r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7988
Expires: Sat, 22 Oct 2022 22:22:50 GMT
Date: Sat, 22 Oct 2022 20:09:42 GMT
Connection: keep-alive
citizens-online-support.com/citizenbank/login.php
200 OK 26 kB URL HTTP/1.1 citizens-online-support.com/citizenbank/login.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (672), with CRLF line terminators
Hash b27bd01402693bedb7107dec85a3f2df
0129e5275b6bbdd6355d291eaebc22e6da532c41
bacfd23af9c90b604030b1fde7b8b7ca90f47c6902724d666a99e02ea36d682c
GET /citizenbank/login.php HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:42 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=10000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 19:26:25 GMT
Expires: Sat, 22 Oct 2022 19:35:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8b50ae2d42852aa6b1f0bbf18cf24e76.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: Kz_u7E60ORfQrMB25HB6aRjKMozuUtnc4F_ENn63jhaq00A3dRBNWQ==
Age: 2597
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9785
Expires: Sat, 22 Oct 2022 22:52:47 GMT
Date: Sat, 22 Oct 2022 20:09:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m79NJ/4rMpFqTLl0A1izbPsASzPdoJDcBjejeDY0gopPPO2nj2v3z5FmIYx/GuBonkMQ6Choeqc=
x-amz-request-id: KCPGQMVJW15SC5CY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 19:37:41 GMT
age: 1921
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 20:09:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
200 OK 32 kB URL HTTP/1.1 nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
IP
File type ASCII text, with very long lines (594)
Hash 3e3e57d74e385af3525e39e1a6b268da
8c0bd74879a5678ad73d6313ec8bc6c6ed339079
fbdeaa04631ff4616c28d150742e68b3197d7541c3742a7082ca1473de886311
GET /citizensbank/olbprod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:32 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 04:24:01 GMT
ETag: W/"e28169ebc267a281e5ca0d996e98214e"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=300
x-amz-version-id: 6VlOzl96zfTglXsm.ylgZ_Vxg_x9B5Dp
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 72284d4e8970ebb6888dfd7f2b2b621c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: YkdtCMqw3ytvYMGoFP9env18-flvkKF_iPQ3lbDhVJhu2oq_mXV_Tg==
Age: 917891
citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js
404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/efs/jsp-ns/pm_fp.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/efs/jsp-ns/pm_fp.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 20:09:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/hhf/js/citizensHeaderFooter-citizensns42588.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 20:09:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/efs/jsp-ns/scripts/common.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 20:09:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /content/930e113327rn2365aa3b7b98b0447e8d HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 20:09:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2817
Expires: Sat, 22 Oct 2022 20:56:39 GMT
Date: Sat, 22 Oct 2022 20:09:42 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3444
Expires: Sat, 22 Oct 2022 21:07:06 GMT
Date: Sat, 22 Oct 2022 20:09:42 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 1088c838b6899ed8b0e6281b27e93033
dc448fa2a9cfc21f8eb8300c61905435d35c56c4
583487ca0208647e44fac62c55671ac8fa9321ae1d59038a66115f979521a5a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "583487CA0208647E44FAC62C55671AC8FA9321AE1D59038A66115F979521A5A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2731
Expires: Sat, 22 Oct 2022 20:55:13 GMT
Date: Sat, 22 Oct 2022 20:09:42 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 3b3b961277c4760e275947c7398325f8
11b9314f9fca3b15db88dc9a8b96d13cfa4f715f
2407e84ce09843d92772a1c237748aa93a11fb952a3fce3c7388961aaf7327a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "2407E84CE09843D92772A1C237748AA93A11FB952A3FCE3C7388961AAF7327A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=989
Expires: Sat, 22 Oct 2022 20:26:12 GMT
Date: Sat, 22 Oct 2022 20:09:43 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 3b3b961277c4760e275947c7398325f8
11b9314f9fca3b15db88dc9a8b96d13cfa4f715f
2407e84ce09843d92772a1c237748aa93a11fb952a3fce3c7388961aaf7327a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "2407E84CE09843D92772A1C237748AA93A11FB952A3FCE3C7388961AAF7327A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=1038
Expires: Sat, 22 Oct 2022 20:27:01 GMT
Date: Sat, 22 Oct 2022 20:09:43 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 3b3b961277c4760e275947c7398325f8
11b9314f9fca3b15db88dc9a8b96d13cfa4f715f
2407e84ce09843d92772a1c237748aa93a11fb952a3fce3c7388961aaf7327a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "2407E84CE09843D92772A1C237748AA93A11FB952A3FCE3C7388961AAF7327A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=798
Expires: Sat, 22 Oct 2022 20:23:01 GMT
