citigroupstore.com/
20.88.160.189302 Found 0 B IP 20.88.160.189:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: citigroupstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
content-length: 0
location: https://citigroupstore.com/
cache-control: no-cache
firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SiKkzN8WjkOPOX5X-3-4_6nzEgz1-bXrLR9P5TxfXL7OtEKZUzEY6Q==
Age: 7550
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9317
Expires: Wed, 05 Oct 2022 20:28:25 GMT
Date: Wed, 05 Oct 2022 17:53:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11454
Expires: Wed, 05 Oct 2022 21:04:02 GMT
Date: Wed, 05 Oct 2022 17:53:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QPGLAaS9Elxk71hmWLAoMW40AwpqebcepKGj++obcCrQY6018p+s6r/HolBCTvNKpDnVaIidw3o=
x-amz-request-id: 3DAJQWTD75TSCGTR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 17:30:24 GMT
age: 1364
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 17:53:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e1311666c2ffd1ba33dcf3875ea0713f
e10085502d7cd54953af39bba81979f731bd6913
0070839ef21484da8a7363b3dcd6872280c5e94074c4424fb8ddafd0c1ce1d49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0070839EF21484DA8A7363B3DCD6872280C5E94074C4424FB8DDAFD0C1CE1D49"
Last-Modified: Mon, 03 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Wed, 05 Oct 2022 23:52:24 GMT
Date: Wed, 05 Oct 2022 17:53:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 17:24:10 GMT
Expires: Wed, 05 Oct 2022 17:46:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -Uo_PmoqLg-LGO3wZ3CqKVf9cYvAjP_OEXU8OF4EHIHbfZ6F5RvKjw==
Age: 1737
citigroupstore.com/
20.88.160.189200 OK 36 kB IP 20.88.160.189:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2638)
Hash 239f4a732a8ddab92e49e71351fd7197
efd5c4d4b87a9fd000ce0fe5fff38d8890014b3d
5c04b254c4dfe569e055016c12c7af050f071ebbbc29bf6bf81ec47a97f8e577
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: citigroupstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
content-length: 35836
content-type: text/html; charset=UTF-8
cache-control: no-cache
content-language: en-us
z-content-zuid: 7-809ae4f8fe-21c60d
z-content-version: 26:9-f2fdfe84c2-p6rwmc
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 11-5859d5d-hsmg1, 6-f8ee8cb1fb-ttrb3j, 7-809ae4f8fe-21c60d, 11-cefb8d8cfc-qj813s, 11-fcbabdcceb-t1f00g, 11-baaeffefa8-s58hrf, 11-f899de9dcb-2g78j2, 11-5859d5d-s8n4w, 11-aced90fc90-7gz7s7, 11-b6e9a885eb-ssc0h8, 11-c0edd0b2b2-vlfg6h, 11-5859d5d-xdvt8h, 11-dedfddb5db-8npksk, 11-aec4b3a2c2-lf3t7b, 11-eecc8193cf-d5hkgw, 6-f6afb1bba2-w9p2zv, 6-5859d56-lskhhw, 6-5859d56-945ggn, 6-5859d56-18ljzb, 6-5859d56-pwtnh0, 6-5859d56-15rv1v, 6-80e3fcc5ae-jzr3g6, 6-9ce8e7fa92-rhw5f2, 6-a0daf1ce9e-vhgzvp, 6-bcbab5a8c0-l8vsl8, 6-a490fff8d2-hnvm3h, 6-c694cdd1c7-gqscl4, 6-ee81ecadcf-j414l3, 6-d88dfef9f8-0x43v4, 6-e6f1b7d7ae-zbfj3g, 6-a888c18088-6rkl7x, 6-bcaadc8ac1-kr8x2c, 6-c89189b0d6-c79c74, 6-bee6efd5a5-vzxzqb, 6-94d9feb0db-q8hs51, 6-e09cdc88a6-87hdsx
z-branch: live
z-engine: WebEngine
z-zuid: 8-4bf69f2-156d5j
z-cdn: FASTLY
z-v: pa-092922-b
content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-bereq-proto: HTTP/1.1
x-bereq-request: GET
x-bereq-url: /
x-bereq-connect-timeout: 0.000
x-bereq-first-byte-timeout: 0.000
x-bereq-between-bytes-timeout: 0.000
x-beresp-proto: HTTP/1.1
x-beresp-status: 200
x-beresp-response: OK
x-beresp-cacheable: 1
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2238
x-cache: HIT, HIT
vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1198
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:08 GMT
Last-Modified: Wed, 05 Oct 2022 17:33:10 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Mobile.png?width=50&fit=bounds
151.101.194.49200 OK 4.4 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Mobile.png?width=50&fit=bounds
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 48d69e9f2b6ac9a55216561e040fc433
94b618845ed72ad6a37b9c4ea310a7a897e25196
2d7682cac32a8f223208b6511817e870d52e306fc0d58e1c48dcc7e037a98976
GET /Envoy-Home-Hero-Mobile.png?width=50&fit=bounds HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "uxXnOD53bvpw5VmUg8b8aqiTiDjGQrGvDnrW4QqY6Wc"
expires: Tue, 27 Sep 2022 21:45:40 GMT
fastly-io-info: ifsz=144432 idim=640x1167 ifmt=png ofsz=4366 odim=50x91 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Lokw+A==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 4366
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-2.svg
151.101.194.49200 OK 695 B URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-2.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1712)
Hash b96db965af94de18393538a4fa9f5a9e
ec9bb4dca74fbd2213a6496f4b875da189c62be4
08cbfbacf0e620ae90d55a71d81e282e79f12cd72ec94fd6d851b84cef313a38
GET /Envoy-Home-Hero-Subs-Carousel-Icon-2.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 14 Sep 2022 16:36:02 GMT
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
etag: "b96db965af94de18393538a4fa9f5a9e"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=mtdF+A==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1822626
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 695
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-1.svg
151.101.194.49200 OK 390 B URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-1.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (871)
Hash 250f675d72ee19851be81796848c336c
6a29568f41ab73c11fb899a3692ee471b265c2b7
cfe7978d46723c9d3e2e830d7d824e5dd25e577334c8808272a38b9072a8f61a
GET /Envoy-Home-Hero-Subs-Carousel-Icon-1.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 27 Sep 2022 14:41:28 GMT
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
etag: "250f675d72ee19851be81796848c336c"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=dUyy8Q==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 706300
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 390
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-3.svg
151.101.194.49200 OK 930 B URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-3.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1872)
Hash 8b579c345625542b07c18af26f6d1a6e
d786a0fdae917616c5aa81f0436e3c172e17bc92
097ea7e267a153b7a9b2d46ccc92ec8ffc3f8b1c2322ed4e50855355c108a4ef
GET /Envoy-Home-Hero-Subs-Carousel-Icon-3.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 14 Sep 2022 16:36:02 GMT
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
etag: "8b579c345625542b07c18af26f6d1a6e"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=7OBeZQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1822626
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 930
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Personal-Investing--1-.png
151.101.194.49200 OK 24 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Personal-Investing--1-.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ee25dfacbd3e24fc639e7ebe0a2b2882
ab936c3ecb6475f165463d08a90caca534198ad0
7caf2ffab2b945584b22795222c15f55b167d58891bbc7a9279e2c15801a1d0f
GET /Envoy-Home-Personal-Investing--1-.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "P+q/iOxCK4RUtWyY/W9AA8zvLs3/6+25OnPcVpZdUE4"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=30113 idim=1195x1079 ifmt=png ofsz=23656 odim=1195x1079 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=vxawdQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680847
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 23656
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Banking--1-.png
151.101.194.49200 OK 26 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Banking--1-.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6149ce96ca1cb64b57f953cba15bdf01
dec97163cd34b9f853834c53e07bff4f6c67b9de
50d260c2bdcd019b2ffa054f88f0c2c646acea7bc87d7f34985980661c1cb6b5
GET /Envoy-Home-Banking--1-.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "wF2JyvnL4jg9uSVFBmbqZG43qg9zn4t9MdO2D4InERc"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=33267 idim=1195x1079 ifmt=png ofsz=25874 odim=1195x1079 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=PspopA==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 25874
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/countUp.min.js
104.17.25.14200 OK 1.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/countUp.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (3815), with no line terminators
Hash 44168b0cca5a8e9c4e390d60da4bdde3
01e32e0b4458b53acb1eb85e2f22de28361aa90c
2de1b6eb77c5ecf2c5542224125ba0c2793b08b1da8d5a0ba204e60f85f4be6b
GET /ajax/libs/countup.js/1.9.3/countUp.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 1240
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-ee7"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8033999
expires: Mon, 25 Sep 2023 17:53:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqYHLJGhIdSTCITWTFbxw4MP3SgJrPQ3WTOuTPxWX01H%2FSDMwFqcrNViNE3qCGzT%2BJxCFmLATtX3Ntb%2BDBT2tKALSfg6YUuhaVfnvpIwRKwTgONpKtyEI2mpdYgv6oWAFKu4r3K0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755803deff2db4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Later--1-.png
151.101.194.49200 OK 22 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Later--1-.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 285bf3b85291580794fdc7f4f1db97ff
f7b8463feb2f3406ce5bccd87bc83c122f418162
a2f8546640817d5f53cfd1a24fc5b20d91d8a8fbe63e4c799d0394c6e7e4d42d
GET /Envoy-Home-Later--1-.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "8cgJUZdy3gI7TppPXGbfmTyJDeyACVtNje5QbLAFxSE"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=29010 idim=1195x1079 ifmt=png ofsz=22508 odim=1195x1079 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=MgjBjw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 22508
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Invest-Icon-24x24.svg
151.101.194.49200 OK 361 B URL HTTP/2 sqy7rm.media.zestyio.com/Invest-Icon-24x24.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (608)
Hash 030a5a74a6a7f32a24f3b8b4184d6bb1
b9b3d68d21c9435ca33221c38cdb3bf3054b6719
4bc424e3072d9f8b31729a1d0af7eb73a1aac2fdf13ca2c9e40bd187b312b2c4
GET /Invest-Icon-24x24.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 30 Aug 2022 07:47:56 GMT
last-modified: Tue, 23 Mar 2021 00:05:53 GMT
etag: "030a5a74a6a7f32a24f3b8b4184d6bb1"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=1OOPig==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 3150312
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 361
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-6.png
151.101.194.49200 OK 12 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-6.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash eae75126e927893d3f24051809c0f83a
df1788a0acdd522a261f2ea464c295212ad85eac
b9af77cdf60c23bce4e0e0380f02192bee73f67a6cd50fdd5633cab3e6f011e1
GET /Envoy-Home-Hero-Subs-Icon-6.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "a/Nbv5SiXgmuuWJelUyRY0E82XBQEbk0gK/x+6W5Qkk"
expires: Fri, 09 Sep 2022 16:05:26 GMT
fastly-io-info: ifsz=20259 idim=250x291 ifmt=png ofsz=11604 odim=250x291 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=s/6gaw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 11604
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-1.svg
151.101.194.49200 OK 5.2 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-1.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3558)
Hash 68f1281fa617aab6cdcdf3ebeabc068f
3e83ac8901a50a4903bf87b989038119e8df9ca7
bbbe8f61b075bad69ca12fcba8dd6ffb53890de85129aad11b0f703f50524b79
GET /Envoy-Home-Hero-Subs-Icon-1.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Fri, 09 Sep 2022 16:05:26 GMT
last-modified: Mon, 13 Jun 2022 20:55:34 GMT
etag: "68f1281fa617aab6cdcdf3ebeabc068f"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=ahCY+w==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 5247
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Acorns-Logo.svg
151.101.194.49200 OK 657 B URL HTTP/2 sqy7rm.media.zestyio.com/Acorns-Logo.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1119)
Hash 4da172676eaa361cb1a4e17b324252a2
3c37af127234d33ec2939a6223b750a496740c45
f9827ebc72301a364609aade05149af18b4d89a1007f405fa45cc292cdc99224
GET /Acorns-Logo.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 14:14:05 GMT
last-modified: Sat, 19 Mar 2022 04:17:27 GMT
etag: "4da172676eaa361cb1a4e17b324252a2"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=shYVZg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2522344
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 657
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Later-Icon.svg
151.101.194.49200 OK 611 B URL HTTP/2 sqy7rm.media.zestyio.com/Later-Icon.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1187)
Hash 9bf2644f9b9ab6f29cbe293f70435dc7
327c347ab53493c99abe14c2182e703cd64040e0
9760ea457f331a33cc34b03f8666fa817f4aec4cc739e88f6d42c742e6ba82af
GET /Later-Icon.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 07 Sep 2022 13:24:38 GMT
last-modified: Sat, 20 Mar 2021 00:21:35 GMT
etag: "9bf2644f9b9ab6f29cbe293f70435dc7"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=UtHMWw==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2438910
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 611
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Downward-Carat.svg
151.101.194.49200 OK 168 B URL HTTP/2 sqy7rm.media.zestyio.com/Downward-Carat.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash cdfc4747c0a6b879cf6f52eba2e91577
080ef847efaff8526c2b468d832436c46282def0
2368952827240f69270f4b532f1a1ff9c9eb05499a4e65f375bb5e87e497218f
GET /Downward-Carat.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Mon, 12 Sep 2022 15:48:44 GMT
last-modified: Tue, 16 Mar 2021 00:40:20 GMT
etag: "cdfc4747c0a6b879cf6f52eba2e91577"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=s2FxEQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1998265
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 168
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/card--learn-.png
151.101.194.49200 OK 2.3 kB URL HTTP/2 sqy7rm.media.zestyio.com/card--learn-.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8ed9fce8e0a9d9c248cc3c756b5f42cd
ed12929f5e18e87de3f989055154694142f03b8d
eb5c65ff584eb31f5566b9b2e994b5f6d2159646b29c5f1dbfb76c1a71ad3d30
GET /card--learn-.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "+okkSFASShsokBkyYp8XiwH96cMcKJHpmbVjgdI9gss"
expires: Wed, 28 Sep 2022 09:58:48 GMT
fastly-io-info: ifsz=5369 idim=160x160 ifmt=png ofsz=2314 odim=160x160 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=dSBcUg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 636861
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 2314
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/card--banking-.png
151.101.194.49200 OK 10 kB URL HTTP/2 sqy7rm.media.zestyio.com/card--banking-.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e69e7f2847ff7ad2a6e63c7ddd9b9aa
13fce9dd6f2399f2eba3b7c9bd0c8ccb12cb3d0c
d23ce381e31531a28268dd17e8a5043e894577a94b3297b944ff4413ef2733c5
GET /card--banking-.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "twKTOAfMxHYCNmzpLSOCEPQcVlmgXDM5byA9p9hKKvk"
expires: Tue, 20 Sep 2022 11:31:52 GMT
fastly-io-info: ifsz=18521 idim=250x291 ifmt=png ofsz=10298 odim=250x291 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=BTEIDQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1322476
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 10298
