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11454
Expires: Wed, 05 Oct 2022 21:04:02 GMT
Date: Wed, 05 Oct 2022 17:53:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: QPGLAaS9Elxk71hmWLAoMW40AwpqebcepKGj++obcCrQY6018p+s6r/HolBCTvNKpDnVaIidw3o=
x-amz-request-id: 3DAJQWTD75TSCGTR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 17:30:24 GMT
age: 1364
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 17:53:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0070839EF21484DA8A7363B3DCD6872280C5E94074C4424FB8DDAFD0C1CE1D49"
Last-Modified: Mon, 03 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Wed, 05 Oct 2022 23:52:24 GMT
Date: Wed, 05 Oct 2022 17:53:08 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 17:24:10 GMT
Expires: Wed, 05 Oct 2022 17:46:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -Uo_PmoqLg-LGO3wZ3CqKVf9cYvAjP_OEXU8OF4EHIHbfZ6F5RvKjw==
Age: 1737


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: citigroupstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         20.88.160.189
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
content-length: 35836
cache-control: no-cache
content-language: en-us
z-content-zuid: 7-809ae4f8fe-21c60d
z-content-version: 26:9-f2fdfe84c2-p6rwmc
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 11-5859d5d-hsmg1, 6-f8ee8cb1fb-ttrb3j, 7-809ae4f8fe-21c60d, 11-cefb8d8cfc-qj813s, 11-fcbabdcceb-t1f00g, 11-baaeffefa8-s58hrf, 11-f899de9dcb-2g78j2, 11-5859d5d-s8n4w, 11-aced90fc90-7gz7s7, 11-b6e9a885eb-ssc0h8, 11-c0edd0b2b2-vlfg6h, 11-5859d5d-xdvt8h, 11-dedfddb5db-8npksk, 11-aec4b3a2c2-lf3t7b, 11-eecc8193cf-d5hkgw, 6-f6afb1bba2-w9p2zv, 6-5859d56-lskhhw, 6-5859d56-945ggn, 6-5859d56-18ljzb, 6-5859d56-pwtnh0, 6-5859d56-15rv1v, 6-80e3fcc5ae-jzr3g6, 6-9ce8e7fa92-rhw5f2, 6-a0daf1ce9e-vhgzvp, 6-bcbab5a8c0-l8vsl8, 6-a490fff8d2-hnvm3h, 6-c694cdd1c7-gqscl4, 6-ee81ecadcf-j414l3, 6-d88dfef9f8-0x43v4, 6-e6f1b7d7ae-zbfj3g, 6-a888c18088-6rkl7x, 6-bcaadc8ac1-kr8x2c, 6-c89189b0d6-c79c74, 6-bee6efd5a5-vzxzqb, 6-94d9feb0db-q8hs51, 6-e09cdc88a6-87hdsx
z-branch: live
z-engine: WebEngine
z-zuid: 8-4bf69f2-156d5j
z-cdn: FASTLY
z-v: pa-092922-b
content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-bereq-proto: HTTP/1.1
x-bereq-request: GET
x-bereq-url: /
x-bereq-connect-timeout: 0.000
x-bereq-first-byte-timeout: 0.000
x-bereq-between-bytes-timeout: 0.000
x-beresp-proto: HTTP/1.1
x-beresp-status: 200
x-beresp-response: OK
x-beresp-cacheable: 1
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2238
x-cache: HIT, HIT
vary: Accept-Encoding


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2638)
Size:   35836
Md5:    239f4a732a8ddab92e49e71351fd7197
Sha1:   efd5c4d4b87a9fd000ce0fe5fff38d8890014b3d
Sha256: 5c04b254c4dfe569e055016c12c7af050f071ebbbc29bf6bf81ec47a97f8e577

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1198
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:08 GMT
Last-Modified: Wed, 05 Oct 2022 17:33:10 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /Envoy-Home-Hero-Mobile.png?width=50&fit=bounds HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "uxXnOD53bvpw5VmUg8b8aqiTiDjGQrGvDnrW4QqY6Wc"
expires: Tue, 27 Sep 2022 21:45:40 GMT
fastly-io-info: ifsz=144432 idim=640x1167 ifmt=png ofsz=4366 odim=50x91 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Lokw+A==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 4366
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4366
Md5:    48d69e9f2b6ac9a55216561e040fc433
Sha1:   94b618845ed72ad6a37b9c4ea310a7a897e25196
Sha256: 2d7682cac32a8f223208b6511817e870d52e306fc0d58e1c48dcc7e037a98976
                                        
                                            GET /Envoy-Home-Hero-Subs-Carousel-Icon-2.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 14 Sep 2022 16:36:02 GMT
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
etag: "b96db965af94de18393538a4fa9f5a9e"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=mtdF+A==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1822626
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 695
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1712)
Size:   695
Md5:    b96db965af94de18393538a4fa9f5a9e
Sha1:   ec9bb4dca74fbd2213a6496f4b875da189c62be4
Sha256: 08cbfbacf0e620ae90d55a71d81e282e79f12cd72ec94fd6d851b84cef313a38
                                        
                                            GET /Envoy-Home-Hero-Subs-Carousel-Icon-1.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 27 Sep 2022 14:41:28 GMT
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
etag: "250f675d72ee19851be81796848c336c"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=dUyy8Q==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 706300
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 390
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (871)
Size:   390
Md5:    250f675d72ee19851be81796848c336c
Sha1:   6a29568f41ab73c11fb899a3692ee471b265c2b7
Sha256: cfe7978d46723c9d3e2e830d7d824e5dd25e577334c8808272a38b9072a8f61a
                                        
                                            GET /Envoy-Home-Hero-Subs-Carousel-Icon-3.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 14 Sep 2022 16:36:02 GMT
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
etag: "8b579c345625542b07c18af26f6d1a6e"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=7OBeZQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1822626
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 930
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1872)
Size:   930
Md5:    8b579c345625542b07c18af26f6d1a6e
Sha1:   d786a0fdae917616c5aa81f0436e3c172e17bc92
Sha256: 097ea7e267a153b7a9b2d46ccc92ec8ffc3f8b1c2322ed4e50855355c108a4ef
                                        
                                            GET /Envoy-Home-Personal-Investing--1-.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "P+q/iOxCK4RUtWyY/W9AA8zvLs3/6+25OnPcVpZdUE4"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=30113 idim=1195x1079 ifmt=png ofsz=23656 odim=1195x1079 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=vxawdQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680847
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 23656
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   23656
Md5:    ee25dfacbd3e24fc639e7ebe0a2b2882
Sha1:   ab936c3ecb6475f165463d08a90caca534198ad0
Sha256: 7caf2ffab2b945584b22795222c15f55b167d58891bbc7a9279e2c15801a1d0f
                                        
                                            GET /Envoy-Home-Banking--1-.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "wF2JyvnL4jg9uSVFBmbqZG43qg9zn4t9MdO2D4InERc"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=33267 idim=1195x1079 ifmt=png ofsz=25874 odim=1195x1079 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=PspopA==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 25874
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   25874
Md5:    6149ce96ca1cb64b57f953cba15bdf01
Sha1:   dec97163cd34b9f853834c53e07bff4f6c67b9de
Sha256: 50d260c2bdcd019b2ffa054f88f0c2c646acea7bc87d7f34985980661c1cb6b5
                                        
                                            GET /ajax/libs/countup.js/1.9.3/countUp.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 17:53:08 GMT
content-length: 1240
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-ee7"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8033999
expires: Mon, 25 Sep 2023 17:53:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqYHLJGhIdSTCITWTFbxw4MP3SgJrPQ3WTOuTPxWX01H%2FSDMwFqcrNViNE3qCGzT%2BJxCFmLATtX3Ntb%2BDBT2tKALSfg6YUuhaVfnvpIwRKwTgONpKtyEI2mpdYgv6oWAFKu4r3K0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755803deff2db4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3815), with no line terminators
Size:   1240
Md5:    44168b0cca5a8e9c4e390d60da4bdde3
Sha1:   01e32e0b4458b53acb1eb85e2f22de28361aa90c
Sha256: 2de1b6eb77c5ecf2c5542224125ba0c2793b08b1da8d5a0ba204e60f85f4be6b
                                        
                                            GET /Envoy-Home-Later--1-.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "8cgJUZdy3gI7TppPXGbfmTyJDeyACVtNje5QbLAFxSE"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=29010 idim=1195x1079 ifmt=png ofsz=22508 odim=1195x1079 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=MgjBjw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 22508
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   22508
Md5:    285bf3b85291580794fdc7f4f1db97ff
Sha1:   f7b8463feb2f3406ce5bccd87bc83c122f418162
Sha256: a2f8546640817d5f53cfd1a24fc5b20d91d8a8fbe63e4c799d0394c6e7e4d42d
                                        