Date: Sat, 22 Oct 2022 20:09:43 GMT
Connection: keep-alive
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 3b3b961277c4760e275947c7398325f8
11b9314f9fca3b15db88dc9a8b96d13cfa4f715f
2407e84ce09843d92772a1c237748aa93a11fb952a3fce3c7388961aaf7327a0
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "2407E84CE09843D92772A1C237748AA93A11FB952A3FCE3C7388961AAF7327A0"
Last-Modified: Sat, 22 Oct 2022 11:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=797
Expires: Sat, 22 Oct 2022 20:23:00 GMT
Date: Sat, 22 Oct 2022 20:09:43 GMT
Connection: keep-alive
www4.citizensbankonline.com/akam/11/7c3ed55c
404 Not Found 9 B URL HTTP/2 www4.citizensbankonline.com/akam/11/7c3ed55c
IP
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /akam/11/7c3ed55c HTTP/1.1
Host: www4.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html
content-length: 9
cache-control: max-age=0
expires: Sat, 22 Oct 2022 20:09:43 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
set-cookie: ak_bmsc=CBCA47F69E0FD938C15AE2B64714793F~000000000000000000000000000000~YAAQnE8kF+ZR/eaDAQAAhstQAREKGQKXOoM29EdIr8v/mHSVqDNSOnKER/jyydzb9HUdLSHQN2oP6AjYZwBBvxNf+cIOcdnT+MtO5j5o0yHCf14NjnHfyvIvCkBRNtvNpik9fvLezrD1f1S5boQxq0YpU8SUkDXCiuc1h1tzMX0QSIRdL0vUSyeXM9EmJj9q6sEgGKvsOJWiXz3XQhWdeDRrdsl6hFuAxzKp68b9bojLoejhYdaMUughTXFeR32j3xxYf2PMUpGZF+q3KoPHWDo/F1SeJ+75b1DkS47Rq29XkY4a/mdGmwiWSL6NO02kA1ZPhLiJaXHCuOa7hlpGXCpYrT5jehTJ2Lqoajs8pfods1EVTy5aIKgheaJeJ4bXGqDWCVO62nKt9pUzoon4+4WOi2qM; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 22:09:43 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css
200 OK 1.2 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css
IP
Hash e9404d7ddc1ef0b93851879620bfea8a
69575dd0119d3439f3d7ba4b45d12a3c0e47a39e
f5be5cfcdb9f541d6e355cd15b78204e715c979bb90a7dbae94d18c9bdad8772
GET /efs/efs/jsp-ns/inc/css/ad-containers.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "1dd4-5e885b034ed75"
last-modified: Sun, 16 Oct 2022 06:48:49 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=523
x-olb-req-received: t=1665902334308988
content-length: 1227
cache-control: max-age=70714
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js
200 OK 4.0 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js
IP
Hash cc2102df58511c9a2653b1dff48ca8d7
64790e6adff6768178ab7d0ad9a4fbc2849b81f2
b9abbff7d9e75763790fd3b291f21525fe85583b397fe5f4b260bc99ff48aab7
GET /efs/efs/jsp-ns/scripts/main.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "4c03-5e885b03504e5"
last-modified: Thu, 20 Oct 2022 04:19:24 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=779
x-olb-req-received: t=1665902332994710
content-length: 3967
cache-control: max-age=32023
expires: Sun, 23 Oct 2022 05:03:26 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js
200 OK 1.4 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js
IP
File type ASCII text, with very long lines (4237)
Hash f42064b9d324029ba5cb5afccc50b641
3993f47a728f00ee410a143361ab33b0339455f7
b02a1a4d60ab1f5c740784e9a27a7f0a85178466573fb29fb0bd7afdccf7b5f0
GET /efs/efs/jsp-ns/scripts/placeholders.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "10aa-5e885b034ca52"
last-modified: Wed, 19 Oct 2022 18:44:25 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=350
x-olb-req-received: t=1665902333087295
content-length: 1394
cache-control: max-age=43095
expires: Sun, 23 Oct 2022 08:07:58 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css
200 OK 3.1 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css
IP
File type ASCII text, with very long lines (17412)
Hash ac9a70a6f100c02749dfadb709b6eadf
69906e55ace36c217a52d428029a3c71dc16a7e4
466e6cf44306264c98e5642f77be87292e03e578ce78b17c0b39521460b1d37a
GET /efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "4a56-5e885b034bab2"
last-modified: Sun, 16 Oct 2022 06:48:15 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=723
x-olb-req-received: t=1665902337198216
content-length: 3118
cache-control: max-age=70715
expires: Sun, 23 Oct 2022 15:48:18 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js
200 OK 5.5 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js
IP
File type HTML document, ASCII text, with very long lines (14756)
Hash 088d590db53a3ede82a998537283c75d
87ed57fd5e2a623f35f80a3684c2de916ce4e2f8
d45c62a7108121887dc8866d445dde985d96b82143b3da2c9068e32caf316db4
GET /efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "3c36-5e885b034ca52"
last-modified: Sat, 22 Oct 2022 11:30:08 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=833
x-olb-req-received: t=1665902334348159
content-length: 5535
cache-control: max-age=70714
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
200 OK 2.0 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
IP
Hash 07507f946ee4b2b9d4affc283b431119
00218cebeb305b00ae4ef74e4a67957d3c43e6f2
44fb4d44ce9291066e686a9861b8b31f021c816fa60e97c613bf5aadcc8e2830
GET /efs/efs/jsp-ns/inc/css/flows.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "21ce-5e885b034aefa"