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Sustainable-Icon-24x24.svg
151.101.194.49200 OK 689 B URL HTTP/2 sqy7rm.media.zestyio.com/Sustainable-Icon-24x24.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1300)
Hash dad9ac0348535f954a203ce08280dd71
e9490fa9b4d2e8ef5779bc1eff966625e52d7edd
aa39d6b2a778fe19290442dac33f2e111b51c85562557b470dee069f5a4ba3f5
GET /Sustainable-Icon-24x24.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Fri, 16 Sep 2022 16:51:52 GMT
last-modified: Tue, 23 Mar 2021 00:04:53 GMT
etag: "dad9ac0348535f954a203ce08280dd71"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=NiHaPg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1648876
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 689
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-5.png
151.101.194.49200 OK 2.2 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-5.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 07c6e98bb6df1513a947e93519b98912
ec4347e8ab99a2019289b3195aeb001c1e61bfb9
c21cfe877411ab0b04a6e1d75eefc95379274af637e75d1df1da45ec0b2b5769
GET /Envoy-Home-Hero-Subs-Icon-5.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "/w4ICcli327zPMysd8OxXfney7emh3+L4RzICE0AUjY"
expires: Fri, 09 Sep 2022 16:05:26 GMT
fastly-io-info: ifsz=4886 idim=270x181 ifmt=png ofsz=2158 odim=270x181 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=pqTRmQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 2158
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-CLIR-2.png?width=50&fit=bounds
151.101.194.49200 OK 3.8 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-CLIR-2.png?width=50&fit=bounds
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c2524f97cd24587610d6437dc2c00a59
298f1ca9cc6f2ac93c42cf3fdbe2eb28020c0d28
c0864bc7356d9693ebc6e61de0bb1addcfd2693bf3dc8406404d49ea7e4aad79
GET /Envoy-Home-CLIR-2.png?width=50&fit=bounds HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "tXL/W7pRdqXtMA0HRLRrSM9FiwiDJSQq9oGCpBqt4CQ"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=87814 idim=1024x766 ifmt=png ofsz=3838 odim=50x37 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=LsinJA==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 3838
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Early-icon-24x24.svg
151.101.194.49200 OK 872 B URL HTTP/2 sqy7rm.media.zestyio.com/Early-icon-24x24.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1739)
Hash 23c273a9f4f6680ed47fe83e9f68e47c
d88300087e85758aa61e1b75c294c2ced333ce22
11c3d59fa1024ba9d9d6daf2f80a1d3131858cee99ccfc1a5d93ccd64260af1b
GET /Early-icon-24x24.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 09 Aug 2022 08:42:42 GMT
last-modified: Tue, 23 Mar 2021 00:03:29 GMT
etag: "23c273a9f4f6680ed47fe83e9f68e47c"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=KA8Nvg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 4961426
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 872
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Early--1-.png
151.101.194.49200 OK 25 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Early--1-.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 843807b21de2f47cc7bafa63ad03f27a
608ec595a1cac99314952166cdaf520aa096e663
7ab366f44b70a0614d8da647ee1b296e4493cfd414c12996d3f6b31bd8b0a494
GET /Envoy-Home-Early--1-.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "l7paFJdLW1SV7a/YPLBwfnIKVyNytDte/s+kSHcP6Po"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=32222 idim=1195x1079 ifmt=png ofsz=25398 odim=1195x1079 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=cCbXUg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 25398
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Light-Theme-Checkout-Stroke.svg
151.101.194.49200 OK 307 B URL HTTP/2 sqy7rm.media.zestyio.com/Light-Theme-Checkout-Stroke.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (394)
Hash 7dc54ea7d0e806322bf272157dd95d69
464925daa56dda30857fb8025ae763e33cf41a7f
7e591677d6615acdbffa856bb99b16686c2232857bdc4a21a2c9c8c3bf2f0289
GET /Light-Theme-Checkout-Stroke.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 06:13:55 GMT
last-modified: Sat, 26 Feb 2022 01:51:06 GMT
etag: "7dc54ea7d0e806322bf272157dd95d69"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Te/OVQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 650354
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 307
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Plus-Sign-Purple.svg
151.101.194.49200 OK 186 B URL HTTP/2 sqy7rm.media.zestyio.com/Plus-Sign-Purple.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4dbec122554c1deed72f0a6e4f3af681
96e911751d320e1430f539ca019d6671809451ba
ff5e269b72895d660c0553f12040252ab576533187b811c5db17979a4f675579
GET /Plus-Sign-Purple.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 07:52:20 GMT
last-modified: Sat, 26 Feb 2022 00:53:25 GMT
etag: "4dbec122554c1deed72f0a6e4f3af681"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=32c+eQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1335648
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 186
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/CryptoIcon--1-.svg
151.101.194.49200 OK 2.0 kB URL HTTP/2 sqy7rm.media.zestyio.com/CryptoIcon--1-.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4313)
Hash f1f1247626ac8be534d804582e0b8962
4f0a8915d4ff7f5bf2cb5cdec0447a91945bbbc0
7fa3dfa081e630a129d68c56966f9c95cecde70ebe4ed0a5843f67e4edec3376
GET /CryptoIcon--1-.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 10 Aug 2022 14:41:11 GMT
last-modified: Sat, 19 Mar 2022 22:55:55 GMT
etag: "f1f1247626ac8be534d804582e0b8962"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=CVoKxA==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 4853517
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 2010
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Plus-Sign-White.svg
151.101.194.49200 OK 182 B URL HTTP/2 sqy7rm.media.zestyio.com/Plus-Sign-White.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 2eb892863d10e9c31a4a8c0951d3818f
a60c12052cede958eecc16e180d03e3a75623e81
59be3100efa07029d21777faf8cdefa78d1fd0fdb7f72ac06600192c2c0d913e
GET /Plus-Sign-White.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 14 Sep 2022 16:36:03 GMT
last-modified: Sat, 26 Feb 2022 00:53:25 GMT
etag: "2eb892863d10e9c31a4a8c0951d3818f"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Tr+EQg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1822626
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 182
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Invest-Dark-Theme.svg
151.101.194.49200 OK 362 B URL HTTP/2 sqy7rm.media.zestyio.com/Invest-Dark-Theme.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (606)
Hash a7d6431abfad76348679f925975d1ad2
5e782867b8fac1b59af983f960863d799818e4c6
b53da607eaa995e98bae3e8e4c00f16a755fc8ca1f5af8385e057a1500ea63e1
GET /Invest-Dark-Theme.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 07 Sep 2022 22:44:39 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "a7d6431abfad76348679f925975d1ad2"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=/VAk/A==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2405310
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 362
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Acorns-Logo-With-Text-2022.svg
151.101.194.49200 OK 5.5 kB URL HTTP/2 sqy7rm.media.zestyio.com/Acorns-Logo-With-Text-2022.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12349)
Hash 885a010bc5039da0cb066799441c5654
4900b8628b9c321759746e381b04fc90aa5bf8b9
599904778887aa2fa0d72b3f033fd71406e23422ce151a6dc81d67e54f8f6048
GET /Acorns-Logo-With-Text-2022.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Mon, 12 Sep 2022 15:21:53 GMT
last-modified: Sat, 26 Mar 2022 00:49:35 GMT
etag: "885a010bc5039da0cb066799441c5654"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=xHiEmA==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1999876
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 5534
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-CLIR-1.png?width=50&fit=bounds
151.101.194.49200 OK 4.1 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-CLIR-1.png?width=50&fit=bounds
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 24fceca5818cf4769fd5251feea143ff
f8e2bb471ba1f487d4f87e18b45d32f8e361d3e8
12763d57730d65fed3ec1f483cd6d3b7af10882ad2716e7f41b4829c5b8d8ddb
GET /Envoy-Home-CLIR-1.png?width=50&fit=bounds HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "cLKJd80hCqLN7YenRq0QZJV5mRwm5VfLsC3HR4BUMg4"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=113537 idim=1024x870 ifmt=png ofsz=4092 odim=50x42 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=tItApQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 4092
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Invest-Light-Theme.svg
151.101.194.49200 OK 361 B URL HTTP/2 sqy7rm.media.zestyio.com/Invest-Light-Theme.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (608)
Hash 030a5a74a6a7f32a24f3b8b4184d6bb1
b9b3d68d21c9435ca33221c38cdb3bf3054b6719
4bc424e3072d9f8b31729a1d0af7eb73a1aac2fdf13ca2c9e40bd187b312b2c4
GET /Invest-Light-Theme.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 14 Sep 2022 16:36:02 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "030a5a74a6a7f32a24f3b8b4184d6bb1"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=1OOPig==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1822626
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 361
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Potential.png?width=50&fit=bounds
151.101.194.49200 OK 3.2 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Potential.png?width=50&fit=bounds
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 82664f60e32e7aafc9f710021297a034
a9673bf23cbb5d7e85fcd2c1138d95f2fdaf8f7b
c02f494e516bb37b59fdabb0c3ae0b6bf320499f1e1d0e28983f608c8b59bd3b
GET /Envoy-Home-Potential.png?width=50&fit=bounds HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "NzjsiLjLKRA2DJFQnO7o40avdkFwhzSlxB2H7GNLGxM"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=197589 idim=590x899 ifmt=png ofsz=3224 odim=50x76 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=ElBNRg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 3224
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Light-Theme-Checkmark.svg
151.101.194.49200 OK 250 B URL HTTP/2 sqy7rm.media.zestyio.com/Light-Theme-Checkmark.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash e0bb67d605b6d742f153af29741f6e13
a76387808c57265209e3afd5935f3d9e0399ed21
68b3324bd48950a70d689792d71b9832810f04ea9d81799f419ba1411a17c1c8
GET /Light-Theme-Checkmark.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 08:56:30 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "e0bb67d605b6d742f153af29741f6e13"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=/2k5oQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1331799
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 250
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-ILCR-1.png?width=50&fit=bounds
151.101.194.49200 OK 4.6 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-ILCR-1.png?width=50&fit=bounds
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b0aa729f5c1832668633f8abf15e81e2
b1dc06d3f80059b511b6c5f118c1d9069f410342
8d64e644c033429943fff149c3eea2c7a247b5b286b2bdcd757db2ce50435eb8
GET /Envoy-Home-ILCR-1.png?width=50&fit=bounds HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "TDJcPr1gnfpfq2NL9E7Uwl7sUibOFs7DfLKxBjL9c6A"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=130093 idim=1024x919 ifmt=png ofsz=4598 odim=50x45 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=bvj7eg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 4598
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/EqualWeb-ADA-icon-green.svg
151.101.194.49200 OK 702 B URL HTTP/2 sqy7rm.media.zestyio.com/EqualWeb-ADA-icon-green.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bdac2dc9553d7284247686fb121d722a
1078262258376c71e8e93009f164198b461befff
442010d04d3bb53f3bc2344aa0a237f887bcfcee9817be759c24f6ca17f1a3eb
GET /EqualWeb-ADA-icon-green.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 07 Sep 2022 10:59:56 GMT
last-modified: Fri, 14 May 2021 21:28:54 GMT
etag: "bdac2dc9553d7284247686fb121d722a"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=TE6iPg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2447593
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 702
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Spend-Light-Theme.svg
151.101.194.49200 OK 304 B URL HTTP/2 sqy7rm.media.zestyio.com/Spend-Light-Theme.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (382)
Hash 16e507be65f676d67e266d1b7c65761d
fc419e3ad689115e668c12377d30ad8b4dc758c2
a985440953421f44d847e121cb80bf1fddc311f69f14d526bc5ed44bb7814f24
GET /Spend-Light-Theme.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 15:00:11 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "16e507be65f676d67e266d1b7c65761d"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=SLJQew==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1309978
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 304
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Twitter.png
151.101.194.49200 OK 314 B URL HTTP/2 sqy7rm.media.zestyio.com/Twitter.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b56c78b348213a15b59f59dc946cd4ff
ac0034317be2d63ad4b0fea364c75c9720671934
3aee60cca42f067e8cdcde810071fb3c6358107f64dbea07b7ddfa066c0cf37a
GET /Twitter.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "7DJeajqO0Fm8Reye6PlwERkTHAgX8gMFpGRURVS7otc"
expires: Tue, 27 Sep 2022 20:51:47 GMT
fastly-io-info: ifsz=807 idim=32x27 ifmt=png ofsz=314 odim=32x27 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=0MY+0g==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 684081
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 314
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Instagram.png
151.101.194.49200 OK 474 B URL HTTP/2 sqy7rm.media.zestyio.com/Instagram.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ce8cbde8026e3dab99e109862f7888ae
039e53a135696cf8e875d56de5373530715b9bfc
4b036dd6e9efed652f0d3de0d9c0c6a90cdf52bcfb8c70528e327a2da25c64c3
GET /Instagram.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "tSM173AzjOlecdXVmddKLutXeEK/fALh62Njsd2qVdk"
expires: Tue, 27 Sep 2022 20:51:47 GMT
fastly-io-info: ifsz=1267 idim=36x36 ifmt=png ofsz=474 odim=36x36 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=amkUqQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 684081
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 474
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Earn-Dark-Theme.svg
151.101.194.49200 OK 526 B URL HTTP/2 sqy7rm.media.zestyio.com/Earn-Dark-Theme.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (996)
Hash 1932479affb6e14bafd33dbda21df1a1
f4d1393bceeadc5bdab7ddc947e9f7c000d9c68f
50bfca90ed22aba670670dc0ae111a5c81a3fd7fdf32a9eebd4f9cd16c87de52
GET /Earn-Dark-Theme.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 07 Sep 2022 22:44:39 GMT
last-modified: Fri, 25 Feb 2022 23:53:54 GMT
etag: "1932479affb6e14bafd33dbda21df1a1"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=fu++zA==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2405309
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 526
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Earn-Light-Theme.svg