                                            GET /Invest-Icon-24x24.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 30 Aug 2022 07:47:56 GMT
last-modified: Tue, 23 Mar 2021 00:05:53 GMT
etag: "030a5a74a6a7f32a24f3b8b4184d6bb1"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=1OOPig==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 3150312
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 361
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (608)
Size:   361
Md5:    030a5a74a6a7f32a24f3b8b4184d6bb1
Sha1:   b9b3d68d21c9435ca33221c38cdb3bf3054b6719
Sha256: 4bc424e3072d9f8b31729a1d0af7eb73a1aac2fdf13ca2c9e40bd187b312b2c4
                                        
                                            GET /Envoy-Home-Hero-Subs-Icon-6.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "a/Nbv5SiXgmuuWJelUyRY0E82XBQEbk0gK/x+6W5Qkk"
expires: Fri, 09 Sep 2022 16:05:26 GMT
fastly-io-info: ifsz=20259 idim=250x291 ifmt=png ofsz=11604 odim=250x291 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=s/6gaw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 11604
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   11604
Md5:    eae75126e927893d3f24051809c0f83a
Sha1:   df1788a0acdd522a261f2ea464c295212ad85eac
Sha256: b9af77cdf60c23bce4e0e0380f02192bee73f67a6cd50fdd5633cab3e6f011e1
                                        
                                            GET /Envoy-Home-Hero-Subs-Icon-1.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Fri, 09 Sep 2022 16:05:26 GMT
last-modified: Mon, 13 Jun 2022 20:55:34 GMT
etag: "68f1281fa617aab6cdcdf3ebeabc068f"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=ahCY+w==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 5247
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3558)
Size:   5247
Md5:    68f1281fa617aab6cdcdf3ebeabc068f
Sha1:   3e83ac8901a50a4903bf87b989038119e8df9ca7
Sha256: bbbe8f61b075bad69ca12fcba8dd6ffb53890de85129aad11b0f703f50524b79
                                        
                                            GET /Acorns-Logo.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 06 Sep 2022 14:14:05 GMT
last-modified: Sat, 19 Mar 2022 04:17:27 GMT
etag: "4da172676eaa361cb1a4e17b324252a2"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=shYVZg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2522344
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 657
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1119)
Size:   657
Md5:    4da172676eaa361cb1a4e17b324252a2
Sha1:   3c37af127234d33ec2939a6223b750a496740c45
Sha256: f9827ebc72301a364609aade05149af18b4d89a1007f405fa45cc292cdc99224
                                        
                                            GET /Later-Icon.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 07 Sep 2022 13:24:38 GMT
last-modified: Sat, 20 Mar 2021 00:21:35 GMT
etag: "9bf2644f9b9ab6f29cbe293f70435dc7"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=UtHMWw==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2438910
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 611
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1187)
Size:   611
Md5:    9bf2644f9b9ab6f29cbe293f70435dc7
Sha1:   327c347ab53493c99abe14c2182e703cd64040e0
Sha256: 9760ea457f331a33cc34b03f8666fa817f4aec4cc739e88f6d42c742e6ba82af
                                        
                                            GET /Downward-Carat.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Mon, 12 Sep 2022 15:48:44 GMT
last-modified: Tue, 16 Mar 2021 00:40:20 GMT
etag: "cdfc4747c0a6b879cf6f52eba2e91577"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=s2FxEQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1998265
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 168
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   168
Md5:    cdfc4747c0a6b879cf6f52eba2e91577
Sha1:   080ef847efaff8526c2b468d832436c46282def0
Sha256: 2368952827240f69270f4b532f1a1ff9c9eb05499a4e65f375bb5e87e497218f
                                        
                                            GET /card--learn-.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "+okkSFASShsokBkyYp8XiwH96cMcKJHpmbVjgdI9gss"
expires: Wed, 28 Sep 2022 09:58:48 GMT
fastly-io-info: ifsz=5369 idim=160x160 ifmt=png ofsz=2314 odim=160x160 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=dSBcUg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 636861
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 2314
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2314
Md5:    8ed9fce8e0a9d9c248cc3c756b5f42cd
Sha1:   ed12929f5e18e87de3f989055154694142f03b8d
Sha256: eb5c65ff584eb31f5566b9b2e994b5f6d2159646b29c5f1dbfb76c1a71ad3d30
                                        
                                            GET /card--banking-.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "twKTOAfMxHYCNmzpLSOCEPQcVlmgXDM5byA9p9hKKvk"
expires: Tue, 20 Sep 2022 11:31:52 GMT
fastly-io-info: ifsz=18521 idim=250x291 ifmt=png ofsz=10298 odim=250x291 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=BTEIDQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1322476
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 10298
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   10298
Md5:    8e69e7f2847ff7ad2a6e63c7ddd9b9aa
Sha1:   13fce9dd6f2399f2eba3b7c9bd0c8ccb12cb3d0c
Sha256: d23ce381e31531a28268dd17e8a5043e894577a94b3297b944ff4413ef2733c5
                                        
                                            GET /Sustainable-Icon-24x24.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Fri, 16 Sep 2022 16:51:52 GMT
last-modified: Tue, 23 Mar 2021 00:04:53 GMT
etag: "dad9ac0348535f954a203ce08280dd71"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=NiHaPg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1648876
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 689
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1300)
Size:   689
Md5:    dad9ac0348535f954a203ce08280dd71
Sha1:   e9490fa9b4d2e8ef5779bc1eff966625e52d7edd
Sha256: aa39d6b2a778fe19290442dac33f2e111b51c85562557b470dee069f5a4ba3f5
                                        
                                            GET /Envoy-Home-Hero-Subs-Icon-5.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "/w4ICcli327zPMysd8OxXfney7emh3+L4RzICE0AUjY"
expires: Fri, 09 Sep 2022 16:05:26 GMT
fastly-io-info: ifsz=4886 idim=270x181 ifmt=png ofsz=2158 odim=270x181 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=pqTRmQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 2158
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2158
Md5:    07c6e98bb6df1513a947e93519b98912
Sha1:   ec4347e8ab99a2019289b3195aeb001c1e61bfb9
Sha256: c21cfe877411ab0b04a6e1d75eefc95379274af637e75d1df1da45ec0b2b5769
                                        
                                            GET /Envoy-Home-CLIR-2.png?width=50&fit=bounds HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "tXL/W7pRdqXtMA0HRLRrSM9FiwiDJSQq9oGCpBqt4CQ"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=87814 idim=1024x766 ifmt=png ofsz=3838 odim=50x37 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=LsinJA==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 3838
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3838
Md5:    c2524f97cd24587610d6437dc2c00a59
Sha1:   298f1ca9cc6f2ac93c42cf3fdbe2eb28020c0d28
Sha256: c0864bc7356d9693ebc6e61de0bb1addcfd2693bf3dc8406404d49ea7e4aad79
                                        
                                            GET /Early-icon-24x24.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 09 Aug 2022 08:42:42 GMT
last-modified: Tue, 23 Mar 2021 00:03:29 GMT
etag: "23c273a9f4f6680ed47fe83e9f68e47c"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=KA8Nvg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 4961426
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 872
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1739)
Size:   872
Md5:    23c273a9f4f6680ed47fe83e9f68e47c
Sha1:   d88300087e85758aa61e1b75c294c2ced333ce22
Sha256: 11c3d59fa1024ba9d9d6daf2f80a1d3131858cee99ccfc1a5d93ccd64260af1b
                                        
                                            GET /Envoy-Home-Early--1-.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "l7paFJdLW1SV7a/YPLBwfnIKVyNytDte/s+kSHcP6Po"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=32222 idim=1195x1079 ifmt=png ofsz=25398 odim=1195x1079 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=cCbXUg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 25398
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   25398
Md5:    843807b21de2f47cc7bafa63ad03f27a
Sha1:   608ec595a1cac99314952166cdaf520aa096e663
Sha256: 7ab366f44b70a0614d8da647ee1b296e4493cfd414c12996d3f6b31bd8b0a494
                                        
                                            GET /Light-Theme-Checkout-Stroke.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 28 Sep 2022 06:13:55 GMT
last-modified: Sat, 26 Feb 2022 01:51:06 GMT
etag: "7dc54ea7d0e806322bf272157dd95d69"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Te/OVQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 650354
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 307
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (394)
Size:   307
Md5:    7dc54ea7d0e806322bf272157dd95d69
Sha1:   464925daa56dda30857fb8025ae763e33cf41a7f
Sha256: 7e591677d6615acdbffa856bb99b16686c2232857bdc4a21a2c9c8c3bf2f0289
                                        
                                            GET /Plus-Sign-Purple.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 20 Sep 2022 07:52:20 GMT
last-modified: Sat, 26 Feb 2022 00:53:25 GMT
etag: "4dbec122554c1deed72f0a6e4f3af681"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=32c+eQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1335648
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 186
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   186
Md5:    4dbec122554c1deed72f0a6e4f3af681
Sha1:   96e911751d320e1430f539ca019d6671809451ba
Sha256: ff5e269b72895d660c0553f12040252ab576533187b811c5db17979a4f675579
                                        