last-modified: Mon, 17 Oct 2022 14:29:06 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=535
x-olb-req-received: t=1665902336855011
content-length: 1975
cache-control: max-age=58208
expires: Sun, 23 Oct 2022 12:19:51 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js
200 OK 39 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js
IP
Hash 2940c843ff15ab8e9f02511625f33e57
98ccd0fb1d60770a1aadf90d41daa49cab543cb3
4aed3165815cc1806999483e40a47863accf1cead25769de0162921f2f590298
GET /efs/efs/jsp-ns/scripts/plugins.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "31d24-5e885b0350b17"
last-modified: Sun, 16 Oct 2022 06:41:17 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=8368
x-olb-req-received: t=1665902334392040
content-length: 38875
cache-control: max-age=70714
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
200 OK 10 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
IP
Hash e8a5a242bcaea8c7314ccbb04612d922
101e2286a81e108dd00c618032d793b2dc5366b3
8e2a305132b87d2a48461f8e3d820dbf640d66d530ab007632c5c5d79ce8cdc7
GET /efs/efs/jsp-ns/inc/css/main.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "f405-5e885b034f92d"
last-modified: Sun, 16 Oct 2022 06:47:26 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=2162
x-olb-req-received: t=1665902334267901
content-length: 10382
cache-control: max-age=70714
expires: Sun, 23 Oct 2022 15:48:17 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css
200 OK 2.3 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css
IP
Hash 0a445a15e0f09a7738952731fdf3fe9d
3d4cef20189303cc4f24c27da1b8d2043e700cea
173f4f410b46ca6211eee490747009c597b7d7c475bcac07df88a18521bbef54
GET /efs/efs/jsp-ns/inc/css/normalize.css HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "26c2-5e885b034f92d"
last-modified: Mon, 17 Oct 2022 05:48:09 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=562
x-olb-req-received: t=1665902334194308
content-length: 2300
cache-control: max-age=3125
expires: Sat, 22 Oct 2022 21:01:48 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png
200 OK 5.3 kB URL HTTP/2 www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png
IP
File type PNG image data, 406 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash beb4d1c9f430bb08a4ed54df069e8f0c
39950ddd690d1cbe2d08610da5c11c854450523f
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b
GET /efs/hhf/img/CTZ_Green-01.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 10 Sep 2022 01:58:56 GMT
etag: "149d-5e849015deb49"
accept-ranges: bytes
content-length: 5277
x-olb-req-received: t=1665902353036164
x-olb-req-duration: D=187
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=582141
expires: Sat, 29 Oct 2022 13:52:04 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Pragma, Content-Length, Content-Type, ETag, Retry-After, Cache-Control, Last-Modified, Backoff, Expires
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 22 Oct 2022 20:03:53 GMT
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 20:26:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bf3844a119fafd26895a288a42b50a42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: tKGtAgj1FHCAev8OdUgTcKFetQPktRO1MLHZmVm_VWOjoAbLOPlvVQ==
Age: 353
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
200 OK 32 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
IP
File type Web Open Font Format, TrueType, length 31968, version 1.0\012- data
Hash d496c6122c776cae7c2a783bfcd7a3a1
fbdbec90d23bd77f471be50a3c6711e535ac72bc
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
GET /efs/efs/jsp-ns/inc/css/font/citizen_roman.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "7ce0-5e885b034bab2"
accept-ranges: bytes
content-length: 31968
x-olb-req-received: t=1665902333663068
x-olb-req-duration: D=206
access-control-allow-origin: *
cache-control: max-age=582161
expires: Sat, 29 Oct 2022 13:52:24 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
200 OK 29 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
IP
File type ASCII text, with very long lines (32089)
Hash 82481a92ac472d179954d66e38f72d07
ea65071dbc1ab11ed29e76bdd30eabbe6cdbc3ec
c8e2e6f9e0e01dcfec7f2633efdd7f8f9d78ba3920e86a0d1231f487928b5fe4
GET /efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "169d6-5e885b034fd15"
last-modified: Sun, 16 Oct 2022 06:41:15 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-olb-req-duration: D=4665
x-olb-req-received: t=1665902417810620
content-length: 29409
cache-control: max-age=70715
expires: Sun, 23 Oct 2022 15:48:18 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None, None
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5342
Cache-Control: max-age=134764
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:09:43 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:35:47 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www3.citizensbankonline.com/efs/efs/js/tealeaf.js