151.101.194.49200 OK 526 B URL HTTP/2 sqy7rm.media.zestyio.com/Earn-Light-Theme.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (998)
Hash 51126afd633e4a3234ea0c035eb27c2e
9ee4aa33eb597d101556d3044f06d740851bb197
8a747e6c8f9819e67adaacf676cbe70ff033fbcc2039cf20c3f455b4221fdfb1
GET /Earn-Light-Theme.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 13:54:22 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "51126afd633e4a3234ea0c035eb27c2e"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=LMJoQg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1313926
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 526
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Spend-Dark-Theme.svg
151.101.194.49200 OK 304 B URL HTTP/2 sqy7rm.media.zestyio.com/Spend-Dark-Theme.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (380)
Hash 8609f16d750afd6da8e46cde75958220
db1f988fa4b40b042218f6420fdbad9300731a05
9ad4e87c68bd3cce2dd9d9aa1b85fc92182a203e3264a6d6692585800502b6f0
GET /Spend-Dark-Theme.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 03:19:41 GMT
last-modified: Fri, 25 Feb 2022 23:53:53 GMT
etag: "8609f16d750afd6da8e46cde75958220"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=jZaNZQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2561607
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 304
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Closing-Sign-Up-Mobile.png
151.101.194.49200 OK 15 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Closing-Sign-Up-Mobile.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 44037d8d38552176062a5716501773e5
abd4901246438d4d689e1a6eb377871b40b9e8b4
2463197364fe5f94653f461ae040b20dc0f25f89913db9251fd65bc46a281524
GET /Envoy-Home-Closing-Sign-Up-Mobile.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "uIoaSGxQvnd5ugz+aPc7c7yyTeJxXhZ0MHDvhr5BtLs"
expires: Tue, 27 Sep 2022 21:45:42 GMT
fastly-io-info: ifsz=29220 idim=503x471 ifmt=png ofsz=14730 odim=503x471 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=6BfdUw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 14730
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-2.png?width=50&fit=bounds
151.101.194.49200 OK 3.3 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-2.png?width=50&fit=bounds
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 296cb9cc145c63d74398eaec77291516
f29904c566a8c261da2101b1d55ee190da9b40c3
295696e28d5eeecf685825f1435d2c124a2c2e5368bd3f34d61821c32ae4c65a
GET /Envoy-Home-Hero-2.png?width=50&fit=bounds HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "nJuuRWJlSDCpu3i/FTCfSjhU0bglLAwqxm12kT799wU"
expires: Tue, 27 Sep 2022 21:45:40 GMT
fastly-io-info: ifsz=474109 idim=1500x948 ifmt=png ofsz=3270 odim=50x32 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=b5/f5Q==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 3270
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Dark-Theme-Checkout-Stroke.svg
151.101.194.49200 OK 306 B URL HTTP/2 sqy7rm.media.zestyio.com/Dark-Theme-Checkout-Stroke.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (392)
Hash dc5449f36e2ae3f8dca016f4737e4279
41e7122198a43b7bfd16d9f49a8ec4fa7cc0ca2d
7fe64060a21499d9561b2f1f7934af852f3ef1662a4beb11c57aaa4c74ad10ff
GET /Dark-Theme-Checkout-Stroke.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 03:19:41 GMT
last-modified: Sat, 26 Feb 2022 01:51:06 GMT
etag: "dc5449f36e2ae3f8dca016f4737e4279"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Jo4L8A==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2561607
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 306
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Facebook.png
151.101.194.49200 OK 208 B URL HTTP/2 sqy7rm.media.zestyio.com/Facebook.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 006f5dbbadd726229a3e4dfe26c9b2f7
1f0165bb50359e99fa10d8ef497554f9c446488c
bab6f584235145000794b7e76bff95af18228137cb4f03a7036c9a91f3dd21c7
GET /Facebook.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "V83ya1/ZCR7DHJuNHk8hybOdmgrCuSeuCe0kgCEQ6ww"
expires: Tue, 27 Sep 2022 20:51:47 GMT
fastly-io-info: ifsz=409 idim=17x35 ifmt=png ofsz=208 odim=17x35 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=xK/Gaw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 684081
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 208
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Acorns-Footer-Logo-2x-2022.png
151.101.194.49200 OK 1.7 kB URL HTTP/2 sqy7rm.media.zestyio.com/Acorns-Footer-Logo-2x-2022.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 04a8a1fde3cb46fc1afcf462b721cc6a
db7dcbf1cf094a28851cbc491fd8da90799e1e7f
873c88ff7bb7c09518e3a2a06a06a2719c3cabd1b0b4fd1ed3a1bc2269eb5b39
GET /Acorns-Footer-Logo-2x-2022.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "lxdAJOKl1NEOaqTe5OXvr9sUCRk/MmK0pnvwLZY0wX4"
expires: Tue, 27 Sep 2022 21:45:42 GMT
fastly-io-info: ifsz=4845 idim=260x70 ifmt=png ofsz=1676 odim=260x70 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=o+v1Pg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 1676
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-2.png
151.101.194.49200 OK 22 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-2.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0b3ba8ba4ea7902a1ed30a5fad2e7bd1
caa375d19d6c54f904371ed300d694e33ae66dfe
c8543898bb9ac66af54b902b4e5f1df174bd02ac3738f5c9cac37607a4c17c72
GET /Envoy-Home-Hero-Subs-Icon-2.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "zVQ2uGqUmfxdipngAyPD1n/5cBumJ5XAZDP5/Fa6urA"
expires: Fri, 09 Sep 2022 16:05:26 GMT
fastly-io-info: ifsz=33850 idim=270x181 ifmt=png ofsz=22178 odim=270x181 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=HLTOHQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 22178
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/main-min.ryQgJnztE.js
151.101.194.49200 OK 459 B URL HTTP/2 sqy7rm.media.zestyio.com/main-min.ryQgJnztE.js
IP 151.101.194.49:0
File type ASCII text, with very long lines (1086), with no line terminators
Hash 9ec7bcf40d4f8aaa2925ead687092bd8
434279c713c6e83637084b739e59ff9cbeae50de
355e04720075272e73b9cb04e1621b0553bddf089151f5282234abb3d357d64a
GET /main-min.ryQgJnztE.js HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 14 Sep 2022 09:21:46 GMT
last-modified: Wed, 03 Apr 2019 22:08:43 GMT
etag: "9ec7bcf40d4f8aaa2925ead687092bd8"
content-type: text/plain
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=rIPO3w==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1848683
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 459
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-4.png
151.101.194.49200 OK 704 B URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-4.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 87f6a480d54c8dc2c137e1d5f38a21b7
04acdf86386cb960c61bd8431413cbbb79ac3605
952c3304ae0979a82e4e53cc49d7172f544974adfbc5808623eaa190b125a9ec
GET /Envoy-Home-Hero-Subs-Carousel-Icon-4.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "S/UBUb6djv+ofpcrNxD1FpMwe1BOFKFHJsjzg5kK6U4"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=1123 idim=48x48 ifmt=png ofsz=704 odim=48x48 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=B/EM9A==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 704
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Acorns-Logo-No-Text-Updt-2022.svg
151.101.194.49200 OK 5.7 kB URL HTTP/2 sqy7rm.media.zestyio.com/Acorns-Logo-No-Text-Updt-2022.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12315)
Hash 2a63966f5fc4e064e0f189284f79ea6f
37ecb1b8696e1a72e602fe3c841946c7403318d0
f496edeef425f9ace8013c76b0219c7d102529aca4bfaf7058980fde9ff48866
GET /Acorns-Logo-No-Text-Updt-2022.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 13 Sep 2022 07:11:48 GMT
last-modified: Sat, 26 Mar 2022 00:58:19 GMT
etag: "2a63966f5fc4e064e0f189284f79ea6f"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Dpuarg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1942880
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 5652
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/App-Icon.B1s9Xy3z9.svg
151.101.194.49200 OK 692 B URL HTTP/2 sqy7rm.media.zestyio.com/App-Icon.B1s9Xy3z9.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1111)
Hash bfe36219da7351c2b03f1399b0312b6f
c71514f8c9d2f4be1ac681ca3991974bc8471432
b60b68029d559f698f8afb84fdfdf60d73ad663dc727ec24d444325042e944ac
GET /App-Icon.B1s9Xy3z9.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 11:37:49 GMT
last-modified: Sat, 26 Mar 2022 00:51:30 GMT
etag: "bfe36219da7351c2b03f1399b0312b6f"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=9VQHXQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 1322120
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 692
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Dark-Theme-Checkmark.svg
151.101.194.49200 OK 253 B URL HTTP/2 sqy7rm.media.zestyio.com/Dark-Theme-Checkmark.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash b42cb3cff780b1be7368d7e39900c91f
454e2f91e3b1e2e65094954f5fa418c3ef363d71
9d0514831f25d21a5a727d8fd50b0cf6574d9057aa4d3d8a3e6d66b86043ce33
GET /Dark-Theme-Checkmark.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Mon, 29 Aug 2022 22:16:43 GMT
last-modified: Fri, 25 Feb 2022 23:53:54 GMT
etag: "b42cb3cff780b1be7368d7e39900c91f"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=b0HHZw==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 3184585
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 253
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Press-Quote-Plus.png
151.101.194.49200 OK 32 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Press-Quote-Plus.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d9b140f173e0ddafe25838908a033389
23eff951cae16f095ee9cd253e57baed2bfd799d
b9792c6132afafb298632395f335efeb91d3223163b1b7f3a1a60d79811fae4b
GET /Envoy-Home-Press-Quote-Plus.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "qcR2Xdu1bv+GyRd3GQZaUVYbUUo1gfnVLlJP4cr+agI"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=32437 idim=409x434 ifmt=png ofsz=31674 odim=409x434 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=72Gy5Q==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680848
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 31674
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Closing-Sign-Up-Component---phone_imageupdate.png
151.101.194.49200 OK 16 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Closing-Sign-Up-Component---phone_imageupdate.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1f17cc83672422ba49b0e3f8e9922525
8e6e99876770e213844d77dbeb2b9f4c40bb340e
9ed6b0b83b296b589327a658cbdcf4cad83d0bd15f6fe06a4d28d9bff04edf4b
GET /Envoy-Closing-Sign-Up-Component---phone_imageupdate.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "5eF/CCF0wATBO9wb2AXtFsLHRFXceEkjgk5yny2iMzw"
expires: Tue, 27 Sep 2022 21:45:42 GMT
fastly-io-info: ifsz=27451 idim=540x329 ifmt=png ofsz=16486 odim=540x329 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=HSPVZg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 16486
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Highlighted-Text-2.png
151.101.194.49200 OK 44 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Highlighted-Text-2.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e6bfeecb1acff0e1a7683b06daee94cf
fbf3bb5935785c4865e9dac767ec07391f2a4ad9
ebdc9773a057416bdff20d4743b9894a904c0466d8469ecc2b1b41b5eb57d3c4
GET /Envoy-Home-Highlighted-Text-2.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "idw/AXWjpYEA4XZj1I78UCloI7wu+QYgJ1Je7wDn0So"
expires: Tue, 27 Sep 2022 12:47:48 GMT
fastly-io-info: ifsz=49683 idim=420x312 ifmt=png ofsz=44546 odim=420x312 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=vGQRkw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 713121
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 44546
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Envoy-Home-Highlighted-Text-4.png
151.101.194.49200 OK 73 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Highlighted-Text-4.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b863aac13382e3d94e79d3e6ead98f57
a453fbc3e6e19a6f8f1ae09b9c7c603ffb365c7e
ab31aaf1e9f55bad18ebd00651ecbd1a5dfae5f3307a8a6b1d73a9ac2d6f8f12
GET /Envoy-Home-Highlighted-Text-4.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "rfGM2FYx8ugeqnxdVnSc0HE2jAfotKbZxCpNDgg1PKE"
expires: Fri, 09 Sep 2022 16:05:26 GMT
fastly-io-info: ifsz=77768 idim=420x577 ifmt=png ofsz=72746 odim=420x577 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=CW5bRA==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2256462
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 72746
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Footer-Lifestyle.png
151.101.194.49200 OK 78 kB URL HTTP/2 sqy7rm.media.zestyio.com/Footer-Lifestyle.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 933167962fa661d9c2999d33516c9040
8102ae4fb1e2c0173593b10cc14e173aaec5eb8a
b9580de50cc77ba269dd28634f7ba278e2424952269a1fd3defcb76df82774cf
GET /Footer-Lifestyle.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "zvvV+h/1r6MyRcX1z26E45evbEdy/FYQl2KQel2Zakk"
expires: Tue, 27 Sep 2022 21:45:42 GMT
fastly-io-info: ifsz=84349 idim=420x420 ifmt=png ofsz=77472 odim=420x420 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=7w9I2A==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 77472
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Env-Home-Highlighted-Text-3-Updt.png
151.101.194.49200 OK 78 kB URL HTTP/2 sqy7rm.media.zestyio.com/Env-Home-Highlighted-Text-3-Updt.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ccf4c50ad23328e65bd9e1b7f6afb58e
81e69e0f1f5e23a2bcc02ab016a3c4b2a020494a
015a773fd5c9fff88a47b3fd9606c59318d1be9a65ab873ec35e10f90ff8b606
GET /Env-Home-Highlighted-Text-3-Updt.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "5TVtigATTyU6HucWHS6BTWRgat6OCmJoF0tF+VUJwNc"
expires: Thu, 01 Sep 2022 09:00:39 GMT
fastly-io-info: ifsz=83674 idim=392x436 ifmt=png ofsz=78166 odim=392x436 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=VFIMtg==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2973151
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 78166
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Press-Quote-Carousel-Phone-Image-Home.png
151.101.194.49200 OK 79 kB URL HTTP/2 sqy7rm.media.zestyio.com/Press-Quote-Carousel-Phone-Image-Home.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 469bcf3015b58222901329924aa3c3e9
aac6581da77805414235bd278c52bf4e563f4385
3322b7121f031ac749179272e2d687b4d0a4e5319279dbe3e916cddcdf885642
GET /Press-Quote-Carousel-Phone-Image-Home.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "9YjgL12GzzcV2wXJOK+QYOwLDpRYDP4k4sjQBk3nGl0"
expires: Tue, 27 Sep 2022 22:38:49 GMT
fastly-io-info: ifsz=87266 idim=535x714 ifmt=png ofsz=79142 odim=535x714 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Uc31bQ==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 677659
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 79142
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Env-Home-Highlighted-Text-1-Updt.png
151.101.194.49200 OK 74 kB URL HTTP/2 sqy7rm.media.zestyio.com/Env-Home-Highlighted-Text-1-Updt.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bf6d6cfb27365d8edaff24c9602c8ab3
5057c89abf654f1322282daa52a5978de264d719
bee3ca5a85a9f5922139374e7aa578064bbf4dd94836604028c965daa003e9ef
GET /Env-Home-Highlighted-Text-1-Updt.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "M4cg/mQ1HFYsANCnjKY9YpQHEZMQ5vpcmivBuxju2hk"