                                            GET /CryptoIcon--1-.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 10 Aug 2022 14:41:11 GMT
last-modified: Sat, 19 Mar 2022 22:55:55 GMT
etag: "f1f1247626ac8be534d804582e0b8962"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=CVoKxA==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 4853517
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 2010
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4313)
Size:   2010
Md5:    f1f1247626ac8be534d804582e0b8962
Sha1:   4f0a8915d4ff7f5bf2cb5cdec0447a91945bbbc0
Sha256: 7fa3dfa081e630a129d68c56966f9c95cecde70ebe4ed0a5843f67e4edec3376
                                        
                                            GET /Plus-Sign-White.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 14 Sep 2022 16:36:03 GMT
last-modified: Sat, 26 Feb 2022 00:53:25 GMT
etag: "2eb892863d10e9c31a4a8c0951d3818f"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Tr+EQg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1822626
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 182
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   182
Md5:    2eb892863d10e9c31a4a8c0951d3818f
Sha1:   a60c12052cede958eecc16e180d03e3a75623e81
Sha256: 59be3100efa07029d21777faf8cdefa78d1fd0fdb7f72ac06600192c2c0d913e
                                        
                                            GET /Invest-Dark-Theme.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 07 Sep 2022 22:44:39 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "a7d6431abfad76348679f925975d1ad2"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=/VAk/A==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2405310
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 362
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (606)
Size:   362
Md5:    a7d6431abfad76348679f925975d1ad2
Sha1:   5e782867b8fac1b59af983f960863d799818e4c6
Sha256: b53da607eaa995e98bae3e8e4c00f16a755fc8ca1f5af8385e057a1500ea63e1
                                        
                                            GET /Acorns-Logo-With-Text-2022.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Mon, 12 Sep 2022 15:21:53 GMT
last-modified: Sat, 26 Mar 2022 00:49:35 GMT
etag: "885a010bc5039da0cb066799441c5654"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=xHiEmA==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1999876
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 5534
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12349)
Size:   5534
Md5:    885a010bc5039da0cb066799441c5654
Sha1:   4900b8628b9c321759746e381b04fc90aa5bf8b9
Sha256: 599904778887aa2fa0d72b3f033fd71406e23422ce151a6dc81d67e54f8f6048
                                        
                                            GET /Envoy-Home-CLIR-1.png?width=50&fit=bounds HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "cLKJd80hCqLN7YenRq0QZJV5mRwm5VfLsC3HR4BUMg4"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=113537 idim=1024x870 ifmt=png ofsz=4092 odim=50x42 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=tItApQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 4092
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4092
Md5:    24fceca5818cf4769fd5251feea143ff
Sha1:   f8e2bb471ba1f487d4f87e18b45d32f8e361d3e8
Sha256: 12763d57730d65fed3ec1f483cd6d3b7af10882ad2716e7f41b4829c5b8d8ddb
                                        
                                            GET /Invest-Light-Theme.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 14 Sep 2022 16:36:02 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "030a5a74a6a7f32a24f3b8b4184d6bb1"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=1OOPig==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1822626
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 361
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (608)
Size:   361
Md5:    030a5a74a6a7f32a24f3b8b4184d6bb1
Sha1:   b9b3d68d21c9435ca33221c38cdb3bf3054b6719
Sha256: 4bc424e3072d9f8b31729a1d0af7eb73a1aac2fdf13ca2c9e40bd187b312b2c4
                                        
                                            GET /Envoy-Home-Potential.png?width=50&fit=bounds HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "NzjsiLjLKRA2DJFQnO7o40avdkFwhzSlxB2H7GNLGxM"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=197589 idim=590x899 ifmt=png ofsz=3224 odim=50x76 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=ElBNRg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 3224
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3224
Md5:    82664f60e32e7aafc9f710021297a034
Sha1:   a9673bf23cbb5d7e85fcd2c1138d95f2fdaf8f7b
Sha256: c02f494e516bb37b59fdabb0c3ae0b6bf320499f1e1d0e28983f608c8b59bd3b
                                        
                                            GET /Light-Theme-Checkmark.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 20 Sep 2022 08:56:30 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "e0bb67d605b6d742f153af29741f6e13"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=/2k5oQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1331799
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 250
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   250
Md5:    e0bb67d605b6d742f153af29741f6e13
Sha1:   a76387808c57265209e3afd5935f3d9e0399ed21
Sha256: 68b3324bd48950a70d689792d71b9832810f04ea9d81799f419ba1411a17c1c8
                                        
                                            GET /Envoy-Home-ILCR-1.png?width=50&fit=bounds HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "TDJcPr1gnfpfq2NL9E7Uwl7sUibOFs7DfLKxBjL9c6A"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=130093 idim=1024x919 ifmt=png ofsz=4598 odim=50x45 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=bvj7eg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 4598
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4598
Md5:    b0aa729f5c1832668633f8abf15e81e2
Sha1:   b1dc06d3f80059b511b6c5f118c1d9069f410342
Sha256: 8d64e644c033429943fff149c3eea2c7a247b5b286b2bdcd757db2ce50435eb8
                                        
                                            GET /EqualWeb-ADA-icon-green.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 07 Sep 2022 10:59:56 GMT
last-modified: Fri, 14 May 2021 21:28:54 GMT
etag: "bdac2dc9553d7284247686fb121d722a"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=TE6iPg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2447593
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 702
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   702
Md5:    bdac2dc9553d7284247686fb121d722a
Sha1:   1078262258376c71e8e93009f164198b461befff
Sha256: 442010d04d3bb53f3bc2344aa0a237f887bcfcee9817be759c24f6ca17f1a3eb
                                        
                                            GET /Spend-Light-Theme.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 20 Sep 2022 15:00:11 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "16e507be65f676d67e266d1b7c65761d"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=SLJQew==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1309978
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 304
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (382)
Size:   304
Md5:    16e507be65f676d67e266d1b7c65761d
Sha1:   fc419e3ad689115e668c12377d30ad8b4dc758c2
Sha256: a985440953421f44d847e121cb80bf1fddc311f69f14d526bc5ed44bb7814f24
                                        
                                            GET /Twitter.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "7DJeajqO0Fm8Reye6PlwERkTHAgX8gMFpGRURVS7otc"
expires: Tue, 27 Sep 2022 20:51:47 GMT
fastly-io-info: ifsz=807 idim=32x27 ifmt=png ofsz=314 odim=32x27 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=0MY+0g==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 684081
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 314
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   314
Md5:    b56c78b348213a15b59f59dc946cd4ff
Sha1:   ac0034317be2d63ad4b0fea364c75c9720671934
Sha256: 3aee60cca42f067e8cdcde810071fb3c6358107f64dbea07b7ddfa066c0cf37a
                                        
                                            GET /Instagram.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "tSM173AzjOlecdXVmddKLutXeEK/fALh62Njsd2qVdk"
expires: Tue, 27 Sep 2022 20:51:47 GMT
fastly-io-info: ifsz=1267 idim=36x36 ifmt=png ofsz=474 odim=36x36 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=amkUqQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 684081
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 474
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   474
Md5:    ce8cbde8026e3dab99e109862f7888ae
Sha1:   039e53a135696cf8e875d56de5373530715b9bfc
Sha256: 4b036dd6e9efed652f0d3de0d9c0c6a90cdf52bcfb8c70528e327a2da25c64c3
                                        
                                            GET /Earn-Dark-Theme.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 07 Sep 2022 22:44:39 GMT
last-modified: Fri, 25 Feb 2022 23:53:54 GMT
etag: "1932479affb6e14bafd33dbda21df1a1"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=fu++zA==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2405309
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 526
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (996)
Size:   526
Md5:    1932479affb6e14bafd33dbda21df1a1
Sha1:   f4d1393bceeadc5bdab7ddc947e9f7c000d9c68f
Sha256: 50bfca90ed22aba670670dc0ae111a5c81a3fd7fdf32a9eebd4f9cd16c87de52
                                        
                                            GET /Earn-Light-Theme.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 20 Sep 2022 13:54:22 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "51126afd633e4a3234ea0c035eb27c2e"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=LMJoQg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1313926
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 526
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (998)
Size:   526
Md5:    51126afd633e4a3234ea0c035eb27c2e
Sha1:   9ee4aa33eb597d101556d3044f06d740851bb197
Sha256: 8a747e6c8f9819e67adaacf676cbe70ff033fbcc2039cf20c3f455b4221fdfb1
                                        
                                            GET /Spend-Dark-Theme.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 06 Sep 2022 03:19:41 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "8609f16d750afd6da8e46cde75958220"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=jZaNZQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2561607
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 304
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (380)
Size:   304
Md5:    8609f16d750afd6da8e46cde75958220
Sha1:   db1f988fa4b40b042218f6420fdbad9300731a05
Sha256: 9ad4e87c68bd3cce2dd9d9aa1b85fc92182a203e3264a6d6692585800502b6f0
                                        