404 Not Found 9.9 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/js/tealeaf.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a50763a326038e01ff7f9624d28066c
cae9d82811966f159a734f9402ace74eb01f17f8
c6cc63926f47095f4caf94ad78258d77933e3adcc1ce7781bd7cb2a97d596411
GET /efs/efs/js/tealeaf.js HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-frame-options: SAMEORIGIN
last-modified: Tue, 20 Apr 2021 15:35:21 GMT
etag: "26ce-5c06931abe040"
accept-ranges: bytes
content-length: 9934
x-olb-req-received: t=1666469383268702
x-olb-req-duration: D=222
access-control-allow-origin: *
content-type: text/html
cache-control: max-age=829
expires: Sat, 22 Oct 2022 20:23:32 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=188, origin; dur=117
strict-transport-security: max-age=15768000
lb-action: None, None
set-cookie: ak_bmsc=930187E039B8193EF4E80DBF522232D3~000000000000000000000000000000~YAAQnE8kF/NR/eaDAQAA1sxQARF0/xw31TzCZM81hO+Fc3tnIRFfFOhzh93e+Xb4qgI/9DvGFbqeS/LTFey37QzyXNvsh4nYrhmsgdw7zoNLLx+vTi6o54pMYj4TjXuZo3U5YvqoV1v93thW3GWtMgOMR3WQ9s22d7yRKUW6cDyxYktIpbOTnQspblqd4oCYINQATesBxO0WN8vnSc3g+bBbrsfb7zZYDUNUhRKlH9+Y9s+8RkxBKvg4pmNZl09NZoHyVrB4lEAbkFv07oMORy8/69EP+OPl3KB2A2hSQ/oR9awgg2Qgoj47e9estfwQ4jjyzOeBplaFaRUWfWXOE+c7XB9ErP+6PTLRvM2aO6Y2QydGENGn1DS+Szwq2y/EezutfgJaU+H8cdnHYWwfvZZnbeWk; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 22:09:43 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www4.citizensbankonline.com/akam/11/7c3ed55c
404 Not Found 9 B URL HTTP/2 www4.citizensbankonline.com/akam/11/7c3ed55c
IP
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /akam/11/7c3ed55c HTTP/1.1
Host: www4.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 9
cache-control: max-age=0
expires: Sat, 22 Oct 2022 20:09:43 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
set-cookie: ak_bmsc=0CA26BF9B9B20E99ACE08BF4A8F1435C~000000000000000000000000000000~YAAQnE8kF/RR/eaDAQAA58xQARGzuclwxbFuL06oL15NMZYkQ/T9BVWtUeX9OlR/QAgclyrcvfJdQ+CaCYmun8xi5i2SXOLRgkfnYQXu2KEl1l5q0pdpxm/XCiEWacGMDu24ZTAGUTOeb439H2AyD0gdRQuIngpJeRhdTy/jjWlVdb0Ak9mGjfs8/YmJ3GqxJgLZ79F8SFcwRyA+dB65xTZbISUkG5zTZmmw0Mrq+9NG82J3EchyOgt9jy1X2OS6vYMgfdhhynLI2b/2QGTj8rnTOnuzH1MoX7YAb3d1qych3oUrfLnOUDDD939n2oCQVffZzcJMjh6e7kMtOE1nfUIIGlvTro1B39bMAW8pdFUfYPXKgrhb4k7qFPOJIRirWdYHjoXLDBKdzMO+fmqw0pT3V+Gi; Domain=.citizensbankonline.com; Path=/; Expires=Sat, 22 Oct 2022 22:09:43 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png
200 OK 292 B URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png
IP
File type PNG image data, 16 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 18ffa7c3d8f40b5da7df780d91930e20
524ca8ffaadbd033fd0504fe580d47315690afa1
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
GET /efs/efs/grafx/icon-secure.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "124-5e6a235cbd9f7"
accept-ranges: bytes
content-length: 292
x-olb-req-received: t=1665902333471989
x-olb-req-duration: D=145
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=582179
expires: Sat, 29 Oct 2022 13:52:42 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png
200 OK 364 B URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png
IP
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 35a7359b239ddca8639017dfc4b71b4a
dfdd659f24502fbe7dd79c9564e1e528233fdcad
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
GET /efs/efs/grafx/flows-tooltip.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "16c-5e6a235cbab17"
accept-ranges: bytes
content-length: 364
x-olb-req-received: t=1665902333449146
x-olb-req-duration: D=127
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=582205
expires: Sat, 29 Oct 2022 13:53:08 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png
200 OK 1.0 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png
IP
File type PNG image data, 18 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash e7b1dd2b4db648b74fc5b873e7196a87
2f053c0827091b3929ea889dd2dc5c923dcb450a
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e
GET /efs/efs/grafx/arrow-button-white.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "3f9-5e6a235ca4d07"
accept-ranges: bytes
content-length: 1017
x-olb-req-received: t=1665902333578008
x-olb-req-duration: D=97
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=582024
expires: Sat, 29 Oct 2022 13:50:07 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png
200 OK 1.1 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png
IP
File type PNG image data, 28 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash dc25c0429ceba4038c36551d05760dd7
a79832f9ae49997cd90701d48a02bd06bf29a7d0
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
GET /efs/efs/grafx/arrow-down-blue.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "41e-5e6a235ca4d07"
accept-ranges: bytes
content-length: 1054
x-olb-req-received: t=1665902333438403
x-olb-req-duration: D=100
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=582203