expires: Wed, 28 Sep 2022 08:54:19 GMT
fastly-io-info: ifsz=81140 idim=352x526 ifmt=png ofsz=74136 odim=352x526 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=ZLeQjw==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 640729
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 74136
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Tree-Asset.png
151.101.194.49200 OK 125 kB URL HTTP/2 sqy7rm.media.zestyio.com/Tree-Asset.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 125 kB (125310 bytes)
Hash a5c21cbc391ec350e9da3e20ebb3f096
256bd81da36e81ba0780789185fbe8bcf19eba4d
b6a57771af3547b7747df54fdcbc55f4c46c09d88f36c2a6beda802c7f3df584
GET /Tree-Asset.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "mGk9dZaHZ009xN6qtCdj6szPpXzuYw9PrL82dU9ZW2c"
expires: Tue, 27 Sep 2022 21:45:41 GMT
fastly-io-info: ifsz=132993 idim=800x743 ifmt=png ofsz=125310 odim=800x743 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=qEGJmA==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 680846
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 125310
X-Firefox-Spdy: h2
citigroupstore.com/site.css?v=33e6b3bef408d4835bf0e61e2f01da1c
20.88.160.189200 OK 114 kB URL HTTP/1.1 citigroupstore.com/site.css?v=33e6b3bef408d4835bf0e61e2f01da1c
IP 20.88.160.189:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 114 kB (113456 bytes)
Hash d10869607145e66ba287eea433ca6d44
4d367eb079e143e8bf5290d516ebfa00ae5287b9
c3f845a5716674beb373fc13ab55ec7cdb86bf50a8122db3235ca45afc25c727
Analyzer Verdict Alert fortinet Phishing
GET /site.css?v=33e6b3bef408d4835bf0e61e2f01da1c HTTP/1.1
Host: citigroupstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
content-length: 113456
content-type: text/css; charset=UTF-8
cache-control: max-age=604800, public
pragma: max-age=604800
expires: Wed, 12 Oct 2022 17:15:47 GMT
content-language: en-us
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 8-4bf69f2-156d5j-css
z-branch: live
z-engine: WebEngine
z-zuid: 8-4bf69f2-156d5j
z-cdn: FASTLY
z-v: pa-092922-b
content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-bereq-proto: HTTP/1.1
x-bereq-request: GET
x-bereq-url: /site.css?v=33e6b3bef408d4835bf0e61e2f01da1c
x-bereq-connect-timeout: 0.000
x-bereq-first-byte-timeout: 0.000
x-bereq-between-bytes-timeout: 0.000
x-beresp-proto: HTTP/1.1
x-beresp-status: 200
x-beresp-response: OK
x-beresp-cacheable: 1
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:08 GMT
age: 2242
x-cache: MISS, HIT
vary: Accept-Encoding
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JpgoygxhoVV5HGCzFU3YoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R73EggkIhfPfNx4Gg0MKyDMbwF8=
cdn.optimizely.com/js/9730220283.js
23.38.200.155200 OK 188 kB URL HTTP/2 cdn.optimizely.com/js/9730220283.js
IP 23.38.200.155:0
File type ASCII text, with very long lines (65468)
Size 188 kB (188234 bytes)
Hash 311046b4839b026016b56609ccf8f36d
5aec4ef41538d1da843da3934979d7cd0d8bbdf8
035991707cbcb7fb7841f4fe36d0347b5cf3208aa48222f5aadf9685090aea15
GET /js/9730220283.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QOQC4+yLEw/Q/EwDb+MiWCU4zsHxyfzbcIWfjTCD6Aa65J3rZDiikqogOog9sZD/KBatpTY4Jqk=
x-amz-request-id: GFV1EGRE8F4ZD6B9
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Oct 2022 16:26:23 GMT
etag: "311046b4839b026016b56609ccf8f36d"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 6797
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: GBDWn4v_SB4NvArcY819NWWP3KQv2FDF
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 188234
vary: Accept-Encoding
cache-control: max-age=600
date: Wed, 05 Oct 2022 17:53:09 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="110";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=15687583&t=1
37.252.173.22307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=15687583&t=1
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=15687583&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 05 Oct 2022 17:53:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D15687583%26t%3D1
AN-X-Request-Uuid: 94c6b08e-e264-47aa-bce5-84e3b464a1bf
Set-Cookie: uuid2=7763887101510388282; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 03-Jan-2023 17:53:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D15687583%26t%3D1
37.252.173.22200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D15687583%26t%3D1
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D15687583%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 05 Oct 2022 17:53:09 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: cc3badcc-b8d4-4cb6-ac00-ffea4bbb8340
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2H`gq1tvr!@wnf-Te9(>wL5L!!':]$]WPp; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 03-Jan-2023 17:53:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
citigroupstore.com/site.js?v=f01f1da875aa8208bde30719732e95bb
20.88.160.189200 OK 49 kB URL HTTP/1.1 citigroupstore.com/site.js?v=f01f1da875aa8208bde30719732e95bb
IP 20.88.160.189:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4bf5de00ac875dd082e7cb3979cf06d8
a44b988a25ec595750d2aafaa41f3c7499724ff3
21a2cb43659aff726763ae9644a26800879443577f60567bf5739fc3fe81c42e
GET /site.js?v=f01f1da875aa8208bde30719732e95bb HTTP/1.1
Host: citigroupstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
content-length: 49164
content-type: text/javascript; charset=UTF-8
cache-control: max-age=604800, public
pragma: max-age=604800
expires: Wed, 12 Oct 2022 17:15:47 GMT
content-language: en-us
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 8-4bf69f2-156d5j-js
z-branch: live
z-engine: WebEngine
z-zuid: 8-4bf69f2-156d5j
z-cdn: FASTLY
z-v: pa-092922-b
content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
referrer-policy: no-referrer
content-encoding: gzip
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-bereq-proto: HTTP/1.1
x-bereq-request: GET
x-bereq-url: /site.js?v=f01f1da875aa8208bde30719732e95bb
x-bereq-connect-timeout: 0.000
x-bereq-first-byte-timeout: 0.000
x-bereq-between-bytes-timeout: 0.000
x-beresp-proto: HTTP/1.1
x-beresp-status: 200
x-beresp-response: OK
x-beresp-cacheable: 1
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 2242
x-cache: MISS, HIT
vary: Accept-Encoding
sqy7rm.media.zestyio.com/Env-Home-Press-Carousel-Arrow-Left.svg
151.101.194.49200 OK 219 B URL HTTP/2 sqy7rm.media.zestyio.com/Env-Home-Press-Carousel-Arrow-Left.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 2412aa39e413487dd5d900bf1d8878b3
e958b13840ffdf73e1628bbcaa1d36260a4d584d
9ccec04da6d6999b279f91800b106ffcdf7127cf29b360e46c3395f36661e644
GET /Env-Home-Press-Carousel-Arrow-Left.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Fri, 09 Sep 2022 16:05:26 GMT
last-modified: Tue, 14 Jun 2022 04:41:26 GMT
etag: "2412aa39e413487dd5d900bf1d8878b3"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=gwTwvg==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 2256463
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 219
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/Env-Home-Press-Carousel-Arrow-Right.svg
151.101.194.49200 OK 213 B URL HTTP/2 sqy7rm.media.zestyio.com/Env-Home-Press-Carousel-Arrow-Right.svg
IP 151.101.194.49:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash be84b653f4e835d7a4ba09a783d2e05f
45148bdfb56c734c377162651bc89f3b4edb5c6c
33ecfaee3642422984b82e70067b1b8e413f1a81232d52caf2aa8c9aaed028c6
GET /Env-Home-Press-Carousel-Arrow-Right.svg HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Fri, 09 Sep 2022 16:05:26 GMT
last-modified: Tue, 14 Jun 2022 04:41:25 GMT
etag: "be84b653f4e835d7a4ba09a783d2e05f"
content-type: image/svg+xml
content-encoding: gzip
access-control-expose-headers: Content-Type, Content-Length, authorization
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=zzCM7w==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 2256463
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 213
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/f26faddb-86cc-4477-a253-1e1287684336.woff
151.101.194.49200 OK 44 kB URL HTTP/2 sqy7rm.media.zestyio.com/f26faddb-86cc-4477-a253-1e1287684336.woff
IP 151.101.194.49:0
File type Web Open Font Format, TrueType, length 44261, version 1.0\012- data
Hash ee23d340b6524413c5dd1120251ad0cb
562aaafaa6842f34b7517b266c2b1b2f379a3a28
b7a0651876c9cf7cb6fa7e0255a7c5133aaf309cc3007aef7e2d32ce325c6e9c
GET /f26faddb-86cc-4477-a253-1e1287684336.woff HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 15:01:12 GMT
last-modified: Fri, 04 Aug 2017 23:25:58 GMT
etag: W/"8b3a494f9ba75e904bf84a1b374dca64"
content-type: application/octet-stream
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, Warning, X-GUploader-Response-Body-Transformations, X-GUploader-UploadID, X-Google-Trace, authorization
x-guploader-response-body-transformations: gunzipped
warning: 214 UploadServer gunzipped
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=3rh4IQ==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 2519518
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 44261
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/1e9892c0-6927-4412-9874-1b82801ba47a.woff
151.101.194.49200 OK 51 kB URL HTTP/2 sqy7rm.media.zestyio.com/1e9892c0-6927-4412-9874-1b82801ba47a.woff
IP 151.101.194.49:0
File type Web Open Font Format, TrueType, length 50829, version 1.0\012- data
Hash fe2ff02769173fa2c393a7b60f8c0f0c
3cda5a9aa7806ee7e029513bc2d97399260b084e
92df2477b56afc4ce0ad3bea35184016a1eeea9d653c1e26087d91a582823988
GET /1e9892c0-6927-4412-9874-1b82801ba47a.woff HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 14 Sep 2022 11:43:24 GMT
last-modified: Fri, 04 Aug 2017 22:37:57 GMT
etag: W/"f7dac33800c1d323931830719cf825ab"
content-type: application/octet-stream
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, Warning, X-GUploader-Response-Body-Transformations, X-GUploader-UploadID, X-Google-Trace, authorization
x-guploader-response-body-transformations: gunzipped
warning: 214 UploadServer gunzipped
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=Fttf1g==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 1840185
x-cache: HIT, HIT
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 50829
X-Firefox-Spdy: h2
a627150995.cdn.optimizely.com/client_storage/a627150995.html
104.110.8.48200 OK 803 B URL HTTP/2 a627150995.cdn.optimizely.com/client_storage/a627150995.html
IP 104.110.8.48:0
File type HTML document, ASCII text, with very long lines (1371)
Hash 288160b3ea16d6e0ad9e09566b9effeb
b75884ad190b23744529fae55c73540b560bf44f
79748ff82aa2ea506049dc05af373b8d5a33f31c7b6fbd8654a4efa2f8b0b0c1
GET /client_storage/a627150995.html HTTP/1.1
Host: a627150995.cdn.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZrFMQoYeIk+ElkbMRobBzSfNv0Myz1WZvU/nw9NS0n3l6kzT70z7OwpKK6Vi7GmswViEPnqS9NA=
x-amz-request-id: FVHAMDHF5A02WXFJ
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Oct 2022 16:26:13 GMT
etag: "288160b3ea16d6e0ad9e09566b9effeb"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: L1aB6auK3b6P2gwqlZjGCRABVmTMd_gE
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 803
vary: Accept-Encoding
cache-control: max-age=120
date: Wed, 05 Oct 2022 17:53:09 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="104.110.8.48";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sqy7rm.media.zestyio.com/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
151.101.194.49200 OK 25 kB URL HTTP/2 sqy7rm.media.zestyio.com/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
IP 151.101.194.49:0
File type Web Open Font Format, TrueType, length 24606, version 1.0\012- data
Hash 7d6afb9bfc9ae3dda53b3b8feb59c684
199c0f83cb00f1d0c49bd587b94b70a9c583e384
620660f45d9afea331852f7c4ef47e924069518bbf332b0fda09568f4f51bccf
GET /91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 14 Sep 2022 11:43:24 GMT
last-modified: Tue, 07 Aug 2018 20:46:41 GMT
etag: W/"b1fa927e09042a5d5f0e6ae17920f48d"
content-type: application/octet-stream
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, Warning, X-GUploader-Response-Body-Transformations, X-GUploader-UploadID, X-Google-Trace, authorization
x-guploader-response-body-transformations: gunzipped
warning: 214 UploadServer gunzipped
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=fYvpRw==
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-request-headers: origin, content-type, accept
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 1840185
x-cache: HIT, MISS
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-length: 24606
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sqy7rm.media.zestyio.com/Envoy-Home-Hero-2.png
151.101.194.49200 OK 408 kB URL HTTP/2 sqy7rm.media.zestyio.com/Envoy-Home-Hero-2.png
IP 151.101.194.49:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 408 kB (407854 bytes)
Hash 95635e16e0235467a80c788d58704ffe
763cff08e060c05987ab0da82b9cf0b92499e062
de24e7ea7c4a5166b584f30f1b66aa204b25cceb0e1ba30a1391041ffccc0db8
GET /Envoy-Home-Hero-2.png HTTP/1.1
Host: sqy7rm.media.zestyio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
content-type: image/webp
etag: "ySI8aSQlxrJMxg2qktoa3oUicvsNRcGm+Ni2iH9KfD8"
expires: Tue, 27 Sep 2022 21:45:40 GMT
fastly-io-info: ifsz=474109 idim=1500x948 ifmt=png ofsz=407854 odim=1500x948 ofmt=webp
fastly-stats: io=1
server: UploadServer
warning: 214 UploadServer gunzipped
x-guploader-response-body-transformations: gunzipped
via: 1.1 varnish, 1.1 varnish
x-hash: crc32c=b5/f5Q==
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:09 GMT
age: 680849
x-cache: HIT, HIT
vary: Accept
cache-control: public, max-age=31536000
content-length: 407854
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e64331383b5fb93bf49a4ba9ca93210f
8aacb155491b618ae751bf768aaab81752bb670a
e00993ab549e3741f67aee6037e2a612059d457380bafbf32b9eee9c1a859986
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E00993AB549E3741F67AEE6037E2A612059D457380BAFBF32B9EEE9C1A859986"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15946
Expires: Wed, 05 Oct 2022 22:18:55 GMT
Date: Wed, 05 Oct 2022 17:53:09 GMT
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ
142.250.74.168200 OK 90 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (57875)
Hash 59b302b0e1ca8f44d46f32aa8a69e83a
facbed5a92f42614e8076c3e3c575a1ff8d286c7
5385a53fc14319ab7c9d62a34d68ec73072bb655113ead97607b1903c0a1402d
GET /gtm.js?id=GTM-5Z5XQQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 17:53:09 GMT
expires: Wed, 05 Oct 2022 17:53:09 GMT
cache-control: private, max-age=900
last-modified: Wed, 05 Oct 2022 16:43:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.rudderlabs.com/sourceConfig/?p=cdn&v=1.16.0
54.230.111.60204 No Content 0 B URL HTTP/2 api.rudderlabs.com/sourceConfig/?p=cdn&v=1.16.0
IP 54.230.111.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sourceConfig/?p=cdn&v=1.16.0 HTTP/1.1
Host: api.rudderlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 05 Oct 2022 17:53:09 GMT
x-request-id: 930f58a0-44d6-11ed-9240-059d75daa0c4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: authorization
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3ASffuZyQv84JV9O0jwPh9Pd6EM1_hOZ4Mi4Q9SyqmJhjpk2v9DKLA==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 596fb1cdbf71615a5986f7831d7156c4
eea65e8b50ace6bd68123d01a99f8c2bd80a627f
a9ede501fd2ad76b16ac834775682552efedf82c0f93a016eae6ddd3bc0caa21
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:15:24 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AK3sZYxqFMNv5OzDolPBAfHDkrljZLKGwL5euv8V6OCG_sFAsgIUHA==