                                            GET /Envoy-Home-Closing-Sign-Up-Mobile.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "uIoaSGxQvnd5ugz+aPc7c7yyTeJxXhZ0MHDvhr5BtLs"
expires: Tue, 27 Sep 2022 21:45:42 GMT
fastly-io-info: ifsz=29220 idim=503x471 ifmt=png ofsz=14730 odim=503x471 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=6BfdUw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 14730
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   14730
Md5:    44037d8d38552176062a5716501773e5
Sha1:   abd4901246438d4d689e1a6eb377871b40b9e8b4
Sha256: 2463197364fe5f94653f461ae040b20dc0f25f89913db9251fd65bc46a281524
                                        
                                            GET /Envoy-Home-Hero-2.png?width=50&fit=bounds HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "nJuuRWJlSDCpu3i/FTCfSjhU0bglLAwqxm12kT799wU"
expires: Tue, 27 Sep 2022 21:45:40 GMT
fastly-io-info: ifsz=474109 idim=1500x948 ifmt=png ofsz=3270 odim=50x32 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=b5/f5Q==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 3270
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3270
Md5:    296cb9cc145c63d74398eaec77291516
Sha1:   f29904c566a8c261da2101b1d55ee190da9b40c3
Sha256: 295696e28d5eeecf685825f1435d2c124a2c2e5368bd3f34d61821c32ae4c65a
                                        
                                            GET /Dark-Theme-Checkout-Stroke.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 06 Sep 2022 03:19:41 GMT
last-modified: Sat, 26 Feb 2022 01:51:06 GMT
etag: "dc5449f36e2ae3f8dca016f4737e4279"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Jo4L8A==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2561607
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 306
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (392)
Size:   306
Md5:    dc5449f36e2ae3f8dca016f4737e4279
Sha1:   41e7122198a43b7bfd16d9f49a8ec4fa7cc0ca2d
Sha256: 7fe64060a21499d9561b2f1f7934af852f3ef1662a4beb11c57aaa4c74ad10ff
                                        
                                            GET /Facebook.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "V83ya1/ZCR7DHJuNHk8hybOdmgrCuSeuCe0kgCEQ6ww"
expires: Tue, 27 Sep 2022 20:51:47 GMT
fastly-io-info: ifsz=409 idim=17x35 ifmt=png ofsz=208 odim=17x35 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=xK/Gaw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 684081
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 208
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   208
Md5:    006f5dbbadd726229a3e4dfe26c9b2f7
Sha1:   1f0165bb50359e99fa10d8ef497554f9c446488c
Sha256: bab6f584235145000794b7e76bff95af18228137cb4f03a7036c9a91f3dd21c7
                                        
                                            GET /Acorns-Footer-Logo-2x-2022.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "lxdAJOKl1NEOaqTe5OXvr9sUCRk/MmK0pnvwLZY0wX4"
expires: Tue, 27 Sep 2022 21:45:42 GMT
fastly-io-info: ifsz=4845 idim=260x70 ifmt=png ofsz=1676 odim=260x70 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=o+v1Pg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 1676
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1676
Md5:    04a8a1fde3cb46fc1afcf462b721cc6a
Sha1:   db7dcbf1cf094a28851cbc491fd8da90799e1e7f
Sha256: 873c88ff7bb7c09518e3a2a06a06a2719c3cabd1b0b4fd1ed3a1bc2269eb5b39
                                        
                                            GET /Envoy-Home-Hero-Subs-Icon-2.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "zVQ2uGqUmfxdipngAyPD1n/5cBumJ5XAZDP5/Fa6urA"
expires: Fri, 09 Sep 2022 16:05:26 GMT
fastly-io-info: ifsz=33850 idim=270x181 ifmt=png ofsz=22178 odim=270x181 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=HLTOHQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 22178
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   22178
Md5:    0b3ba8ba4ea7902a1ed30a5fad2e7bd1
Sha1:   caa375d19d6c54f904371ed300d694e33ae66dfe
Sha256: c8543898bb9ac66af54b902b4e5f1df174bd02ac3738f5c9cac37607a4c17c72
                                        
                                            GET /main-min.ryQgJnztE.js HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: text/plain
                                        
expires: Wed, 14 Sep 2022 09:21:46 GMT
last-modified: Wed, 03 Apr 2019 22:08:43 GMT
etag: "9ec7bcf40d4f8aaa2925ead687092bd8"
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=rIPO3w==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1848683
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 459
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1086), with no line terminators
Size:   459
Md5:    9ec7bcf40d4f8aaa2925ead687092bd8
Sha1:   434279c713c6e83637084b739e59ff9cbeae50de
Sha256: 355e04720075272e73b9cb04e1621b0553bddf089151f5282234abb3d357d64a
                                        
                                            GET /Envoy-Home-Hero-Subs-Carousel-Icon-4.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "S/UBUb6djv+ofpcrNxD1FpMwe1BOFKFHJsjzg5kK6U4"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=1123 idim=48x48 ifmt=png ofsz=704 odim=48x48 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=B/EM9A==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 704
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   704
Md5:    87f6a480d54c8dc2c137e1d5f38a21b7
Sha1:   04acdf86386cb960c61bd8431413cbbb79ac3605
Sha256: 952c3304ae0979a82e4e53cc49d7172f544974adfbc5808623eaa190b125a9ec
                                        
                                            GET /Acorns-Logo-No-Text-Updt-2022.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 13 Sep 2022 07:11:48 GMT
last-modified: Sat, 26 Mar 2022 00:58:19 GMT
etag: "2a63966f5fc4e064e0f189284f79ea6f"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Dpuarg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1942880
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 5652
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12315)
Size:   5652
Md5:    2a63966f5fc4e064e0f189284f79ea6f
Sha1:   37ecb1b8696e1a72e602fe3c841946c7403318d0
Sha256: f496edeef425f9ace8013c76b0219c7d102529aca4bfaf7058980fde9ff48866
                                        
                                            GET /App-Icon.B1s9Xy3z9.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Tue, 20 Sep 2022 11:37:49 GMT
last-modified: Sat, 26 Mar 2022 00:51:30 GMT
etag: "bfe36219da7351c2b03f1399b0312b6f"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=9VQHXQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1322120
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 692
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1111)
Size:   692
Md5:    bfe36219da7351c2b03f1399b0312b6f
Sha1:   c71514f8c9d2f4be1ac681ca3991974bc8471432
Sha256: b60b68029d559f698f8afb84fdfdf60d73ad663dc727ec24d444325042e944ac
                                        
                                            GET /Dark-Theme-Checkmark.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Mon, 29 Aug 2022 22:16:43 GMT
last-modified: Fri, 25 Feb 2022 23:53:54 GMT
etag: "b42cb3cff780b1be7368d7e39900c91f"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=b0HHZw==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 3184585
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 253
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   253
Md5:    b42cb3cff780b1be7368d7e39900c91f
Sha1:   454e2f91e3b1e2e65094954f5fa418c3ef363d71
Sha256: 9d0514831f25d21a5a727d8fd50b0cf6574d9057aa4d3d8a3e6d66b86043ce33
                                        
                                            GET /Envoy-Home-Press-Quote-Plus.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "qcR2Xdu1bv+GyRd3GQZaUVYbUUo1gfnVLlJP4cr+agI"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=32437 idim=409x434 ifmt=png ofsz=31674 odim=409x434 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=72Gy5Q==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 31674
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   31674
Md5:    d9b140f173e0ddafe25838908a033389
Sha1:   23eff951cae16f095ee9cd253e57baed2bfd799d
Sha256: b9792c6132afafb298632395f335efeb91d3223163b1b7f3a1a60d79811fae4b
                                        
                                            GET /Envoy-Closing-Sign-Up-Component---phone_imageupdate.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "5eF/CCF0wATBO9wb2AXtFsLHRFXceEkjgk5yny2iMzw"
expires: Tue, 27 Sep 2022 21:45:42 GMT
fastly-io-info: ifsz=27451 idim=540x329 ifmt=png ofsz=16486 odim=540x329 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=HSPVZg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 16486
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   16486
Md5:    1f17cc83672422ba49b0e3f8e9922525
Sha1:   8e6e99876770e213844d77dbeb2b9f4c40bb340e
Sha256: 9ed6b0b83b296b589327a658cbdcf4cad83d0bd15f6fe06a4d28d9bff04edf4b
                                        
                                            GET /Envoy-Home-Highlighted-Text-2.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "idw/AXWjpYEA4XZj1I78UCloI7wu+QYgJ1Je7wDn0So"
expires: Tue, 27 Sep 2022 12:47:48 GMT
fastly-io-info: ifsz=49683 idim=420x312 ifmt=png ofsz=44546 odim=420x312 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=vGQRkw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 713121
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 44546
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   44546
Md5:    e6bfeecb1acff0e1a7683b06daee94cf
Sha1:   fbf3bb5935785c4865e9dac767ec07391f2a4ad9
Sha256: ebdc9773a057416bdff20d4743b9894a904c0466d8469ecc2b1b41b5eb57d3c4
                                        