expires: Sat, 29 Oct 2022 13:53:06 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png
200 OK 165 B URL HTTP/2 www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png
IP
File type PNG image data, 7 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash 1792e4aa4d2d86dec430ef9a60362a35
90b9e9c14f636362e9558d14fefe15782f75d256
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69
GET /efs/efs/grafx/arrow-right-orange.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "a5-5e6a235ca5357"
accept-ranges: bytes
content-length: 165
x-olb-req-received: t=1665902333683140
x-olb-req-duration: D=140
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=582073
expires: Sat, 29 Oct 2022 13:50:56 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff
200 OK 18 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff
IP
File type Web Open Font Format, TrueType, length 18524, version 0.0\012- data
Hash 022cb73ac43269074f73e97b9cca4f2d
85f96bbe6d675a4892fbb483cde78c6eb9419d78
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
GET /efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "485c-5e885b034aefa"
accept-ranges: bytes
content-length: 18524
x-olb-req-received: t=1665902333523263
x-olb-req-duration: D=197
access-control-allow-origin: *
cache-control: max-age=582192
expires: Sat, 29 Oct 2022 13:52:55 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff
200 OK 32 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff
IP
File type Web Open Font Format, TrueType, length 31864, version 1.0\012- data
Hash 0dd22599312493e4bb7b8662f71dddcc
29f5fd587566f80d886dc0109f53ecf47eb5bbf5
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
GET /efs/efs/jsp-ns/inc/css/font/citizen_book.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "7c78-5e885b034f78f"
accept-ranges: bytes
content-length: 31864
x-olb-req-received: t=1665902334048084
x-olb-req-duration: D=227
access-control-allow-origin: *
cache-control: max-age=582155
expires: Sat, 29 Oct 2022 13:52:18 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff
200 OK 28 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff
IP
File type Web Open Font Format, TrueType, length 27852, version 1.0\012- data
Hash 76f4964f6d001aa6967fb570438d80cc
5259516d0615338a701e5a19a37d6bc45c6bcedc
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
GET /efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: https://www3.citizensbankonline.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "6ccc-5e885b034f545"
accept-ranges: bytes
content-length: 27852
x-olb-req-received: t=1665902334049950
x-olb-req-duration: D=159
access-control-allow-origin: *
cache-control: max-age=582163
expires: Sat, 29 Oct 2022 13:52:26 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/hhf/js/citizensHeaderFooter-citizensns42588.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/hhf/js/citizensHeaderFooter-citizensns42588.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CvVersion%7C5.0.1
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 20:09:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: S0UsWhkm1o/+rmUI6GCM4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YuFn9buYgX2nTQ2enEizkEJE9bc=
citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/content/930e113327rn2365aa3b7b98b0447e8d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /content/930e113327rn2365aa3b7b98b0447e8d HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CvVersion%7C5.0.1
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 20:09:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
404 Not Found 315 B URL HTTP/1.1 citizens-online-support.com/efs/efs/jsp-ns/scripts/common.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /efs/efs/jsp-ns/scripts/common.js HTTP/1.1
Host: citizens-online-support.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/citizenbank/login.php
Cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=359503849%7CMCIDTS%7C19288%7CvVersion%7C5.0.1
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 20:09:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png
200 OK 14 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 172ee65ce7e2afc164fb89579d8060b2
1bcc0c40ce0dd35f4150e286d4da86eb5150d2da
6031e1710c50b5ade8d4fe1f9d2a7885caa5f18493944871891d9bf847dcec0e
GET /efs/efs/web-ui/img/mobile-desktop-icons/icon-hires.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "3653-5e885b03510a1"
accept-ranges: bytes
content-length: 13907
x-olb-req-received: t=1665902334263596
x-olb-req-duration: D=181
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=582046
expires: Sat, 29 Oct 2022 13:50:29 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png
200 OK 11 kB URL HTTP/2 www3.citizensbankonline.com/efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f62b2664dd6a40ab3a9f7af34412f8b7
02438189257c795c3726e4f45b1ce3bb921255d5
707a3217546ca6852234cb3fa3b61f458581ca943b6195032ba9efe7e1e0ee5f