Age: 5866
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 596fb1cdbf71615a5986f7831d7156c4
eea65e8b50ace6bd68123d01a99f8c2bd80a627f
a9ede501fd2ad76b16ac834775682552efedf82c0f93a016eae6ddd3bc0caa21
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:51:06 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CgTtBYXp57dyTRvkv4tPXa8UKM6RulYep0cKUlsI5dJ0sVMZOMwF8Q==
Age: 3724
api.rudderlabs.com/sourceConfig/?p=cdn&v=1.16.0
54.230.111.60200 OK 1.6 kB URL HTTP/2 api.rudderlabs.com/sourceConfig/?p=cdn&v=1.16.0
IP 54.230.111.60:0
File type JSON data\012- , ASCII text, with very long lines (1576), with no line terminators
Hash 5994ec216b14acdccab096ce2e719e92
2560a97cf508558be2ba753dec34900f08fb8864
62dd9a54178260f35f8cb58bed7abeb5ab9beb0b781db9fb02257ecc979df15e
GET /sourceConfig/?p=cdn&v=1.16.0 HTTP/1.1
Host: api.rudderlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic MW13eTF0VHJ1dDVQeFVvN3o3Nnp3TFhhT1dsOg==
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 1576
date: Wed, 05 Oct 2022 17:53:10 GMT
x-request-id: 9325c6d0-44d6-11ed-bbf1-eb6abcb812fd
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-expose-headers: X-Request-ID
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P3QOWBpDPRgq6HLWreDesOcY1H7nc3MmkVF0lHhxmuMNQrgoYwVUuw==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f2eb373e7ffa794c737c153eaab4b6a3
e7f6638d1ee8a04f4612d8c51354489e0bf6e8c9
d32802324a6f5ba9fd3eadd94b6f6a1184a60edf4a4a1f7482c4770070f736be
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:27:00 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tQVmcz7WV9Sp94qK5CkCUrsVQCkHdy15SGddZDzo4j6KfeYzu1VdcA==
Age: 5171
sc-static.net/scevent.min.js
54.230.82.240200 OK 8.8 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (25360), with no line terminators
Hash e9a9d4e245fb5df1ac33be19306752e8
246e5996a63a71ce325dff7ca6c9ef71f324b62f
64211912b65ff9a15aa212c8e8f5d4e60b86629d305c130f8824eb55837b8d4a
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 8764
server: CloudFront
date: Wed, 05 Oct 2022 17:53:10 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Thu, 06 Oct 2022 17:04:55 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XD0sxFh9XupI1Swa5O7ht7ShW2O5yxDQU9QxU6qM0hon00-2uRXLLA==
X-Firefox-Spdy: h2
acornsprod-dataplane.rudderstack.com/v1/page
34.197.86.132200 OK 0 B URL HTTP/2 acornsprod-dataplane.rudderstack.com/v1/page
IP 34.197.86.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/page HTTP/1.1
Host: acornsprod-dataplane.rudderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: anonymousid,authorization,content-type
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
content-length: 0
server: openresty/1.19.9.1
access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://citigroupstore.com
access-control-max-age: 900
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
c.tvpixel.com/js/current/dpm_pixel_min.js?aid=acorns-4298a50a-95ea-4164-bad1-f9fe765ec939
54.230.111.129200 OK 105 kB URL HTTP/2 c.tvpixel.com/js/current/dpm_pixel_min.js?aid=acorns-4298a50a-95ea-4164-bad1-f9fe765ec939
IP 54.230.111.129:0
File type ASCII text, with very long lines (60150)
Size 105 kB (105110 bytes)
Hash 08e770c8a17bf087d50cec01af0892c2
15f6bd70687eeff26cd6e72f647b80894b855e7f
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
GET /js/current/dpm_pixel_min.js?aid=acorns-4298a50a-95ea-4164-bad1-f9fe765ec939 HTTP/1.1
Host: c.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 105110
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 01:38:54 GMT
etag: "08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NXSskUKpPNy3ye3rb3W_vtL-rX7A5i6c6U4PN3aWLavr4063r0chcg==
age: 58461
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 95212d33cfff78ad59f5af5b20c48c53
9b99a4091a6eb716bc68f1428e3c86eca068b25b
bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:10 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
collector-4820.tvsquared.com/tv2track.js
18.219.172.244200 OK 8.5 kB URL HTTP/1.1 collector-4820.tvsquared.com/tv2track.js
IP 18.219.172.244:0
File type ASCII text, with very long lines (1162)
Hash 541a38b4f06e41464c0d654e841ac424
d8e6cdf23733cbe85120de52b58c2c7dbe746758
55df73bbedbdb87259af7ccc47efce4497781d0a3154e97a8e07ff059ace234d
GET /tv2track.js HTTP/1.1
Host: collector-4820.tvsquared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Wed, 05 Oct 2022 17:53:10 GMT
ETag: "6305f9ab-2133"
Expires: Wed, 05 Oct 2022 18:03:10 GMT
Last-Modified: Wed, 24 Aug 2022 10:12:59 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 61424aa81bc48edfae4447fce55f6e38
39eab31c02d4e9f30a2725d33699b07265dd214d
e8500c9650ce309fc50524c96652f4c4a3b7c25d2d98787a94ba41ea34f84e7f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:41:42 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f9M4Se4ARv2DFlaq46WIXJsoBM0Ejx91Mk2TJW4EMmx5nC0C5dOYNg==
Age: 4288
ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
IP 142.250.74.3:0
Hash c0b64ffa0f64af5b997c9ba032fc83d6
065ba5c16abe741bc28f071ec671a9cdd52cf7cc
2cd67f895f340c09060654777753b5b3480bde631ab750195a8b3aca3c0bd0ef
POST /s/gts1d4/CCh3rUTg6fw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
acornsprod-dataplane.rudderstack.com/v1/page
34.197.86.132200 OK 2 B URL HTTP/2 acornsprod-dataplane.rudderstack.com/v1/page
IP 34.197.86.132:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /v1/page HTTP/1.1
Host: acornsprod-dataplane.rudderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Basic MW13eTF0VHJ1dDVQeFVvN3o3Nnp3TFhhT1dsOg==
AnonymousId: NDVhZTBmZTEtZmY2NC00M2FmLTljYmItZGE4ZmMxNzg2MzZi
Content-Length: 1406
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: openresty/1.19.9.1
access-control-allow-credentials: true
access-control-allow-origin: https://citigroupstore.com
vary: Origin
X-Firefox-Spdy: h2
cdn.pdst.fm/ping.min.js
35.244.142.80200 OK 5.8 kB IP 35.244.142.80:0
File type ASCII text, with very long lines (26948), with no line terminators
Hash d001d1c9f5a942fa5524eeacb047e819
6ebc303d4e3fe71192400673808f37ce1c6a1d25
63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsO1wA3xspa7vlBY1uFBBANWCPnHVKSyBDVD7WJJmuVdxoL1frA9vt_KwpAlC4z-S8BY9fU5WclFuWZ0sDwvB5c3o4wX7rG
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 05 Oct 2022 16:58:35 GMT
expires: Wed, 05 Oct 2022 17:58:35 GMT
cache-control: public, max-age=3600
age: 3275
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5565
Expires: Wed, 05 Oct 2022 19:25:55 GMT
Date: Wed, 05 Oct 2022 17:53:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5565
Expires: Wed, 05 Oct 2022 19:25:55 GMT
Date: Wed, 05 Oct 2022 17:53:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22e49c1395e596cdcc17039b0f59ac92
f8d7c8ba1283858d247407d2aef55bc8a7681689
50f09ba4cbf7c3ad4f16c66aed1a9fbdb4261fda06c5aa397e36eb34afe415d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:30:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22e49c1395e596cdcc17039b0f59ac92
f8d7c8ba1283858d247407d2aef55bc8a7681689
50f09ba4cbf7c3ad4f16c66aed1a9fbdb4261fda06c5aa397e36eb34afe415d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:30:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 229c99cfb655a8c9f1a22de69fdff73c
6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sd2_YDHr3j7ym7wfFyQh9kg8FP-Et2nJUOo1v_TNbI3PvpzEY5KJ2Q==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:07:19 GMT
age: 71151
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 72636
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
collector-4820.tvsquared.com/tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=207034&h=17&m=53&s=10&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=b071c12981c549a8&_idts=1664992390&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=206
18.219.172.244200 OK 42 B URL HTTP/1.1 collector-4820.tvsquared.com/tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=207034&h=17&m=53&s=10&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=b071c12981c549a8&_idts=1664992390&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=206
IP 18.219.172.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=207034&h=17&m=53&s=10&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=b071c12981c549a8&_idts=1664992390&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=206 HTTP/1.1
Host: collector-4820.tvsquared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Wed, 05 Oct 2022 17:53:10 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: 0141c45e-a536-4129-9c2f-0ad57eb2d71f
Server: nginx
Content-Length: 42
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 961bae4af8d7fecc4abd3a0b15058590
16593fb816a725eab4ace2f613739c12cb1c815c
caed4d4be0c3a6db916083aea29817acb0954268b69ff40c4a19084aa14ee438
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 17:53:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 14:09:21 GMT
Expires: Wed, 12 Oct 2022 14:09:20 GMT
Etag: "16593fb816a725eab4ace2f613739c12cb1c815c"
Cache-Control: max-age=590769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755803e709240afa-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 49661
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
IP 142.250.74.3:0
Hash c0b64ffa0f64af5b997c9ba032fc83d6
065ba5c16abe741bc28f071ec671a9cdd52cf7cc
2cd67f895f340c09060654777753b5b3480bde631ab750195a8b3aca3c0bd0ef
POST /s/gts1d4/CCh3rUTg6fw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 100559d746bedd7c3802661c875c35ee
5261a6c2ee6d6cc87e91ee82e32d8be234db393e
ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F1ZWwxLKhRC6oSh6gnUxEm5AnYcY-mezJw9mNJ8GmNWnATAKx1JxSg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:26 GMT
age: 69044
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 72636
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tr.snapchat.com/p?trackId=22723ee0-f4ea-427d-a860-0bfc3df1d907&pid=c8be0027-7179-4908-a50c-1de771b0e87e&ev=PAGE_VIEW&pl=https%3A%2F%2Fcitigroupstore.com%2F&ts=1664992390438&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=2366&m_rd=2577&m_pi=1946&m_dcl=1973&m_fcps=1959&m_pl=0&m_ic=0&m_pv=v2&u_c1=5496429d-b85e-49b2-94e9-fd9c03ea96ff&u_scsid=791b71e3-9f71-4e8b-8684-be0d42753f39&u_sclid=0f5dff01-92f5-442f-95e9-120a40ac848e&s_r_ids=0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?trackId=22723ee0-f4ea-427d-a860-0bfc3df1d907&pid=c8be0027-7179-4908-a50c-1de771b0e87e&ev=PAGE_VIEW&pl=https%3A%2F%2Fcitigroupstore.com%2F&ts=1664992390438&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=2366&m_rd=2577&m_pi=1946&m_dcl=1973&m_fcps=1959&m_pl=0&m_ic=0&m_pv=v2&u_c1=5496429d-b85e-49b2-94e9-fd9c03ea96ff&u_scsid=791b71e3-9f71-4e8b-8684-be0d42753f39&u_sclid=0f5dff01-92f5-442f-95e9-120a40ac848e&s_r_ids=0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?trackId=22723ee0-f4ea-427d-a860-0bfc3df1d907&pid=c8be0027-7179-4908-a50c-1de771b0e87e&ev=PAGE_VIEW&pl=https%3A%2F%2Fcitigroupstore.com%2F&ts=1664992390438&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=2366&m_rd=2577&m_pi=1946&m_dcl=1973&m_fcps=1959&m_pl=0&m_ic=0&m_pv=v2&u_c1=5496429d-b85e-49b2-94e9-fd9c03ea96ff&u_scsid=791b71e3-9f71-4e8b-8684-be0d42753f39&u_sclid=0f5dff01-92f5-442f-95e9-120a40ac848e&s_r_ids=0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3EwQ3AMAgEsImQjoIIjNOkxxQMn/rhJhXYlNe0xf2vkktO5qfoE5s+oxFe9VhhcAE4DTHDMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 1
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 66fe6726cfd27efe46207f7ddb151ef4
079c2700d99bc247229382bc9436d08d93b5d111
bca33047d8c3d62efe9d8d536c59edf1505c61e18affd0d682f059ce81a4eed6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.snapchat.com/cm/i?pid=c8be0027-7179-4908-a50c-1de771b0e87e&u_scsid=791b71e3-9f71-4e8b-8684-be0d42753f39&u_sclid=0f5dff01-92f5-442f-95e9-120a40ac848e
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=c8be0027-7179-4908-a50c-1de771b0e87e&u_scsid=791b71e3-9f71-4e8b-8684-be0d42753f39&u_sclid=0f5dff01-92f5-442f-95e9-120a40ac848e
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=c8be0027-7179-4908-a50c-1de771b0e87e&u_scsid=791b71e3-9f71-4e8b-8684-be0d42753f39&u_sclid=0f5dff01-92f5-442f-95e9-120a40ac848e HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22e49c1395e596cdcc17039b0f59ac92
f8d7c8ba1283858d247407d2aef55bc8a7681689
50f09ba4cbf7c3ad4f16c66aed1a9fbdb4261fda06c5aa397e36eb34afe415d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Last-Modified: Wed, 05 Oct 2022 16:30:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 66fe6726cfd27efe46207f7ddb151ef4
079c2700d99bc247229382bc9436d08d93b5d111
bca33047d8c3d62efe9d8d536c59edf1505c61e18affd0d682f059ce81a4eed6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
collector-4820.tvsquared.com/tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=958143&h=17&m=53&s=10&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=b071c12981c549a8&_idts=1664992390&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22Site%20Visit%22%2C%22%7B%5C%22rev%5C%22%3A%5C%22%3CREVENUE%3E%5C%22%2C%5C%22prod%5C%22%3A%5C%22%3CPRODUCT%3E%5C%22%2C%5C%22id%5C%22%3A%5C%22%3CACTIONID%3E%5C%22%2C%5C%22promo%5C%22%3A%5C%22%3CPROMOCODE%3E%5C%22%7D%22%5D%7D&cookie=1&res=1280x1024&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%3CUSERREF%3E%5C%22%7D%22%5D%7D>_ms=206
18.219.172.244200 OK 42 B URL HTTP/1.1 collector-4820.tvsquared.com/tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=958143&h=17&m=53&s=10&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=b071c12981c549a8&_idts=1664992390&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22Site%20Visit%22%2C%22%7B%5C%22rev%5C%22%3A%5C%22%3CREVENUE%3E%5C%22%2C%5C%22prod%5C%22%3A%5C%22%3CPRODUCT%3E%5C%22%2C%5C%22id%5C%22%3A%5C%22%3CACTIONID%3E%5C%22%2C%5C%22promo%5C%22%3A%5C%22%3CPROMOCODE%3E%5C%22%7D%22%5D%7D&cookie=1&res=1280x1024&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%3CUSERREF%3E%5C%22%7D%22%5D%7D>_ms=206
IP 18.219.172.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=958143&h=17&m=53&s=10&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=b071c12981c549a8&_idts=1664992390&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22Site%20Visit%22%2C%22%7B%5C%22rev%5C%22%3A%5C%22%3CREVENUE%3E%5C%22%2C%5C%22prod%5C%22%3A%5C%22%3CPRODUCT%3E%5C%22%2C%5C%22id%5C%22%3A%5C%22%3CACTIONID%3E%5C%22%2C%5C%22promo%5C%22%3A%5C%22%3CPROMOCODE%3E%5C%22%7D%22%5D%7D&cookie=1&res=1280x1024&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%3CUSERREF%3E%5C%22%7D%22%5D%7D>_ms=206 HTTP/1.1
Host: collector-4820.tvsquared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Wed, 05 Oct 2022 17:53:10 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: d847211b-717c-4834-867b-833da46e5fee
Server: nginx
Content-Length: 42
Connection: keep-alive
d.impactradius-event.com/A356617-654d-4f72-a649-40b4707b47911.js
35.186.249.72200 OK 13 kB URL HTTP/2 d.impactradius-event.com/A356617-654d-4f72-a649-40b4707b47911.js
IP 35.186.249.72:0
File type C source, ASCII text, with very long lines (42814), with no line terminators
Hash 44d85b46b5dc0c2a5d45f928e786bb80
139376f9cb75194cf849f72daf067e8a2674e10a
a9a7f99176ac8ef61f3ad6732b7eb6022077db656f5aec5e3c23d6457cb4bffd
GET /A356617-654d-4f72-a649-40b4707b47911.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds5nF41SaieGWtKn4uB_MO49KlajlkSfO_mYbEmn2Ey4NF_tfLMaZ2p1YSYTI5NXRJ7KzHQ4_LaLvbDruzaCwsBxUkee3Dr
x-goog-generation: 1660924750492277
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13247
content-encoding: gzip
x-goog-hash: crc32c=wxKGWQ==, md5=RNhbRrXcDCpdRfko54a7gA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 13247