                                            GET /Envoy-Home-Highlighted-Text-4.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "rfGM2FYx8ugeqnxdVnSc0HE2jAfotKbZxCpNDgg1PKE"
expires: Fri, 09 Sep 2022 16:05:26 GMT
fastly-io-info: ifsz=77768 idim=420x577 ifmt=png ofsz=72746 odim=420x577 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=CW5bRA==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 72746
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   72746
Md5:    b863aac13382e3d94e79d3e6ead98f57
Sha1:   a453fbc3e6e19a6f8f1ae09b9c7c603ffb365c7e
Sha256: ab31aaf1e9f55bad18ebd00651ecbd1a5dfae5f3307a8a6b1d73a9ac2d6f8f12
                                        
                                            GET /Footer-Lifestyle.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "zvvV+h/1r6MyRcX1z26E45evbEdy/FYQl2KQel2Zakk"
expires: Tue, 27 Sep 2022 21:45:42 GMT
fastly-io-info: ifsz=84349 idim=420x420 ifmt=png ofsz=77472 odim=420x420 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=7w9I2A==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 77472
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   77472
Md5:    933167962fa661d9c2999d33516c9040
Sha1:   8102ae4fb1e2c0173593b10cc14e173aaec5eb8a
Sha256: b9580de50cc77ba269dd28634f7ba278e2424952269a1fd3defcb76df82774cf
                                        
                                            GET /Env-Home-Highlighted-Text-3-Updt.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "5TVtigATTyU6HucWHS6BTWRgat6OCmJoF0tF+VUJwNc"
expires: Thu, 01 Sep 2022 09:00:39 GMT
fastly-io-info: ifsz=83674 idim=392x436 ifmt=png ofsz=78166 odim=392x436 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=VFIMtg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2973151
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 78166
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   78166
Md5:    ccf4c50ad23328e65bd9e1b7f6afb58e
Sha1:   81e69e0f1f5e23a2bcc02ab016a3c4b2a020494a
Sha256: 015a773fd5c9fff88a47b3fd9606c59318d1be9a65ab873ec35e10f90ff8b606
                                        
                                            GET /Press-Quote-Carousel-Phone-Image-Home.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "9YjgL12GzzcV2wXJOK+QYOwLDpRYDP4k4sjQBk3nGl0"
expires: Tue, 27 Sep 2022 22:38:49 GMT
fastly-io-info: ifsz=87266 idim=535x714 ifmt=png ofsz=79142 odim=535x714 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Uc31bQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 677659
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 79142
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   79142
Md5:    469bcf3015b58222901329924aa3c3e9
Sha1:   aac6581da77805414235bd278c52bf4e563f4385
Sha256: 3322b7121f031ac749179272e2d687b4d0a4e5319279dbe3e916cddcdf885642
                                        
                                            GET /Env-Home-Highlighted-Text-1-Updt.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "M4cg/mQ1HFYsANCnjKY9YpQHEZMQ5vpcmivBuxju2hk"
expires: Wed, 28 Sep 2022 08:54:19 GMT
fastly-io-info: ifsz=81140 idim=352x526 ifmt=png ofsz=74136 odim=352x526 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=ZLeQjw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 640729
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 74136
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   74136
Md5:    bf6d6cfb27365d8edaff24c9602c8ab3
Sha1:   5057c89abf654f1322282daa52a5978de264d719
Sha256: bee3ca5a85a9f5922139374e7aa578064bbf4dd94836604028c965daa003e9ef
                                        
                                            GET /Tree-Asset.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "mGk9dZaHZ009xN6qtCdj6szPpXzuYw9PrL82dU9ZW2c"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=132993 idim=800x743 ifmt=png ofsz=125310 odim=800x743 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=qEGJmA==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 125310
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   125310
Md5:    a5c21cbc391ec350e9da3e20ebb3f096
Sha1:   256bd81da36e81ba0780789185fbe8bcf19eba4d
Sha256: b6a57771af3547b7747df54fdcbc55f4c46c09d88f36c2a6beda802c7f3df584
                                        
                                            GET /site.css?v=33e6b3bef408d4835bf0e61e2f01da1c HTTP/1.1 
Host: citigroupstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.88.160.189
HTTP/1.1 200 OK
content-type: text/css; charset=UTF-8
                                        
content-length: 113456
cache-control: max-age=604800, public
pragma: max-age=604800
expires: Wed, 12 Oct 2022 17:15:47 GMT
content-language: en-us
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 8-4bf69f2-156d5j-css
z-branch: live
z-engine: WebEngine
z-zuid: 8-4bf69f2-156d5j
z-cdn: FASTLY
z-v: pa-092922-b
content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-bereq-proto: HTTP/1.1
x-bereq-request: GET
x-bereq-url: /site.css?v=33e6b3bef408d4835bf0e61e2f01da1c
x-bereq-connect-timeout: 0.000
x-bereq-first-byte-timeout: 0.000
x-bereq-between-bytes-timeout: 0.000
x-beresp-proto: HTTP/1.1
x-beresp-status: 200
x-beresp-response: OK
x-beresp-cacheable: 1
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2242
x-cache: MISS, HIT
vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   113456
Md5:    d10869607145e66ba287eea433ca6d44
Sha1:   4d367eb079e143e8bf5290d516ebfa00ae5287b9
Sha256: c3f845a5716674beb373fc13ab55ec7cdb86bf50a8122db3235ca45afc25c727

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JpgoygxhoVV5HGCzFU3YoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.13.69.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R73EggkIhfPfNx4Gg0MKyDMbwF8=

                                        
                                            GET /js/9730220283.js HTTP/1.1 
Host: cdn.optimizely.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.155
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
x-amz-id-2: QOQC4+yLEw/Q/EwDb+MiWCU4zsHxyfzbcIWfjTCD6Aa65J3rZDiikqogOog9sZD/KBatpTY4Jqk=
x-amz-request-id: GFV1EGRE8F4ZD6B9
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Oct 2022 16:26:23 GMT
etag: "311046b4839b026016b56609ccf8f36d"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 6797
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: GBDWn4v_SB4NvArcY819NWWP3KQv2FDF
accept-ranges: bytes
server: AmazonS3
content-length: 188234
vary: Accept-Encoding
cache-control: max-age=600
date: Wed, 05 Oct 2022 17:53:09 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="110";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65468)
Size:   188234
Md5:    311046b4839b026016b56609ccf8f36d
Sha1:   5aec4ef41538d1da843da3934979d7cd0d8bbdf8
Sha256: 035991707cbcb7fb7841f4fe36d0347b5cf3208aa48222f5aadf9685090aea15
                                        
                                            GET /seg?add=15687583&t=1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.173.22
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Wed, 05 Oct 2022 17:53:09 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D15687583%26t%3D1
AN-X-Request-Uuid: 94c6b08e-e264-47aa-bce5-84e3b464a1bf
Set-Cookie: uuid2=7763887101510388282; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 03-Jan-2023 17:53:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            GET /bounce?%2Fseg%3Fadd%3D15687583%26t%3D1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.173.22
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Wed, 05 Oct 2022 17:53:09 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: cc3badcc-b8d4-4cb6-ac00-ffea4bbb8340
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2H`gq1tvr!@wnf-Te9(>wL5L!!':]$]WPp; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 03-Jan-2023 17:53:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            GET /site.js?v=f01f1da875aa8208bde30719732e95bb HTTP/1.1 
Host: citigroupstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.88.160.189
HTTP/1.1 200 OK
content-type: text/javascript; charset=UTF-8
                                        
content-length: 49164
cache-control: max-age=604800, public
pragma: max-age=604800
expires: Wed, 12 Oct 2022 17:15:47 GMT
content-language: en-us
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 8-4bf69f2-156d5j-js
z-branch: live
z-engine: WebEngine
z-zuid: 8-4bf69f2-156d5j
z-cdn: FASTLY
z-v: pa-092922-b
content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-bereq-proto: HTTP/1.1
x-bereq-request: GET
x-bereq-url: /site.js?v=f01f1da875aa8208bde30719732e95bb
x-bereq-connect-timeout: 0.000
x-bereq-first-byte-timeout: 0.000
x-bereq-between-bytes-timeout: 0.000
x-beresp-proto: HTTP/1.1
x-beresp-status: 200
x-beresp-response: OK
x-beresp-cacheable: 1
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 2242
x-cache: MISS, HIT
vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   49164
Md5:    4bf5de00ac875dd082e7cb3979cf06d8
Sha1:   a44b988a25ec595750d2aafaa41f3c7499724ff3
Sha256: 21a2cb43659aff726763ae9644a26800879443577f60567bf5739fc3fe81c42e
                                        
                                            GET /Env-Home-Press-Carousel-Arrow-Left.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Fri, 09 Sep 2022 16:05:26 GMT
last-modified: Tue, 14 Jun 2022 04:41:26 GMT
etag: "2412aa39e413487dd5d900bf1d8878b3"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=gwTwvg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 2256463
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 219
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   219
Md5:    2412aa39e413487dd5d900bf1d8878b3
Sha1:   e958b13840ffdf73e1628bbcaa1d36260a4d584d
Sha256: 9ccec04da6d6999b279f91800b106ffcdf7127cf29b360e46c3395f36661e644
                                        