GET /efs/efs/web-ui/img/mobile-desktop-icons/icon-normal.png HTTP/1.1
Host: www3.citizensbankonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Sep 2022 02:22:48 GMT
etag: "2a77-5e885b0354b35"
accept-ranges: bytes
content-length: 10871
x-olb-req-received: t=1665902333725314
x-olb-req-duration: D=145
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=581972
expires: Sat, 29 Oct 2022 13:49:15 GMT
date: Sat, 22 Oct 2022 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
lb-action: None
X-Firefox-Spdy: h2
nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php
200 OK 397 B URL HTTP/1.1 nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php
IP
File type ASCII text, with very long lines (396)
Hash 348c9feab8b0c4d7021c4416455e0abd
f0f6f0357e3af965e8c38902bdd57e0e6bd8abb3
0aa2790789787d88a6852c65256a2015242d790aa0a1f3979da99773f6a15fee
GET /citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Wed%20Oct%2012%2004:23:59%20GMT%202022&ClientID=397&PageID=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 397
Connection: keep-alive
Server: nginx
Date: Sat, 22 Oct 2022 20:09:43 GMT
Expires: Sat, 22 Oct 2022 20:09:42 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 72284d4e8970ebb6888dfd7f2b2b621c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: jGFTONkHhy1rxy-zKwAHjYHc0bn0bff895Mof4pBmX1Wuw0c90PZaQ==
nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117
200 OK 31 kB URL HTTP/1.1 nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117
IP
File type ASCII text, with very long lines (1970)
Hash 3d2d25ef325eac356d449d8df162c7e5
b181f4221b3190118630f334403a218e7887eb92
82b8253b53400a2508202f2329064ac51c74d09e8361d7ef393b87793199e858
GET /citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:33 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 04:24:01 GMT
ETag: W/"7f943d1386ac8d666a04c5f7c1aca6a2"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: 7Vz_bNM1vqq_ptJsDOdn8z3nddxBTl2j
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 72284d4e8970ebb6888dfd7f2b2b621c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: X2ecPXllpUEgfn3r0LaaIeV3M1ZO3GvsrFgy5c4zL8Pfu1q3RCQhqw==
Age: 917891
nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909
200 OK 4.5 kB URL HTTP/1.1 nexus.ensighten.com/citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909
IP
File type ASCII text, with very long lines (564)
Hash fd603d97b40b9255bfad0347af30b289
4dbc7e969f3d64bd0e668bb424284a2cf1c134d5
9cf6e47fb2dfb89d2ffc01f75ffc38c7eac7d9ad07f11d39597ca329067c3f6f
GET /citizensbank/olbprod/code/0f6386a3b63d9bbb3a5a73b133de89a7.js?conditionId0=421909 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 12 Oct 2022 05:11:33 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 12 Oct 2022 03:57:00 GMT
ETag: W/"42ede44761b41779f967c114c118aa3e"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: NiK352lECAFDggvv33Jq9naFD_ydY3Ez
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 7d1508836f92a5f0f979c23535e9c7ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: N6hnzow_idAepH3V-Xz_a1oE5FnhResdRaonvx06YI8wW78pVtGF9g==
Age: 917891
ocsp.digicert.com/
200 OK 471 B IP
Hash fca3b625928b8f0507cf1569d9c188cc
25efc79d4d6371040b33025fe9b3a60b3d431e1e
a6900cc898a42c36f943c2bea70b80a79ec827dbf31d8f50c2a941c8b085c12f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2645
Cache-Control: max-age=121278
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:09:43 GMT
Etag: "63537a70-1d7"
Expires: Mon, 24 Oct 2022 05:51:01 GMT
Last-Modified: Sat, 22 Oct 2022 05:06:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 472 B IP
Hash e63e513dcf53ce7553e7b0823c6a14a4
339b57dfcff07274c5760a3eca84e85313801a13
0e2fa20095d3d2116bdabd8fcda346d45c6bca2c5aab1cc87811cc5ed62d72be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 15:43:26 GMT
Expires: Sat, 29 Oct 2022 15:43:25 GMT
Etag: "339b57dfcff07274c5760a3eca84e85313801a13"
Cache-Control: max-age=588221,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4df51abc80b65-OSL
dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666469397717
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666469397717
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666469397717 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://citizens-online-support.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-06f4f0b6e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666469397717
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=45594741015445039991306432814506999588; Max-Age=15552000; Expires=Thu, 20 Apr 2023 20:09:44 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: l60DjzxoRWw=
Content-Length: 0
Connection: keep-alive
lptag.liveperson.net/tag/tag.js?site=89632304
200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=89632304
IP
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=89632304 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.appdynamics.com/adrum/adrum-latest.js?