server: UploadServer
date: Wed, 05 Oct 2022 17:53:10 GMT
expires: Wed, 05 Oct 2022 17:58:10 GMT
cache-control: public,max-age=900,s-maxage=300
last-modified: Fri, 19 Aug 2022 15:59:10 GMT
etag: "44d85b46b5dc0c2a5d45f928e786bb80"
content-type: text/javascript; charset=utf-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54200 OK 22 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
File type ASCII text, with no line terminators
Hash 8e7120c76040a47f820e8c87b95dddce
0ae6d0d5578537f5011e44f97e812069362ac7b2
e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
OPTIONS /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: oa6thfpnnu4s
x-powered-by: Express
x-cloud-trace-context: af06bc7f407c0829652fc14aac929b9c
content-encoding: gzip
date: Wed, 05 Oct 2022 17:53:10 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/locale/en.json
104.26.14.45200 OK 721 B URL HTTP/2 aacdn.nagich.com/assets/locale/en.json
IP 104.26.14.45:0
File type JSON data\012- , ASCII text, with CRLF line terminators
Hash 2ef98f422029d698fd36331d62214575
af3323c691b53c408096c742b91628d3993bd6b5
7507c96ccbc5846638c2ffeedc45bb912696c98fb629ca44bd8eb3e765648840
GET /assets/locale/en.json HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
content-type: application/json
cache-control: public, max-age=2204800
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
etag: W/"f45920b9fc61d71:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCPT%2B%2FmZYe4WzF6CEpKBqGYJb5YkuMn1SU%2FVwF7lmhs6f66dUcSUEJJTcARWU0Sr4AdmrMmdJZuYiYhXsD6bgek9uHi%2F4KQ2w8h17kF8x0uGsfNJaAMUOC9BY9bOR%2BddJU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755803e7ac49b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 961bae4af8d7fecc4abd3a0b15058590
16593fb816a725eab4ace2f613739c12cb1c815c
caed4d4be0c3a6db916083aea29817acb0954268b69ff40c4a19084aa14ee438
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 17:53:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 14:09:21 GMT
Expires: Wed, 12 Oct 2022 14:09:20 GMT
Etag: "16593fb816a725eab4ace2f613739c12cb1c815c"
Cache-Control: max-age=590769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755803e9bc560afa-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 66fe6726cfd27efe46207f7ddb151ef4
079c2700d99bc247229382bc9436d08d93b5d111
bca33047d8c3d62efe9d8d536c59edf1505c61e18affd0d682f059ce81a4eed6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/XDvm1oDunOU
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/XDvm1oDunOU
IP 142.250.74.3:0
Hash 50085e8def172bc9bf39f7bdf1995882
708cfbc593a1cfe0589a8ad797e1cb43c681f402
35aecefac8969e1f1b3c8788c3b6f4249a4d23aa7e050bff1e341206ca9c723c
POST /s/gts1d4/XDvm1oDunOU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 677
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022100517531087BBD4D4FA4A1EE5AD56
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebe7e661a354f1f783ec3bd22fa3fded4c0e4707fb16e56d389666cb9584f7161efd473d146fd68d6b6e5030da852d0a10b9f8651a7abcb98f9786c153556e0b2c
x-origin-response-time: 12,23.218.223.15
x-akamai-request-id: 1cc1dc7e.126d6368
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-cache-remote: TCP_MISS from a23-218-223-15.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=10, inner; dur=9
x-parent-response-time: 112,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 680
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221005175310B9A7BDB2289C5AE74E59
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bee687ac2ffae6170a53b2f8d4667a0c736609af3fab315a063489b8d8916bfffac062cd854d9021ee86c5ea340b3b941
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=4, origin; dur=114
x-origin-response-time: 114,23.36.79.28
x-akamai-request-id: 126d6376
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C55585JG5HFBPDLNLOCG&hostname=citigroupstore.com
23.36.79.32200 OK 20 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C55585JG5HFBPDLNLOCG&hostname=citigroupstore.com
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type C source, Unicode text, UTF-8 text, with very long lines (58149)
Hash 0a79c5cd9d9a9dfa0e21086f56420353
7581de49059508637741abd0d03983134d6a7510
e1c80fab363d8fb051ad96f9c71cfbe66e63eac24efa416a549d8ccbd5183ac3
GET /i18n/pixel/config.js?sdkid=C55585JG5HFBPDLNLOCG&hostname=citigroupstore.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022100517531027307A7928B012E6387D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb1e71f22521701dbe1d3543a59684cf471c291139fa728358124d781c1c926686a677e5626c64c44c80e3630451ffc3e26252271c820c99be0707fe6e7f3bb290
content-encoding: gzip
x-origin-response-time: 18,23.218.223.13
x-akamai-request-id: 60d4c375.126d6208
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Fj4vcdW3XnoBkQhO9SD3ogJEQb; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-223-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=18, inner; dur=14
x-parent-response-time: 116,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C553833G5HFBPDLNLF4G&hostname=citigroupstore.com
23.36.79.32200 OK 20 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C553833G5HFBPDLNLF4G&hostname=citigroupstore.com
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type C source, Unicode text, UTF-8 text, with very long lines (58149)
Hash 20ba409687eb23543d32464695bb4068
65d7cd02db2403ebb08dea34557bd28bc1059841
015b6523b5c12592fd2b0f2320e33b793a7564427a7f4ddbab1a21f351beef4d
GET /i18n/pixel/config.js?sdkid=C553833G5HFBPDLNLF4G&hostname=citigroupstore.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022100517531054E82365191867EAB362
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebf56146beb35580b77d63d2c7235f3b77c13ebc5cc240c72d0f9804a1e5d1a6791d0a8246b60f40e60450b8a1055e6379d89c2a71962b385b4b176a72ec84ff5f
content-encoding: gzip
x-origin-response-time: 22,23.218.223.23
x-akamai-request-id: 34362782.126d61f8
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Fj4vbMb58IgYPkAwqB8hkxb7TZ; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=22, inner; dur=15
x-parent-response-time: 121,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 733
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221005175310A62F0325BEF1D2E59D62
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b49350ec2f3d338cf85434ae43b594d40a3f8f8050d30b8989bef692b8f355a2eba05e432eb097b1d6fe42a87bfb7aec2
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=8, origin; dur=118
x-origin-response-time: 118,23.36.79.28
x-akamai-request-id: 126d639d
X-Firefox-Spdy: h2
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54204 No Content 0 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://citigroupstore.com
Content-Length: 470
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: dfi7r85wsb5q
x-powered-by: Express
x-cloud-trace-context: cad6a6e51a7bcd85a8ecc295f6440256
date: Wed, 05 Oct 2022 17:53:10 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 730
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221005175310BD185E03F899F2E6551E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bee687ac2ffae6170a53b2f8d4667a0c704fb22939769eef3e3135094fed24dae7c66dbde235bd86f2cc4c3997675d96a
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=15, origin; dur=120
x-origin-response-time: 120,23.36.79.28
x-akamai-request-id: 126d63ae
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq
23.36.79.32200 OK 37 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65464)
Hash 5bcab8b8b1007410a7a8f11335ab62b3
bef6658069d59aefb2f5df5d385aa48f7bbf6153
cc5f385e70a339453a55dd40bfc067d139e553124d8eb569cb7bb80d75459df9
GET /i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221005175310BE1BC161809B9BE871A5
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b80ad1e5684bdda291d17645286a7fbd30f662be42accf4acbec4da91222efdd8c8b90ac2780ce1b9b2cde386643cf253
content-encoding: gzip
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=101
x-origin-response-time: 101,23.36.79.28
x-akamai-request-id: 126d6165
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=c8be0027-7179-4908-a50c-1de771b0e87e&tld=com
35.190.43.134200 OK 101 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=c8be0027-7179-4908-a50c-1de771b0e87e&tld=com
IP 35.190.43.134:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 98cb50bd33c39a014e4350790f270455
329d39adaa4da6442a9e174eaca33bc0702ebfa0
6f554d3f3068506aefacf6279d4f69fdbf66b658896b1144631d46c27106cbe9
GET /collector/is_enabled?pids=c8be0027-7179-4908-a50c-1de771b0e87e&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
access-control-allow-origin: https://citigroupstore.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 2
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C551IJ800UN7QUNFF4OG&hostname=citigroupstore.com
23.36.79.32200 OK 20 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C551IJ800UN7QUNFF4OG&hostname=citigroupstore.com
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type C source, Unicode text, UTF-8 text, with very long lines (58149)
Hash 6e683b924d5c5f587954f79383c102c8
085186fbe435c02ec49c0f81214992da0fee567a
114526943328550e7ce9969bca40b1414a5c94e8a26febf9ead6c1e1565979f6
GET /i18n/pixel/config.js?sdkid=C551IJ800UN7QUNFF4OG&hostname=citigroupstore.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202210051753105C87796A950836EAA0AB
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b87960a0733184373b08d32ba2dad09634f1648e873a286dd502964b85af721c02fc0d4f27e7333f0ef466b9f47245a5e
content-encoding: gzip
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Fj4vdb6m1c1pVHU8jBRvQunvep; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=5, origin; dur=114
x-origin-response-time: 115,23.36.79.28
x-akamai-request-id: 126d61f1
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 730
Origin: null
Connection: keep-alive
Cookie: _ttp=2Fj4vbtmleuw73dW0DpgZE6nirg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221005175310881F558F6C1230E3B573
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bf8bbe907938d376f1cb408b6ad2f32d91323f9e58ec8c1542f4aaac5da556df46eb8c9e181053e0b9f1c60efcd80aee8
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=102, cdn-cache; desc=MISS, edge; dur=9, origin; dur=198
x-origin-response-time: 198,23.36.79.28
x-akamai-request-id: 126d6378
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 27f41d8d1afb5d6466971d76bc3aa30b
8f3d091d32a1ff2b02a02fb63b77fc32827879f8
684f4eb0a727a4190be68663d883983264cf31b1e03a36dbb23f2b45522eff4c
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 05 Oct 2022 17:53:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 04:03:44 GMT
Expires: Thu, 06 Oct 2022 04:03:44 GMT
ETag: "8f3d091d32a1ff2b02a02fb63b77fc32827879f8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
pixel.pointmediatracker.com/kpi?c=acorns&kpi=visit&tag_id=120&fpc=0b0d72f5-547c-4493-9f77-1aa09a1d9b30&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined>mcb=353586310
54.230.111.78302 Found 2 B URL HTTP/2 pixel.pointmediatracker.com/kpi?c=acorns&kpi=visit&tag_id=120&fpc=0b0d72f5-547c-4493-9f77-1aa09a1d9b30&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined>mcb=353586310
IP 54.230.111.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /kpi?c=acorns&kpi=visit&tag_id=120&fpc=0b0d72f5-547c-4493-9f77-1aa09a1d9b30&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined>mcb=353586310 HTTP/1.1
Host: pixel.pointmediatracker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/json
content-length: 2
location: https://cdn.blisspointmedia.com/assets/img/pixel.gif
date: Wed, 05 Oct 2022 17:53:10 GMT
x-amzn-requestid: 05402417-ed3b-41ec-b210-607927e8ebd7
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: c=830fd40e-3d7c-4a4f-9da8-9d5abe10b3d6; domain=.pointmediatracker.com; expires=Thu, 05-Oct-2023 17:53:10 GMT; path=/; secure; SameSite=None
x-amz-apigw-id: ZiulBHIYPHcFnSg=
x-amzn-trace-id: Root=1-633dc486-7e99adc9561f03e53ad24125;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7CwmzlWkP3c_N9F2-tTPy1QcduSeE7AX7GBAnro21hKzSknZXJyxzg==
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-DPFLJJ5Z42>m=2oea30&_p=340547369&cid=1331370216.1664992390&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664992390&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DPFLJJ5Z42>m=2oea30&_p=340547369&cid=1331370216.1664992390&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664992390&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DPFLJJ5Z42>m=2oea30&_p=340547369&cid=1331370216.1664992390&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664992390&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Wed, 05 Oct 2022 17:53:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/init?pids=c8be0027-7179-4908-a50c-1de771b0e87e
35.190.43.134200 OK 31 kB URL HTTP/2 tr.snapchat.com/init?pids=c8be0027-7179-4908-a50c-1de771b0e87e
IP 35.190.43.134:0
Hash 0089850e7df793e45e9c19e5d9aee83b
5e8c8110e72fb3d825b0e0c4892ee194cb930bd6
0195de8dec40746c3ef97b896c15eac2840a4c593c8dc09a3518476891204bfa
GET /init?pids=c8be0027-7179-4908-a50c-1de771b0e87e HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
access-control-allow-origin: https://citigroupstore.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4TRCGP6H18A0MH1Q8I0&lib=ttq
23.36.79.32200 OK 38 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4TRCGP6H18A0MH1Q8I0&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash a303c249fb056693a8c3c1d35f20e243
90e728f3e7f2974c20580251f28cf49d4f5f18fc
0262bf1130b1b65fed0946417f532b70996fc2155a6bbe8bf2b7e1458345ada3
GET /i18n/pixel/events.js?sdkid=C4TRCGP6H18A0MH1Q8I0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022100517531043F4A5A3359673E2EF2F
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b448e7c8a6cd4adcc70925adaece0888e9b79bac869bf28078506c964379e15686447a17a280f7359f80711e172aada82
content-encoding: gzip
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=111
x-origin-response-time: 111,23.36.79.28
x-akamai-request-id: 126d6033
X-Firefox-Spdy: h2
cdn.blisspointmedia.com/assets/img/pixel.gif
54.230.111.119200 OK 807 B URL HTTP/2 cdn.blisspointmedia.com/assets/img/pixel.gif
IP 54.230.111.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 18b3e43abad26bdac6f4cea944777b62
5848cd0aca8d9fc92d8449b13f829cc1f6cd310a
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
GET /assets/img/pixel.gif HTTP/1.1
Host: cdn.blisspointmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 807
date: Tue, 04 Oct 2022 18:33:12 GMT
last-modified: Mon, 08 Apr 2019 16:24:44 GMT
etag: "18b3e43abad26bdac6f4cea944777b62"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7K-7_sDoSQwOcoaAd-xM8Y1l5PfsbyZ1OA2W-luLRG28rffADc5dXw==
age: 84000
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/scripts/pdf.js
104.26.14.45200 OK 3.1 kB URL HTTP/2 aacdn.nagich.com/assets/scripts/pdf.js
IP 104.26.14.45:0
Hash 4b65a95cdefe057d4e39f7cf56e17817
2d5c366e1818e2cede67f1e212d5bc1f9501f146
e556c5436984df4262546e950f3b46024cb3f87bbcd5eaecd13d1c9dc4179a95
GET /assets/scripts/pdf.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Sun, 23 Feb 2020 12:50:59 GMT
etag: W/"80fb6ce547ead51:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79rKQ4dQvqFDps%2B6LJntviuLBp7BRm5%2BO2oU4MJ5YMH5yjBT2mbxPM01Js1AR%2Fx4EpTqc9E8GkLaTG8S0e1s2FF6y%2B5FbAFIHHq%2FBvJpbX5mVXo5DpVqj1YMZWIg84sFtr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755803e7ac4eb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
d2hrivdxn8ekm8.cloudfront.net/tag-manager/d2a51cf8-ae26-476d-90d6-15577b334259-latest.js