                                            GET /Env-Home-Press-Carousel-Arrow-Right.svg HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Fri, 09 Sep 2022 16:05:26 GMT
last-modified: Tue, 14 Jun 2022 04:41:25 GMT
etag: "be84b653f4e835d7a4ba09a783d2e05f"
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=zzCM7w==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 2256463
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 213
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   213
Md5:    be84b653f4e835d7a4ba09a783d2e05f
Sha1:   45148bdfb56c734c377162651bc89f3b4edb5c6c
Sha256: 33ecfaee3642422984b82e70067b1b8e413f1a81232d52caf2aa8c9aaed028c6
                                        
                                            GET /f26faddb-86cc-4477-a253-1e1287684336.woff HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: application/octet-stream
                                        
expires: Tue, 06 Sep 2022 15:01:12 GMT
last-modified: Fri, 04 Aug 2017 23:25:58 GMT
etag: W/"8b3a494f9ba75e904bf84a1b374dca64"
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, Warning, X-GUploader-Response-Body-Transformations, X-GUploader-UploadID, X-Google-Trace, authorization
x-guploader-response-body-transformations: gunzipped
warning: 214 UploadServer gunzipped
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=3rh4IQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 2519518
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 44261
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 44261, version 1.0\012- data
Size:   44261
Md5:    ee23d340b6524413c5dd1120251ad0cb
Sha1:   562aaafaa6842f34b7517b266c2b1b2f379a3a28
Sha256: b7a0651876c9cf7cb6fa7e0255a7c5133aaf309cc3007aef7e2d32ce325c6e9c
                                        
                                            GET /1e9892c0-6927-4412-9874-1b82801ba47a.woff HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: application/octet-stream
                                        
expires: Wed, 14 Sep 2022 11:43:24 GMT
last-modified: Fri, 04 Aug 2017 22:37:57 GMT
etag: W/"f7dac33800c1d323931830719cf825ab"
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, Warning, X-GUploader-Response-Body-Transformations, X-GUploader-UploadID, X-Google-Trace, authorization
x-guploader-response-body-transformations: gunzipped
warning: 214 UploadServer gunzipped
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Fttf1g==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 1840185
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 50829
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 50829, version 1.0\012- data
Size:   50829
Md5:    fe2ff02769173fa2c393a7b60f8c0f0c
Sha1:   3cda5a9aa7806ee7e029513bc2d97399260b084e
Sha256: 92df2477b56afc4ce0ad3bea35184016a1eeea9d653c1e26087d91a582823988
                                        
                                            GET /client_storage/a627150995.html HTTP/1.1 
Host: a627150995.cdn.optimizely.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.110.8.48
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
x-amz-id-2: ZrFMQoYeIk+ElkbMRobBzSfNv0Myz1WZvU/nw9NS0n3l6kzT70z7OwpKK6Vi7GmswViEPnqS9NA=
x-amz-request-id: FVHAMDHF5A02WXFJ
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Oct 2022 16:26:13 GMT
etag: "288160b3ea16d6e0ad9e09566b9effeb"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: L1aB6auK3b6P2gwqlZjGCRABVmTMd_gE
accept-ranges: bytes
server: AmazonS3
content-length: 803
vary: Accept-Encoding
cache-control: max-age=120
date: Wed, 05 Oct 2022 17:53:09 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="104.110.8.48";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1371)
Size:   803
Md5:    288160b3ea16d6e0ad9e09566b9effeb
Sha1:   b75884ad190b23744529fae55c73540b560bf44f
Sha256: 79748ff82aa2ea506049dc05af373b8d5a33f31c7b6fbd8654a4efa2f8b0b0c1
                                        
                                            GET /91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: application/octet-stream
                                        
expires: Wed, 14 Sep 2022 11:43:24 GMT
last-modified: Tue, 07 Aug 2018 20:46:41 GMT
etag: W/"b1fa927e09042a5d5f0e6ae17920f48d"
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, Warning, X-GUploader-Response-Body-Transformations, X-GUploader-UploadID, X-Google-Trace, authorization
x-guploader-response-body-transformations: gunzipped
warning: 214 UploadServer gunzipped
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=fYvpRw==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 1840185
x-cache: HIT, MISS
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 24606
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 24606, version 1.0\012- data
Size:   24606
Md5:    7d6afb9bfc9ae3dda53b3b8feb59c684
Sha1:   199c0f83cb00f1d0c49bd587b94b70a9c583e384
Sha256: 620660f45d9afea331852f7c4ef47e924069518bbf332b0fda09568f4f51bccf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /Envoy-Home-Hero-2.png HTTP/1.1 
Host: sqy7rm.media.zestyio.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.194.49
HTTP/2 200 OK
content-type: image/webp
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
etag: "ySI8aSQlxrJMxg2qktoa3oUicvsNRcGm+Ni2iH9KfD8"
expires: Tue, 27 Sep 2022 21:45:40 GMT
fastly-io-info: ifsz=474109 idim=1500x948 ifmt=png ofsz=407854 odim=1500x948 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=b5/f5Q==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 680849
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 407854
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   407854
Md5:    95635e16e0235467a80c788d58704ffe
Sha1:   763cff08e060c05987ab0da82b9cf0b92499e062
Sha256: de24e7ea7c4a5166b584f30f1b66aa204b25cceb0e1ba30a1391041ffccc0db8
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "E00993AB549E3741F67AEE6037E2A612059D457380BAFBF32B9EEE9C1A859986"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15946
Expires: Wed, 05 Oct 2022 22:18:55 GMT
Date: Wed, 05 Oct 2022 17:53:09 GMT
Connection: keep-alive

                                        
                                            GET /gtm.js?id=GTM-5Z5XQQ HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 17:53:09 GMT
expires: Wed, 05 Oct 2022 17:53:09 GMT
cache-control: private, max-age=900
last-modified: Wed, 05 Oct 2022 16:43:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57875)
Size:   89680
Md5:    59b302b0e1ca8f44d46f32aa8a69e83a
Sha1:   facbed5a92f42614e8076c3e3c575a1ff8d286c7
Sha256: 5385a53fc14319ab7c9d62a34d68ec73072bb655113ead97607b1903c0a1402d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /sourceConfig/?p=cdn&v=1.16.0 HTTP/1.1 
Host: api.rudderlabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.60
HTTP/2 204 No Content
                                        
date: Wed, 05 Oct 2022 17:53:09 GMT
x-request-id: 930f58a0-44d6-11ed-9240-059d75daa0c4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: authorization
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3ASffuZyQv84JV9O0jwPh9Pd6EM1_hOZ4Mi4Q9SyqmJhjpk2v9DKLA==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:15:24 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AK3sZYxqFMNv5OzDolPBAfHDkrljZLKGwL5euv8V6OCG_sFAsgIUHA==
Age: 5866

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:51:06 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CgTtBYXp57dyTRvkv4tPXa8UKM6RulYep0cKUlsI5dJ0sVMZOMwF8Q==
Age: 3724

                                        
                                            GET /sourceConfig/?p=cdn&v=1.16.0 HTTP/1.1 
Host: api.rudderlabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic MW13eTF0VHJ1dDVQeFVvN3o3Nnp3TFhhT1dsOg==
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.60
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 1576
date: Wed, 05 Oct 2022 17:53:10 GMT
x-request-id: 9325c6d0-44d6-11ed-bbf1-eb6abcb812fd
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-expose-headers: X-Request-ID
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P3QOWBpDPRgq6HLWreDesOcY1H7nc3MmkVF0lHhxmuMNQrgoYwVUuw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1576), with no line terminators
Size:   1576
Md5:    5994ec216b14acdccab096ce2e719e92
Sha1:   2560a97cf508558be2ba753dec34900f08fb8864
Sha256: 62dd9a54178260f35f8cb58bed7abeb5ab9beb0b781db9fb02257ecc979df15e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:27:00 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tQVmcz7WV9Sp94qK5CkCUrsVQCkHdy15SGddZDzo4j6KfeYzu1VdcA==
Age: 5171

                                        
                                            GET /scevent.min.js HTTP/1.1 
Host: sc-static.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.82.240
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 8764
server: CloudFront
date: Wed, 05 Oct 2022 17:53:10 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Thu, 06 Oct 2022 17:04:55 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XD0sxFh9XupI1Swa5O7ht7ShW2O5yxDQU9QxU6qM0hon00-2uRXLLA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25360), with no line terminators
Size:   8764
Md5:    e9a9d4e245fb5df1ac33be19306752e8
Sha1:   246e5996a63a71ce325dff7ca6c9ef71f324b62f
Sha256: 64211912b65ff9a15aa212c8e8f5d4e60b86629d305c130f8824eb55837b8d4a
                                        