200 OK 40 kB URL HTTP/1.1 cdn.appdynamics.com/adrum/adrum-latest.js?
IP
File type ASCII text, with very long lines (644)
Hash cd86db0f552897dc33e8433d0cf9bad2
676df314ca85d1418ffb110f3979c31281da027d
fd30f76d2b4bebd4b4bd680793a8a993b46a15808c0cea0533e629fc2990889f
GET /adrum/adrum-latest.js? HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin: *
Content-Encoding: gzip
Date: Fri, 21 Oct 2022 17:25:06 GMT
Cache-Control: public, max-age=2678400, s-max-age=14400
ETag: W/"6317b609-1b2d9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: ymfD8--xpABMw0AzVRGnDxD5gfkSEzbx-5pRZwjDbSv33aA1-xiNtQ==
Age: 96278
dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666469397717
200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666469397717
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1666469397717 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://citizens-online-support.com
Content-Type: application/x-www-form-urlencoded
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://citizens-online-support.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-0d2a58cc0.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: /arHO/6ATjo=
Content-Length: 124
Connection: keep-alive
cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
301 Moved Permanently 167 B URL HTTP/1.1 cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /citizen/OLB/p/detector-dom.min.js? HTTP/1.1
Host: cdn.glassboxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 20:09:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
X-Cache: Redirect from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PWqtMm8vX7gBYS-Iu4iO-LeRc7CqmlqqBRjfXeDR6QKfw0gxTBolwQ==
CF-Cache-Status: HIT
Age: 6281
Expires: Sun, 23 Oct 2022 00:09:44 GMT
Cache-Control: public, max-age=14400
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e4df5449d5b529-OSL
cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
200 OK 20 kB URL HTTP/1.1 cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
IP
File type ASCII text, with very long lines (574)
Hash cca1b9c013b93bd73bf4f55b122ba8db
ed011720d910a5b69db06ebaabcd95d013255752
d5ef573c9770681c3a75ec78445d0c785ca6659a0cf25f145ddfbae414b0b77a
GET /adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 01 Oct 2022 05:28:16 GMT
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:12 GMT
ETag: W/"6317b608-d132"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Cache-Control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 1txtiiMRt0qkzakmscZUG6iHyOOmD3aatebo1jDG5aEI4VNy1PKgbw==
Age: 1867288
nebula-cdn.kampyle.com/wu/356861/onsite/embed.js
200 OK 517 B URL HTTP/2 nebula-cdn.kampyle.com/wu/356861/onsite/embed.js
IP
File type ASCII text, with very long lines (573)
Hash e8a4b8a535ad76225074264c54ea0715
ddac064bbfb77a8431cb810189043ff97b8e84fe
32a10a956e30f4b84dbaf4230037a1fd36c15bcdd345719b9393b9c2517f00b6
GET /wu/356861/onsite/embed.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ioqo2qnTXz9VPyGdm9U7px0r0c1Pgid1Py+qsRqCxp9kPiSNLtcKr3SrbhV53EloBo04Gq0y+98=
x-amz-request-id: T3BZVBR1VJB17J2B
last-modified: Wed, 05 Oct 2022 21:33:25 GMT
etag: "8b72f36bbd0721428f49dda9c3bd04ac"
x-amz-version-id: P0vUE_TJe.yQCf1POgYtfWkHzc0CIb7I
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 20:09:44 GMT
via: 1.1 varnish
age: 1451983
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666469384.444024,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 517
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=504727,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4df54eeff0b65-OSL
nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
301 Moved Permanently 0 B URL HTTP/1.1 nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us/wu/356861/onsite/generic1665005603563.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://citizens-online-support.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
Accept-Ranges: bytes
Date: Sat, 22 Oct 2022 20:09:44 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1679-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1666469384.488675,VS0,VE0
Strict-Transport-Security: max-age=31557600
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=504727,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4df54fa35b4eb-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash d89a4b4ba755569eb543022e0c46108b
5cae32d30c2d5928bf66be8c43601f21231c6935
02b872da64948f665f2bda563556b8f76fbe98b1c4b4e2b7a941df0f5576ddc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=98132
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 20:09:44 GMT
Etag: "63532a5c-1d7"
Expires: Sun, 23 Oct 2022 23:25:16 GMT
Last-Modified: Fri, 21 Oct 2022 23:25:16 GMT
Server: nginx
Content-Length: 471
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=504727,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4df551b450b69-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=504727,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4df551ebbfabc-OSL
smetrics.citizensbank.com/id?d_visid_ver=5.0.1&d_fieldgroup=MC&mcorgid=4C3B0C3755C3822E7F000101%40AdobeOrg&ts=1666469399111
200 OK 48 B URL HTTP/2 smetrics.citizensbank.com/id?d_visid_ver=5.0.1&d_fieldgroup=MC&mcorgid=4C3B0C3755C3822E7F000101%40AdobeOrg&ts=1666469399111
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2e7f247a0b936d04687f1940ebf3e72a
13a029354a7bd05c8d59e24a64cff2945428de62
f5e2e6086b8c43cfa975c81eaf739583cc757131480513488cefdc337f08714e
GET /id?d_visid_ver=5.0.1&d_fieldgroup=MC&mcorgid=4C3B0C3755C3822E7F000101%40AdobeOrg&ts=1666469399111 HTTP/1.1