54.230.245.59200 OK 275 B URL HTTP/2 d2hrivdxn8ekm8.cloudfront.net/tag-manager/d2a51cf8-ae26-476d-90d6-15577b334259-latest.js
IP 54.230.245.59:0
Hash b988df2daf770c7753535798447d3067
e4872c5331c62437652e770ff03c101281050a09
3b5ec8ee05daecb254a5b42fd0742c2d9b0dfa20223156fa43a29f96de97d2d0
GET /tag-manager/d2a51cf8-ae26-476d-90d6-15577b334259-latest.js HTTP/1.1
Host: d2hrivdxn8ekm8.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 275
last-modified: Tue, 10 Nov 2020 02:53:20 GMT
x-amz-version-id: ZQC1pLgybGmCh9SQm2VNxBN4NpkO.HLO
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 21:01:10 GMT
etag: "b988df2daf770c7753535798447d3067"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2hd1-rOxvGAqYUIYRevQCK7qOUiEEyH_uKEQJtZh-7gEH9XEn2DD9w==
age: 75122
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3967
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:11 GMT
Last-Modified: Wed, 05 Oct 2022 16:47:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 16:41:09 GMT
expires: Wed, 05 Oct 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 4322
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Ik4EkfUxGPc072JJLZ2Pi/rVLhsY73y0gKmW74HMIJJlJPUQft9AR7h76D7k0vro/ysmoA4Me6NNnTFb/I/7lQ==
content-length: 26840
x-fb-trip-id: 1904183273
date: Wed, 05 Oct 2022 17:53:11 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:11 GMT
x-served-by: cache-iad-kcgs7200165-IAD, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3967
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:11 GMT
Last-Modified: Wed, 05 Oct 2022 16:47:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
alb.reddit.com/rp.gif?ts=1664992390298&id=t2_2ttedlir&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=a1291497-12e5-4d99-a68f-6795a68c9b6c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1664992390298&id=t2_2ttedlir&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=a1291497-12e5-4d99-a68f-6795a68c9b6c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1664992390298&id=t2_2ttedlir&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=a1291497-12e5-4d99-a68f-6795a68c9b6c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Wed, 05 Oct 2022 17:53:11 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash cb7f8ca83f6d2cd9908fdcc36c52204a
843c05b539e71925771fe5c3caa5deab6e88e882
56961ed1b73b6a8c472b374b59015516af2a018143f19fb9291f9e2a249795ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:11 GMT
Last-Modified: Wed, 05 Oct 2022 16:20:16 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oO-qYAA1g7ZnBlu2fmReMNcNirTpZa0Zluq3YzSuC9dyfkEV4M1eZA==
Age: 5575
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash cb7f8ca83f6d2cd9908fdcc36c52204a
843c05b539e71925771fe5c3caa5deab6e88e882
56961ed1b73b6a8c472b374b59015516af2a018143f19fb9291f9e2a249795ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:11 GMT
Last-Modified: Wed, 05 Oct 2022 16:25:45 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vYmoPyAfrn7o47WQqXJHY1sUu6BMXKk1Vj5ZahW1OVO-4fLkMy0hhQ==
Age: 5246
tags.w55c.net/rs?id=3d8d9cf507da43849ba6240d648eb887&t=homepage>mcb=1796638669
18.157.92.103302 0 B URL HTTP/1.1 tags.w55c.net/rs?id=3d8d9cf507da43849ba6240d648eb887&t=homepage>mcb=1796638669
IP 18.157.92.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs?id=3d8d9cf507da43849ba6240d648eb887&t=homepage>mcb=1796638669 HTTP/1.1
Host: tags.w55c.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Cache-Control: no-cache, must-revalidate
Date: Wed, 05 Oct 2022 17:53:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://tags.w55c.net/rs?sccid=162f1b86-0553-efb3-5568-a6856f667922&scc=1&id=3d8d9cf507da43849ba6240d648eb887&t=homepage>mcb=1796638669
Pragma: no-cache
Server: Retargeting/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=i9ZsRh3f1OG8zZ2; Domain=.w55c.net; Expires=Sun, 05-Nov-2023 03:53:11 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
tags.w55c.net/rs?id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage>mcb=1023241058
18.157.92.103302 0 B URL HTTP/1.1 tags.w55c.net/rs?id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage>mcb=1023241058
IP 18.157.92.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs?id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage>mcb=1023241058 HTTP/1.1
Host: tags.w55c.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Cache-Control: no-cache, must-revalidate
Date: Wed, 05 Oct 2022 17:53:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://tags.w55c.net/rs?sccid=7b8c4d11-a8b3-995c-69f9-e3a590103de3&scc=1&id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage>mcb=1023241058
Pragma: no-cache
Server: Retargeting/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=MmXLLz101OG8zZ2; Domain=.w55c.net; Expires=Sun, 05-Nov-2023 03:53:11 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 85d0e74b83c485572f113f8ac7ba4346
5c9a2d6e447c8307980be240986a3ffc54fd8927
184a8ab4db66977d54898ef2fa266304b08fe764c2c0f22d06d2f98a43da80aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3797
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:11 GMT
Last-Modified: Wed, 05 Oct 2022 16:49:54 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 1d4a2db7c5371bdfc89d4efdc4a318c1
82055f50ae135c5997f6acbb2f1ddf11a07e09df
943054fd64b220a20e45068b6ec3f0dcf5a025585f03543335d3a006c41d7ad4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:11 GMT
Last-Modified: Wed, 05 Oct 2022 16:42:38 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TOfJJ0uQDVDMkJyBj9Vsmr_O0jsl3uxpldzWNKr5zvknxEMReF2Abw==
Age: 4233
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash d13f7d604e796ac40bc3b5edd6169993
5356b399ec1cc387b4cb4223d97e98c11659d8ed
9631c7da551ba2264c35b6a3248a4756834d0ef8f98e100c252be585854123f6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 17:53:11 GMT
Last-Modified: Wed, 05 Oct 2022 17:03:09 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NdH3VgY3ePRqc8DkED4IzRVEJqF8xzb4OpHfv3vuVCC1RLJ-wWlPcg==
Age: 3002
capi.acorns.com/g/collect?v=2&tid=G-8QNLD90GTB>m=2oea30&_p=340547369&cid=1331370216.1664992390&ul=en-us&sr=1280x1024&_fplc=0&_uc=NO&_z=ccd.v9B&_s=1&sid=1664992390&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=PageView&_fv=1&_ss=1&ep.event_id=16649923897481&richsstsse
216.239.38.21200 OK 561 B URL HTTP/2 capi.acorns.com/g/collect?v=2&tid=G-8QNLD90GTB>m=2oea30&_p=340547369&cid=1331370216.1664992390&ul=en-us&sr=1280x1024&_fplc=0&_uc=NO&_z=ccd.v9B&_s=1&sid=1664992390&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=PageView&_fv=1&_ss=1&ep.event_id=16649923897481&richsstsse
IP 216.239.38.21:0
Hash f02feb9f0985f9bf35c39fc7b6cc2f70
0257543fdbc31777cc2761f4e6c1cd28b03dddd0
cb0cf9088c59facb4b149c3821af2aebff9d741bb55d5bc2d75ce512a1254627
GET /g/collect?v=2&tid=G-8QNLD90GTB>m=2oea30&_p=340547369&cid=1331370216.1664992390&ul=en-us&sr=1280x1024&_fplc=0&_uc=NO&_z=ccd.v9B&_s=1&sid=1664992390&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=PageView&_fv=1&_ss=1&ep.event_id=16649923897481&richsstsse HTTP/1.1
Host: capi.acorns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:11 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPLC=Pn4xtOidxdVSZPysfYtDKAtYAPbSgfI%2BWPCFrkjrr1725RyVTzR4FdselAcOy0YwNuup5gfArA3KyKoXDKWzmCUnTCZyXhGoVqNe3p855vUftfzMDHmrERsZIPnUiw%3D%3D; Max-Age=72000; Domain=citigroupstore.com; Path=/; Secure
FPID=FPID2.2.glypVEqNqjrCloJ45m%2BkebAlU1n0kPKK1MX9IGBZ%2BwE%3D.1664992390; Max-Age=63072000; Domain=citigroupstore.com; Path=/; Secure; HttpOnly
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://citigroupstore.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bdeabe77-fda0-4b25-9eca-e09ca52b63ae&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=79bd5278-69ed-45a4-83fb-9a3af3dc6979&tw_document_href=https%3A%2F%2Fcitigroupstore.com%2F&tw_iframe_status=0&txn_id=nzm8c&type=javascript&version=2.3.27
104.244.42.133200 OK 43 B URL HTTP/2 t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bdeabe77-fda0-4b25-9eca-e09ca52b63ae&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=79bd5278-69ed-45a4-83fb-9a3af3dc6979&tw_document_href=https%3A%2F%2Fcitigroupstore.com%2F&tw_iframe_status=0&txn_id=nzm8c&type=javascript&version=2.3.27
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bdeabe77-fda0-4b25-9eca-e09ca52b63ae&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=79bd5278-69ed-45a4-83fb-9a3af3dc6979&tw_document_href=https%3A%2F%2Fcitigroupstore.com%2F&tw_iframe_status=0&txn_id=nzm8c&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:11 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=7feaa18d-353d-40bc-a30d-49401afb6e30; Max-Age=63072000; Expires=Fri, 04 Oct 2024 17:53:11 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 3858548fa089462d
strict-transport-security: max-age=0
x-response-time: 109
x-connection-hash: 2c40eb05c7a8fe79e6998d0b43e4a4ea267635b2289adefd987c145101cf4e16
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/events.js
54.175.93.244200 OK 5.4 kB URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 54.175.93.244:0
File type ASCII text, with very long lines (16677)
Hash 0d64630b5bf684612f75b9e5a31c3668
a9b2777e0a8be25cfd0b4149f213f474c07b3f16
dbc2efb7735617e1d6bba60d5b1937d4f15ed6bf37b559c4e3701df10441bb7f
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Wed, 05 Oct 2022 17:53:11 GMT
Set-Cookie: sa-user-id=s%3A0-1cd88642-5745-4047-74a3-dee0f5016c99.EAq5ro0KRJ%2F60NDvdCju%2BZGgCM2JVR2UWgNkkn8hqeo; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AHNiGQldFQEd0o97g9QFsmVtaKpo.yhJdsYbeM6%2B95orocv8ydUeBI%2FoQ2NeNc2sweSk9y3o; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
transfer-encoding: chunked
Connection: keep-alive
logx.optimizely.com/v1/events
3.221.229.103204 No Content 0 B URL HTTP/1.1 logx.optimizely.com/v1/events
IP 3.221.229.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 737
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citigroupstore.com
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Wed, 05 Oct 2022 17:53:11 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: c8b26a5b-b1db-41c4-9cb7-b6bb42ddd999
Connection: keep-alive
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
54.196.132.16200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 54.196.132.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:11 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://citigroupstore.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.css
54.175.93.244200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 54.175.93.244:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Wed, 05 Oct 2022 17:53:11 GMT
Content-Length: 27
Connection: keep-alive
d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
54.230.245.59200 OK 10 kB URL HTTP/2 d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
IP 54.230.245.59:0
File type C source, ASCII text, with very long lines (10025), with no line terminators
Hash 2fd76c8e88356206a1c7a31860e7fe72
e14f2a16b9ed0a69a86f92623240cb140ab247a7
4e4516e3afa1170bf934a7882bf09eacf63d4600ea4b2609724c6cfa49333472
GET /tracker-latest.min.js HTTP/1.1
Host: d2hrivdxn8ekm8.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 10025
last-modified: Fri, 24 Jun 2022 19:33:58 GMT
x-amz-version-id: nxP954O2qyuHFEWoPjj05B2blGcZvYQN
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 20:18:25 GMT
etag: "2fd76c8e88356206a1c7a31860e7fe72"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H3y2rE8jZEOnGmEeeo_gUTeJ-auxa2GWrr6WaTnX45GU7bYDEYr4hw==
age: 77687
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/images/11.svg
104.26.14.45200 OK 576 B URL HTTP/2 aacdn.nagich.com/assets/images/11.svg
IP 104.26.14.45:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 22f410d19f918005e3b964408ef96876
c6d1a61d5759bed75e1fe3c8bc6a46f88e16e562
5d4bbee22f7d27a13e45d6c92a10cde0599622206c6556c9a449d1b7e2d013fa
GET /assets/images/11.svg HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:11 GMT
content-type: image/svg+xml
cache-control: public, max-age=2204800
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
etag: W/"42b27526748d51:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5HoYi3dbNNwf9Lwk3qTvzu7ZUQPHLQ71BhVWbJ3%2Fd3h%2BO4yHl89JuXRjwEWsndA1n%2Ffp1FMMTIigcOYerrBprMf42T58ro%2BPRh4yaVA%2BJIg7SX2LsRN8BFqZIHbZMC754U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755803ee4ff0b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
tags.w55c.net/rs?sccid=162f1b86-0553-efb3-5568-a6856f667922&scc=1&id=3d8d9cf507da43849ba6240d648eb887&t=homepage>mcb=1796638669
18.157.92.103200 42 B URL HTTP/1.1 tags.w55c.net/rs?sccid=162f1b86-0553-efb3-5568-a6856f667922&scc=1&id=3d8d9cf507da43849ba6240d648eb887&t=homepage>mcb=1796638669
IP 18.157.92.103:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /rs?sccid=162f1b86-0553-efb3-5568-a6856f667922&scc=1&id=3d8d9cf507da43849ba6240d648eb887&t=homepage>mcb=1796638669 HTTP/1.1
Host: tags.w55c.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Date: Wed, 05 Oct 2022 17:53:11 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Server: Retargeting/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 42
Connection: keep-alive
tags.w55c.net/rs?sccid=7b8c4d11-a8b3-995c-69f9-e3a590103de3&scc=1&id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage>mcb=1023241058
18.157.92.103200 42 B URL HTTP/1.1 tags.w55c.net/rs?sccid=7b8c4d11-a8b3-995c-69f9-e3a590103de3&scc=1&id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage>mcb=1023241058
IP 18.157.92.103:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /rs?sccid=7b8c4d11-a8b3-995c-69f9-e3a590103de3&scc=1&id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage>mcb=1023241058 HTTP/1.1
Host: tags.w55c.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Date: Wed, 05 Oct 2022 17:53:11 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Server: Retargeting/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 42
Connection: keep-alive
d21y75miwcfqoq.cloudfront.net/f724cd6e
54.230.245.9200 OK 68 B URL HTTP/2 d21y75miwcfqoq.cloudfront.net/f724cd6e
IP 54.230.245.9:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /f724cd6e HTTP/1.1
Host: d21y75miwcfqoq.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citigroupstore.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Wed, 05 Oct 2022 17:53:12 GMT
last-modified: Wed, 09 Jun 2021 21:18:41 GMT
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y6v1_K7_42HvHGM00Uv8A8456RNiLVeIkhQMOv2SmYsVcCTOtnRytw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b4709a27644e8ae65c938bd9901ffcfc
17f50bf45809aa3d1d6e0f8e3baa38f16ab07471
e307ae871258e9efcf1db4bfd0c72c5c56ab763dd8c7c2a4424afa45e4aa368e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4266
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:11 GMT
Last-Modified: Wed, 05 Oct 2022 16:42:05 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&gjid=1409748019&_gid=1405051658.1664992391&_u=IADAAEAAAAAAACAAI~&z=1839575782
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&gjid=1409748019&_gid=1405051658.1664992391&_u=IADAAEAAAAAAACAAI~&z=1839575782
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&gjid=1409748019&_gid=1405051658.1664992391&_u=IADAAEAAAAAAACAAI~&z=1839575782 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://citigroupstore.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Oct 2022 17:53:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&gjid=949148790&_gid=1405051658.1664992391&_u=YCDACEABBAAAACAAI~&z=2090317102
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&gjid=949148790&_gid=1405051658.1664992391&_u=YCDACEABBAAAACAAI~&z=2090317102