                                            OPTIONS /v1/page HTTP/1.1 
Host: acornsprod-dataplane.rudderstack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: anonymousid,authorization,content-type
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.197.86.132
HTTP/2 200 OK
                                        
date: Wed, 05 Oct 2022 17:53:10 GMT
content-length: 0
server: openresty/1.19.9.1
access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://citigroupstore.com
access-control-max-age: 900
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

                                        
                                            GET /js/current/dpm_pixel_min.js?aid=acorns-4298a50a-95ea-4164-bad1-f9fe765ec939 HTTP/1.1 
Host: c.tvpixel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.129
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 105110
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 01:38:54 GMT
etag: "08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NXSskUKpPNy3ye3rb3W_vtL-rX7A5i6c6U4PN3aWLavr4063r0chcg==
age: 58461
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (60150)
Size:   105110
Md5:    08e770c8a17bf087d50cec01af0892c2
Sha1:   15f6bd70687eeff26cd6e72f647b80894b855e7f
Sha256: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
                                        
                                            GET /ads/pixel.js HTTP/1.1 
Host: www.redditstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:10 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25224)
Size:   7722
Md5:    95212d33cfff78ad59f5af5b20c48c53
Sha1:   9b99a4091a6eb716bc68f1428e3c86eca068b25b
Sha256: bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
                                        
                                            GET /tv2track.js HTTP/1.1 
Host: collector-4820.tvsquared.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.219.172.244
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=600
Content-Encoding: gzip
Date: Wed, 05 Oct 2022 17:53:10 GMT
ETag: "6305f9ab-2133"
Expires: Wed, 05 Oct 2022 18:03:10 GMT
Last-Modified: Wed, 24 Aug 2022 10:12:59 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1162)
Size:   8499
Md5:    541a38b4f06e41464c0d654e841ac424
Sha1:   d8e6cdf23733cbe85120de52b58c2c7dbe746758
Sha256: 55df73bbedbdb87259af7ccc47efce4497781d0a3154e97a8e07ff059ace234d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:41:42 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f9M4Se4ARv2DFlaq46WIXJsoBM0Ejx91Mk2TJW4EMmx5nC0C5dOYNg==
Age: 4288

                                        
                                            POST /s/gts1d4/CCh3rUTg6fw HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /v1/page HTTP/1.1 
Host: acornsprod-dataplane.rudderstack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Basic MW13eTF0VHJ1dDVQeFVvN3o3Nnp3TFhhT1dsOg==
AnonymousId: NDVhZTBmZTEtZmY2NC00M2FmLTljYmItZGE4ZmMxNzg2MzZi
Content-Length: 1406
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.197.86.132
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Wed, 05 Oct 2022 17:53:10 GMT
content-length: 2
server: openresty/1.19.9.1
access-control-allow-credentials: true
access-control-allow-origin: https://citigroupstore.com
vary: Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            GET /ping.min.js HTTP/1.1 
Host: cdn.pdst.fm
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.142.80
HTTP/2 200 OK
content-type: application/javascript;
                                        
x-guploader-uploadid: ADPycdsO1wA3xspa7vlBY1uFBBANWCPnHVKSyBDVD7WJJmuVdxoL1frA9vt_KwpAlC4z-S8BY9fU5WclFuWZ0sDwvB5c3o4wX7rG
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 05 Oct 2022 16:58:35 GMT
expires: Wed, 05 Oct 2022 17:58:35 GMT
cache-control: public, max-age=3600
age: 3275
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26948), with no line terminators
Size:   5774
Md5:    d001d1c9f5a942fa5524eeacb047e819
Sha1:   6ebc303d4e3fe71192400673808f37ce1c6a1d25
Sha256: 63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5565
Expires: Wed, 05 Oct 2022 19:25:55 GMT
Date: Wed, 05 Oct 2022 17:53:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5565
Expires: Wed, 05 Oct 2022 19:25:55 GMT
Date: Wed, 05 Oct 2022 17:53:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:30:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:30:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sd2_YDHr3j7ym7wfFyQh9kg8FP-Et2nJUOo1v_TNbI3PvpzEY5KJ2Q==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:07:19 GMT
age: 71151
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7021
Md5:    229c99cfb655a8c9f1a22de69fdff73c
Sha1:   6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
Sha256: f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 72636
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8926
Md5:    1de7c17a0ba9295135e7f8b490b6a8d3
Sha1:   70e8d1589f3daf71378965dd197934e220fb6aa4
Sha256: ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
                                        
                                            GET /tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=207034&h=17&m=53&s=10&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=b071c12981c549a8&_idts=1664992390&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024&gt_ms=206 HTTP/1.1 
Host: collector-4820.tvsquared.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.219.172.244
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: 0141c45e-a536-4129-9c2f-0ad57eb2d71f
Server: nginx
Content-Length: 42
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    00657dd79637a8daf5e6196ca17f1887
Sha1:   3e064855d1fe7c6eac52981a646ec5840ba7efb5
Sha256: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 14:09:21 GMT
Expires: Wed, 12 Oct 2022 14:09:20 GMT
Etag: "16593fb816a725eab4ace2f613739c12cb1c815c"
Cache-Control: max-age=590769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755803e709240afa-OSL

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 49661
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3585
Md5:    5d7d7df8d4c440f9db445c3d99e818d6
Sha1:   612b6dbd4ba895c167964ff7e6d9263013b52b0a
Sha256: bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
                                        
                                            POST /s/gts1d4/CCh3rUTg6fw HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F1ZWwxLKhRC6oSh6gnUxEm5AnYcY-mezJw9mNJ8GmNWnATAKx1JxSg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:26 GMT
age: 69044
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8816
Md5:    100559d746bedd7c3802661c875c35ee
Sha1:   5261a6c2ee6d6cc87e91ee82e32d8be234db393e
Sha256: ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 72636
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5832
Md5:    3257b782efae9b64e6e18a547866ec50
Sha1:   4daf0c001e86af8477fb097e8ca932edb8e5f981
Sha256: 899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
                                        
                                            GET /p?trackId=22723ee0-f4ea-427d-a860-0bfc3df1d907&pid=c8be0027-7179-4908-a50c-1de771b0e87e&ev=PAGE_VIEW&pl=https%3A%2F%2Fcitigroupstore.com%2F&ts=1664992390438&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=2366&m_rd=2577&m_pi=1946&m_dcl=1973&m_fcps=1959&m_pl=0&m_ic=0&m_pv=v2&u_c1=5496429d-b85e-49b2-94e9-fd9c03ea96ff&u_scsid=791b71e3-9f71-4e8b-8684-be0d42753f39&u_sclid=0f5dff01-92f5-442f-95e9-120a40ac848e&s_r_ids=0 HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.43.134
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 17:53:10 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3EwQ3AMAgEsImQjoIIjNOkxxQMn/rhJhXYlNe0xf2vkktO5qfoE5s+oxFe9VhhcAE4DTHDMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 1
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cm/i?pid=c8be0027-7179-4908-a50c-1de771b0e87e&u_scsid=791b71e3-9f71-4e8b-8684-be0d42753f39&u_sclid=0f5dff01-92f5-442f-95e9-120a40ac848e HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Wed, 05 Oct 2022 17:53:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:30:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=958143&h=17&m=53&s=10&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=b071c12981c549a8&_idts=1664992390&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22Site%20Visit%22%2C%22%7B%5C%22rev%5C%22%3A%5C%22%3CREVENUE%3E%5C%22%2C%5C%22prod%5C%22%3A%5C%22%3CPRODUCT%3E%5C%22%2C%5C%22id%5C%22%3A%5C%22%3CACTIONID%3E%5C%22%2C%5C%22promo%5C%22%3A%5C%22%3CPROMOCODE%3E%5C%22%7D%22%5D%7D&cookie=1&res=1280x1024&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%3CUSERREF%3E%5C%22%7D%22%5D%7D&gt_ms=206 HTTP/1.1 
Host: collector-4820.tvsquared.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.219.172.244
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: d847211b-717c-4834-867b-833da46e5fee
Server: nginx
Content-Length: 42
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    00657dd79637a8daf5e6196ca17f1887
Sha1:   3e064855d1fe7c6eac52981a646ec5840ba7efb5
Sha256: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
                                        
                                            GET /A356617-654d-4f72-a649-40b4707b47911.js HTTP/1.1 
Host: d.impactradius-event.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.186.249.72
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
x-guploader-uploadid: ADPycds5nF41SaieGWtKn4uB_MO49KlajlkSfO_mYbEmn2Ey4NF_tfLMaZ2p1YSYTI5NXRJ7KzHQ4_LaLvbDruzaCwsBxUkee3Dr
x-goog-generation: 1660924750492277
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13247
content-encoding: gzip
x-goog-hash: crc32c=wxKGWQ==, md5=RNhbRrXcDCpdRfko54a7gA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 13247
server: UploadServer
date: Wed, 05 Oct 2022 17:53:10 GMT
expires: Wed, 05 Oct 2022 17:58:10 GMT
cache-control: public,max-age=900,s-maxage=300
last-modified: Fri, 19 Aug 2022 15:59:10 GMT
etag: "44d85b46b5dc0c2a5d45f928e786bb80"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (42814), with no line terminators
Size:   13247
Md5:    44d85b46b5dc0c2a5d45f928e786bb80
Sha1:   139376f9cb75194cf849f72daf067e8a2674e10a
Sha256: a9a7f99176ac8ef61f3ad6732b7eb6022077db656f5aec5e3c23d6457cb4bffd
                                        
                                            OPTIONS /pdst-events-prod-sink HTTP/1.1 
Host: us-central1-adaptive-growth.cloudfunctions.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.239.36.54
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: oa6thfpnnu4s
x-powered-by: Express
x-cloud-trace-context: af06bc7f407c0829652fc14aac929b9c
content-encoding: gzip
date: Wed, 05 Oct 2022 17:53:10 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   22
Md5:    8e7120c76040a47f820e8c87b95dddce
Sha1:   0ae6d0d5578537f5011e44f97e812069362ac7b2
Sha256: e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
                                        
                                            GET /assets/locale/en.json HTTP/1.1 
Host: aacdn.nagich.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.14.45
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: public, max-age=2204800
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
etag: W/"f45920b9fc61d71:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCPT%2B%2FmZYe4WzF6CEpKBqGYJb5YkuMn1SU%2FVwF7lmhs6f66dUcSUEJJTcARWU0Sr4AdmrMmdJZuYiYhXsD6bgek9uHi%2F4KQ2w8h17kF8x0uGsfNJaAMUOC9BY9bOR%2BddJU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755803e7ac49b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with CRLF line terminators
Size:   721
Md5:    2ef98f422029d698fd36331d62214575
Sha1:   af3323c691b53c408096c742b91628d3993bd6b5
Sha256: 7507c96ccbc5846638c2ffeedc45bb912696c98fb629ca44bd8eb3e765648840
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 14:09:21 GMT
Expires: Wed, 12 Oct 2022 14:09:20 GMT
Etag: "16593fb816a725eab4ace2f613739c12cb1c815c"
Cache-Control: max-age=590769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755803e9bc560afa-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/XDvm1oDunOU HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 677
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022100517531087BBD4D4FA4A1EE5AD56
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebe7e661a354f1f783ec3bd22fa3fded4c0e4707fb16e56d389666cb9584f7161efd473d146fd68d6b6e5030da852d0a10b9f8651a7abcb98f9786c153556e0b2c
x-origin-response-time: 12,23.218.223.15
x-akamai-request-id: 1cc1dc7e.126d6368
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-cache-remote: TCP_MISS from a23-218-223-15.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=10, inner; dur=9
x-parent-response-time: 112,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 680
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221005175310B9A7BDB2289C5AE74E59
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bee687ac2ffae6170a53b2f8d4667a0c736609af3fab315a063489b8d8916bfffac062cd854d9021ee86c5ea340b3b941
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=4, origin; dur=114
x-origin-response-time: 114,23.36.79.28
x-akamai-request-id: 126d6376
X-Firefox-Spdy: h2

                                        
                                            GET /i18n/pixel/config.js?sdkid=C55585JG5HFBPDLNLOCG&hostname=citigroupstore.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022100517531027307A7928B012E6387D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb1e71f22521701dbe1d3543a59684cf471c291139fa728358124d781c1c926686a677e5626c64c44c80e3630451ffc3e26252271c820c99be0707fe6e7f3bb290
content-encoding: gzip
x-origin-response-time: 18,23.218.223.13
x-akamai-request-id: 60d4c375.126d6208
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Fj4vcdW3XnoBkQhO9SD3ogJEQb; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-223-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=18, inner; dur=14
x-parent-response-time: 116,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 text, with very long lines (58149)
Size:   19490
Md5:    0a79c5cd9d9a9dfa0e21086f56420353
Sha1:   7581de49059508637741abd0d03983134d6a7510
Sha256: e1c80fab363d8fb051ad96f9c71cfbe66e63eac24efa416a549d8ccbd5183ac3
                                        
                                            GET /i18n/pixel/config.js?sdkid=C553833G5HFBPDLNLF4G&hostname=citigroupstore.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022100517531054E82365191867EAB362
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebf56146beb35580b77d63d2c7235f3b77c13ebc5cc240c72d0f9804a1e5d1a6791d0a8246b60f40e60450b8a1055e6379d89c2a71962b385b4b176a72ec84ff5f
content-encoding: gzip
x-origin-response-time: 22,23.218.223.23
x-akamai-request-id: 34362782.126d61f8
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Fj4vbMb58IgYPkAwqB8hkxb7TZ; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=22, inner; dur=15
x-parent-response-time: 121,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 text, with very long lines (58149)
Size:   19506
Md5:    20ba409687eb23543d32464695bb4068
Sha1:   65d7cd02db2403ebb08dea34557bd28bc1059841
Sha256: 015b6523b5c12592fd2b0f2320e33b793a7564427a7f4ddbab1a21f351beef4d
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 733
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221005175310A62F0325BEF1D2E59D62
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b49350ec2f3d338cf85434ae43b594d40a3f8f8050d30b8989bef692b8f355a2eba05e432eb097b1d6fe42a87bfb7aec2
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=8, origin; dur=118
x-origin-response-time: 118,23.36.79.28
x-akamai-request-id: 126d639d
X-Firefox-Spdy: h2

                                        
                                            POST /pdst-events-prod-sink HTTP/1.1 
Host: us-central1-adaptive-growth.cloudfunctions.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://citigroupstore.com
Content-Length: 470
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.239.36.54
HTTP/2 204 No Content
content-type: text/html
                                        
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: dfi7r85wsb5q
x-powered-by: Express
x-cloud-trace-context: cad6a6e51a7bcd85a8ecc295f6440256
date: Wed, 05 Oct 2022 17:53:10 GMT
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 730
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221005175310BD185E03F899F2E6551E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bee687ac2ffae6170a53b2f8d4667a0c704fb22939769eef3e3135094fed24dae7c66dbde235bd86f2cc4c3997675d96a
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=15, origin; dur=120
x-origin-response-time: 120,23.36.79.28
x-akamai-request-id: 126d63ae
X-Firefox-Spdy: h2

                                        
                                            GET /i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221005175310BE1BC161809B9BE871A5
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b80ad1e5684bdda291d17645286a7fbd30f662be42accf4acbec4da91222efdd8c8b90ac2780ce1b9b2cde386643cf253
content-encoding: gzip
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=101
x-origin-response-time: 101,23.36.79.28
x-akamai-request-id: 126d6165
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65464)
Size:   37274
Md5:    5bcab8b8b1007410a7a8f11335ab62b3
Sha1:   bef6658069d59aefb2f5df5d385aa48f7bbf6153
Sha256: cc5f385e70a339453a55dd40bfc067d139e553124d8eb569cb7bb80d75459df9
                                        
                                            GET /collector/is_enabled?pids=c8be0027-7179-4908-a50c-1de771b0e87e&tld=com HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.43.134
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 05 Oct 2022 17:53:10 GMT
access-control-allow-origin: https://citigroupstore.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 2
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   101
Md5:    98cb50bd33c39a014e4350790f270455
Sha1:   329d39adaa4da6442a9e174eaca33bc0702ebfa0
Sha256: 6f554d3f3068506aefacf6279d4f69fdbf66b658896b1144631d46c27106cbe9
                                        
                                            GET /i18n/pixel/config.js?sdkid=C551IJ800UN7QUNFF4OG&hostname=citigroupstore.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202210051753105C87796A950836EAA0AB
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b87960a0733184373b08d32ba2dad09634f1648e873a286dd502964b85af721c02fc0d4f27e7333f0ef466b9f47245a5e
content-encoding: gzip
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Fj4vdb6m1c1pVHU8jBRvQunvep; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=5, origin; dur=114
x-origin-response-time: 115,23.36.79.28
x-akamai-request-id: 126d61f1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 text, with very long lines (58149)
Size:   19546
Md5:    6e683b924d5c5f587954f79383c102c8
Sha1:   085186fbe435c02ec49c0f81214992da0fee567a
Sha256: 114526943328550e7ce9969bca40b1414a5c94e8a26febf9ead6c1e1565979f6
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 730
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221005175310881F558F6C1230E3B573
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bf8bbe907938d376f1cb408b6ad2f32d91323f9e58ec8c1542f4aaac5da556df46eb8c9e181053e0b9f1c60efcd80aee8
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=102, cdn-cache; desc=MISS, edge; dur=9, origin; dur=198
x-origin-response-time: 198,23.36.79.28
x-akamai-request-id: 126d6378
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 05 Oct 2022 17:53:11 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 04:03:44 GMT
Expires: Thu, 06 Oct 2022 04:03:44 GMT
ETag: "8f3d091d32a1ff2b02a02fb63b77fc32827879f8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1845
Md5:    27f41d8d1afb5d6466971d76bc3aa30b
Sha1:   8f3d091d32a1ff2b02a02fb63b77fc32827879f8
Sha256: 684f4eb0a727a4190