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&gjid=949148790&_gid=1405051658.1664992391&_u=YCDACEABBAAAACAAI~&z=2090317102 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://citigroupstore.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Oct 2022 17:53:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bdeabe77-fda0-4b25-9eca-e09ca52b63ae&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=79bd5278-69ed-45a4-83fb-9a3af3dc6979&tw_document_href=https%3A%2F%2Fcitigroupstore.com%2F&tw_iframe_status=0&txn_id=nzm8c&type=javascript&version=2.3.27
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bdeabe77-fda0-4b25-9eca-e09ca52b63ae&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=79bd5278-69ed-45a4-83fb-9a3af3dc6979&tw_document_href=https%3A%2F%2Fcitigroupstore.com%2F&tw_iframe_status=0&txn_id=nzm8c&type=javascript&version=2.3.27
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bdeabe77-fda0-4b25-9eca-e09ca52b63ae&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=79bd5278-69ed-45a4-83fb-9a3af3dc6979&tw_document_href=https%3A%2F%2Fcitigroupstore.com%2F&tw_iframe_status=0&txn_id=nzm8c&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:11 GMT
perf: 7626143928
server: tsa_o
set-cookie: guest_id_marketing=v1%3A166499239197668796; Max-Age=63072000; Expires=Fri, 04 Oct 2024 17:53:11 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
guest_id_ads=v1%3A166499239197668796; Max-Age=63072000; Expires=Fri, 04 Oct 2024 17:53:11 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
personalization_id="v1_jv+/Zg5o2nlEId/ho4TmKQ=="; Max-Age=63072000; Expires=Fri, 04 Oct 2024 17:53:11 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
guest_id=v1%3A166499239197668796; Max-Age=63072000; Expires=Fri, 04 Oct 2024 17:53:11 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 7ab51f538bc8d284
strict-transport-security: max-age=631138519
x-response-time: 109
x-connection-hash: e828de96ad37609dbc3a0704035b7dab08c39b7f3f4680a46e3eb8f9fb39afa2
X-Firefox-Spdy: h2
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
54.196.132.16200 OK 2 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 54.196.132.16:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1744
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:12 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=c0c548e2-f19e-4e57-9cee-b15049405ba6; Expires=Thu, 05 Oct 2023 17:53:12 GMT; Domain=tvpixel.com; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://citigroupstore.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&_u=IADAAEAAAAAAACAAI~&z=1925303401
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&_u=IADAAEAAAAAAACAAI~&z=1925303401
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&_u=IADAAEAAAAAAACAAI~&z=1925303401 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 17:53:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&_u=YCDACEABBAAAACAAI~&z=5328857
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&_u=YCDACEABBAAAACAAI~&z=5328857
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&_u=YCDACEABBAAAACAAI~&z=5328857 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 17:53:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&_u=IADAAEAAAAAAACAAI~&z=1925303401
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&_u=IADAAEAAAAAAACAAI~&z=1925303401
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=417263710&_u=IADAAEAAAAAAACAAI~&z=1925303401 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 17:53:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&_u=YCDACEABBAAAACAAI~&z=5328857
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&_u=YCDACEABBAAAACAAI~&z=5328857
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-46142661-9&cid=1331370216.1664992390&jid=1995146858&_u=YCDACEABBAAAACAAI~&z=5328857 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 17:53:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.jpeg
54.175.93.244200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 54.175.93.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 5b3474280f478100d81329fa35e94a47
b0fd4635a2aacea9149b0dbf3ccf053d6a46a309
fee52068b1dab191bf4c60ed31cbeed7b75ad3f738c558d491aa0d050336c2fa
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Wed, 05 Oct 2022 17:53:12 GMT
Content-Length: 651
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 17:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.srv.stackadapt.com/saq_pxl?uid=q8FmOe6z1kGX7LWy3w21PA&is_js=true&landing_url=https%3A%2F%2Fcitigroupstore.com%2F&t=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&tip=uoxJC5-ZOWGHZKpjJ94eth9VaHPoxd4NOZn2btR3DHM&host=https://citigroupstore.com&sa-user-id-v2=s%253A0-1cd88642-5745-4047-74a3-dee0f5016c99%2524ip%252491.90.42.154.wmIn3A5HiN2PmiG75GRrqe4PcGiGgwOfGUeNy7FHcs0&sa-user-id=s%253A0-1cd88642-5745-4047-74a3-dee0f5016c99.EAq5ro0KRJ%252F60NDvdCju%252BZGgCM2JVR2UWgNkkn8hqeo
54.175.93.244200 OK 94 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=q8FmOe6z1kGX7LWy3w21PA&is_js=true&landing_url=https%3A%2F%2Fcitigroupstore.com%2F&t=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&tip=uoxJC5-ZOWGHZKpjJ94eth9VaHPoxd4NOZn2btR3DHM&host=https://citigroupstore.com&sa-user-id-v2=s%253A0-1cd88642-5745-4047-74a3-dee0f5016c99%2524ip%252491.90.42.154.wmIn3A5HiN2PmiG75GRrqe4PcGiGgwOfGUeNy7FHcs0&sa-user-id=s%253A0-1cd88642-5745-4047-74a3-dee0f5016c99.EAq5ro0KRJ%252F60NDvdCju%252BZGgCM2JVR2UWgNkkn8hqeo
IP 54.175.93.244:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d12c1129f6ff37622d03db4a2a5949e
bc44653c4a06e671ce423600755fed86fad8ec24
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
GET /saq_pxl?uid=q8FmOe6z1kGX7LWy3w21PA&is_js=true&landing_url=https%3A%2F%2Fcitigroupstore.com%2F&t=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&tip=uoxJC5-ZOWGHZKpjJ94eth9VaHPoxd4NOZn2btR3DHM&host=https://citigroupstore.com&sa-user-id-v2=s%253A0-1cd88642-5745-4047-74a3-dee0f5016c99%2524ip%252491.90.42.154.wmIn3A5HiN2PmiG75GRrqe4PcGiGgwOfGUeNy7FHcs0&sa-user-id=s%253A0-1cd88642-5745-4047-74a3-dee0f5016c99.EAq5ro0KRJ%252F60NDvdCju%252BZGgCM2JVR2UWgNkkn8hqeo HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://citigroupstore.com
Content-Type: text/plain; charset=utf-8
Date: Wed, 05 Oct 2022 17:53:12 GMT
Content-Length: 94
Connection: keep-alive
dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49ZDJhNTFjZjgtYWUyNi00NzZkLTkwZDYtMTU1NzdiMzM0MjU5JnNlc3Npb25JZD1kNzM0Nzg4Zi02MzMxLTJlNTAtNmZkNS0xNWE5ZTEzNDBkZTQ%3D&date=1664992391829
54.230.245.61200 OK 43 B URL HTTP/2 dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49ZDJhNTFjZjgtYWUyNi00NzZkLTkwZDYtMTU1NzdiMzM0MjU5JnNlc3Npb25JZD1kNzM0Nzg4Zi02MzMxLTJlNTAtNmZkNS0xNWE5ZTEzNDBkZTQ%3D&date=1664992391829
IP 54.230.245.61:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49ZDJhNTFjZjgtYWUyNi00NzZkLTkwZDYtMTU1NzdiMzM0MjU5JnNlc3Npb25JZD1kNzM0Nzg4Zi02MzMxLTJlNTAtNmZkNS0xNWE5ZTEzNDBkZTQ%3D&date=1664992391829 HTTP/1.1
Host: dvqigh9b7wa32.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Wed, 05 Oct 2022 17:53:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
etag: "fb02f374b8f73825415db1bccd4bd76d"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4jqQgPP8X0JlFAOp4dB-Y3fKpo80XM6gH235rFzhg-gj7G-6thcB_Q==
X-Firefox-Spdy: h2
d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE1JnRva2VuPWQyYTUxY2Y4LWFlMjYtNDc2ZC05MGQ2LTE1NTc3YjMzNDI1OSZzZXNzaW9uSWQ9ZDczNDc4OGYtNjMzMS0yZTUwLTZmZDUtMTVhOWUxMzQwZGU0&date=1664992391829
54.230.245.138200 OK 43 B URL HTTP/2 d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE1JnRva2VuPWQyYTUxY2Y4LWFlMjYtNDc2ZC05MGQ2LTE1NTc3YjMzNDI1OSZzZXNzaW9uSWQ9ZDczNDc4OGYtNjMzMS0yZTUwLTZmZDUtMTVhOWUxMzQwZGU0&date=1664992391829
IP 54.230.245.138:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE1JnRva2VuPWQyYTUxY2Y4LWFlMjYtNDc2ZC05MGQ2LTE1NTc3YjMzNDI1OSZzZXNzaW9uSWQ9ZDczNDc4OGYtNjMzMS0yZTUwLTZmZDUtMTVhOWUxMzQwZGU0&date=1664992391829 HTTP/1.1
Host: d330aiyvva2oww.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Wed, 05 Oct 2022 17:53:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
etag: "fb02f374b8f73825415db1bccd4bd76d"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: My-AIbXOsUV6s3pMZPJ_00WoDGK1OW4MofDAyXpFidTR9j93Ohekmg==
X-Firefox-Spdy: h2
d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49ZDJhNTFjZjgtYWUyNi00NzZkLTkwZDYtMTU1NzdiMzM0MjU5JnNlc3Npb25JZD1kNzM0Nzg4Zi02MzMxLTJlNTAtNmZkNS0xNWE5ZTEzNDBkZTQmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPUxpbnV4JiUyNGN1cnJlbnRVcmw9aHR0cHMlM0ElMkYlMkZjaXRpZ3JvdXBzdG9yZS5jb20lMkY%3D&date=1664992391832
54.230.245.138200 OK 43 B URL HTTP/2 d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49ZDJhNTFjZjgtYWUyNi00NzZkLTkwZDYtMTU1NzdiMzM0MjU5JnNlc3Npb25JZD1kNzM0Nzg4Zi02MzMxLTJlNTAtNmZkNS0xNWE5ZTEzNDBkZTQmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPUxpbnV4JiUyNGN1cnJlbnRVcmw9aHR0cHMlM0ElMkYlMkZjaXRpZ3JvdXBzdG9yZS5jb20lMkY%3D&date=1664992391832
IP 54.230.245.138:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49ZDJhNTFjZjgtYWUyNi00NzZkLTkwZDYtMTU1NzdiMzM0MjU5JnNlc3Npb25JZD1kNzM0Nzg4Zi02MzMxLTJlNTAtNmZkNS0xNWE5ZTEzNDBkZTQmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPUxpbnV4JiUyNGN1cnJlbnRVcmw9aHR0cHMlM0ElMkYlMkZjaXRpZ3JvdXBzdG9yZS5jb20lMkY%3D&date=1664992391832 HTTP/1.1
Host: d1lu3pmaz2ilpx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Wed, 05 Oct 2022 17:53:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
etag: "fb02f374b8f73825415db1bccd4bd76d"
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: azkx2P44DJNPjuZxhWs9DIQ2eEviaQdbPkGJs607I7ZaAeoh6WotLA==
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=813908175355319&ev=PageView&dl=https%3A%2F%2Fcitigroupstore.com%2F&rl=&if=false&ts=1664992392536&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664992392535.705469221&it=1664992391409&coo=false&eid=16649923897481&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=813908175355319&ev=PageView&dl=https%3A%2F%2Fcitigroupstore.com%2F&rl=&if=false&ts=1664992392536&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664992392535.705469221&it=1664992391409&coo=false&eid=16649923897481&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=813908175355319&ev=PageView&dl=https%3A%2F%2Fcitigroupstore.com%2F&rl=&if=false&ts=1664992392536&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664992392535.705469221&it=1664992391409&coo=false&eid=16649923897481&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 05 Oct 2022 17:53:12 GMT
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C553833G5HFBPDLNLF4G&lib=ttq
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C553833G5HFBPDLNLF4G&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C553833G5HFBPDLNLF4G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221005175310881A48EEDB44B5EB5668
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebe7e661a354f1f783ec3bd22fa3fded4c8ca3226af4583d10e09e5f46c643d352e8d331c247416a9dc6ba6dcb10c4341b01f26b17b024a333eb10a05411958cbc
content-encoding: gzip
x-origin-response-time: 8,23.218.223.15
x-akamai-request-id: 1cc1d5bd.126d602a
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-223-15.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=8, inner; dur=2
x-parent-response-time: 108,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221005175310F420E2F5BF3D0FEBF39F
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb981ced5f0de119f8e3b61b9806dada84ad2ce16b4795663aec5ba3111e4c3c0cdb7456456ccba9e0958e4bcc0d36bbd77c21589c9489261e8e7bb7d5c5a618be
content-encoding: gzip
x-origin-response-time: 11,23.218.223.5
x-akamai-request-id: 90ed9dd2.126d6019
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-223-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=11, inner; dur=4
x-parent-response-time: 119,23.36.79.28
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C551IJ800UN7QUNFF4OG&lib=ttq
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C551IJ800UN7QUNFF4OG&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C551IJ800UN7QUNFF4OG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221005175310DF8B07501290A2E4F8D7
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b2afe39dc8b208a5b5bb4188a18a97d6b5ed4168379b6e2759347480a8d7c047dce13728f92283eb62baa46861b82f33f
content-encoding: gzip
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=101
x-origin-response-time: 101,23.36.79.28
x-akamai-request-id: 126d6022
X-Firefox-Spdy: h2
aacdn.nagich.com/style/btncolor.css
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/btncolor.css
IP 104.26.14.45:0
GET /style/btncolor.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb%2FHwsrO%2F6u7xVJXwXP1abKsZOonEwTcR6aER%2FGpeczMKWeT1T70YdC5cpDutqIeAghoth87vhcGrhUmG%2FEze3z4CADd47Ljtk8DA9ZLV%2B9WSupguH3rscWom3DZklKS6ms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755803e7ac36b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
aacdn.nagich.com/core/4.2.1/accessibility.js
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/core/4.2.1/accessibility.js
IP 104.26.14.45:0
GET /core/4.2.1/accessibility.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Mon, 29 Nov 2021 13:45:14 GMT
etag: W/"051ff5527e5d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YwjlSkLBqCsOqONCVtZlw8%2Fw6BmdyqKIFT4FjiY8goROUycDvvJvFyGxOFrT6nzcq9wAXEmR2XO2gj2ui8dIiwANDKUvTm70A12mVIWmed85wOeIES6icfdRPNT%2FT8%2BfGo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755803e4ef42b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.rudderlabs.com/v1/rudder-analytics.min.js
54.230.111.7200 OK 0 B URL HTTP/2 cdn.rudderlabs.com/v1/rudder-analytics.min.js
IP 54.230.111.7:0
GET /v1/rudder-analytics.min.js HTTP/1.1
Host: cdn.rudderlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 10:06:48 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 05 Oct 2022 17:16:27 GMT
cache-control: max-age=3600
etag: W/"2ee07f8ec538e6ee7867079365cf34c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OkD1AvQtgiWQ9SJqJhfYtpUw5OUcZegAkz0Bu0rUu4TOZPRwF1xpXw==
age: 2855
X-Firefox-Spdy: h2
aacdn.nagich.com/style/style.css
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/style.css
IP 104.26.14.45:0
GET /style/style.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citigroupstore.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 17:53:10 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIYP%2FKyX1%2FHHMsgcbCY5g18OvRkjpqHqTBSxH9XEcIBQ6p8iTr9jMJ0zT2R9rGRqk3uqhaO8Gdi7z0fu2Qnf28Ous%2BOCChY8do6LMVt0hEQ%2FlUaRz1%2Fmk2t%2BCvv3%2F8h%2B594%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755803e79c2cb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C4TRCGP6H18A0MH1Q8I0&hostname=citigroupstore.com
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C4TRCGP6H18A0MH1Q8I0&hostname=citigroupstore.com
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/config.js?sdkid=C4TRCGP6H18A0MH1Q8I0&hostname=citigroupstore.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022100517531028CAD1BC5BD11FE563B1
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465beeebfaa23e7c4f229401f6382b9710dd7c7b82ca6d590f17bac7ca6882788334aa5fc363371e8201c71cc769a06ae4e9
content-encoding: gzip
expires: Wed, 05 Oct 2022 17:53:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 17:53:10 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Fj4vf1eZLCdJZe2xJ1FluJGIwG; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=1, origin; dur=111
x-origin-response-time: 112,23.36.79.28
x-akamai-request-id: 126d61ea
X-Firefox-Spdy: h2