Host: smetrics.citizensbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://citizens-online-support.com
access-control-allow-credentials: true
date: Sat, 22 Oct 2022 20:09:44 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg=0%7CMCMID%7C75981560223442076681242162606524953983; Path=/; Domain=citizensbank.com; Max-Age=63072000; Expires=Mon, 21 Oct 2024 20:09:09 GMT;
s_ecid=MCMID%7C75981560223442076681242162606524953983; Path=/; Domain=citizensbank.com; Max-Age=63072000; Expires=Mon, 21 Oct 2024 20:09:09 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
200 OK 114 kB URL HTTP/2 nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1665005603563.js
IP
File type Unicode text, UTF-8 text, with very long lines (53527)
Size 114 kB (114411 bytes)
Hash 875e1611678facfc534c2922ee9f04d1
d045b6a4a0bd45ae1eb134ca1365fe1ff576d8d2
b39dbd6935f69b4f403b183bad057b18b9df8e9c7ac7a3dcc2b123d66cdfbaab
GET /us/wu/356861/onsite/generic1665005603563.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 9cQsV036v9UHxHIBBS6ddnOPtu7hupqDHYzTkS5r9D6ofic601WFFGZbpPC4Zcf0I2Hddoonung=
x-amz-request-id: 531P45J50X314A2H
last-modified: Wed, 05 Oct 2022 21:33:24 GMT
etag: "ba78af14d365f8ccbd56a01ca6bf1c05"
x-amz-version-id: sS15mP2HP1_gvO6GweV7zdqjZ8tqzGJg
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 20:09:44 GMT
via: 1.1 varnish
age: 1450880
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666469385.534283,VS0,VE2
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 114411
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=75981560223442076681242162606524953983&ts=1666469399522
200 OK 1.3 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=75981560223442076681242162606524953983&ts=1666469399522
IP
File type JSON data\012- , ASCII text, with very long lines (3749), with no line terminators
Hash e4b20d776a34c170cadfd0813867c3ae
4336ccd4e4e70f3f286a92f375cb2d775b3c798b
0a2705b1b230c278ea964ddeb715a3760a28771d22f8937275e7dd347bb63d19
GET /id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&d_mid=75981560223442076681242162606524953983&ts=1666469399522 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://citizens-online-support.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-00b38d446.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=76012684287849726271239122901299202840; Max-Age=15552000; Expires=Thu, 20 Apr 2023 20:09:44 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: rPNlTUxpRc8=
Content-Length: 1315
Connection: keep-alive
citizensbank.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 citizensbank.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: citizensbank.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 22 Oct 2022 20:09:44 GMT
DCS: dcs-prod-irl1-2-v044-0ef7a5e84.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 17 Oct 2022 12:31:02 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: R4bGB/6zSI0=
Content-Length: 2791
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bb043e61ac0670929773ae8023472fd6
7d2e7cde176070da47e7a6ca990f42b6f917bf72
4d0af8861597b19883a0175ec395d724910d1bfb7e689635ea94fd4f67166400
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111797
Date: Sat, 22 Oct 2022 20:09:44 GMT
Etag: "63534ab2-1d7"
Expires: Mon, 24 Oct 2022 03:13:01 GMT
Last-Modified: Sat, 22 Oct 2022 01:43:14 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 ff52766d1401e737f8048c679c441738.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P6
X-Amz-Cf-Id: rYjy_UstgjFiQ-yeIodqtFGCsqDaViaWI0xGiIojX08JNHFhrVE4Ug==
Age: 5387
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2750
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 20:09:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2750
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 20:09:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2750
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 20:09:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2750
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 20:09:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bd5e942443ffd011faf10dc88d92081
beff4ae9e24599addce8a961c955788045c56645
2c59d984971e73d497975032c23700b5602fccf403f4683a8047f5f42d4e261f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: 081470ca-0107-4052-be55-9c713105bb27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-TEKPoAMFZfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-17199f8c0fc0fb7443a902f1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C8HRcZnP8nrEFWU_vn1olwnkXdvlqUu2_w0YIED9MSXDtO3U2mKO-w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:17:59 GMT
age: 78706
etag: "beff4ae9e24599addce8a961c955788045c56645"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 79753
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548
200 OK 318 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548
IP
Size 318 kB (317565 bytes)
Hash ce1f57741368405f38b0ab8eecb894e9
adcb58f05b1f1065bf473f8cecbcf5e541f8d1af
6b7f2c10d56232659fbe2c975e8cbafcba44498915a5f2bf6fdbee3997f5e992
GET /le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:46 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 20:09:44 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26c47e4b0147f8dee3e71a53a8f2830c
381edb4758da428db5ffe884f8fb38bf11044f69
b507898359abbcb1f57821c147a58df66d7e81acc198afc997527b58cd835b39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11151
x-amzn-requestid: 5c32e307-f2a7-4050-a96f-a47667ec4752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-NEFTKoAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b9-2fc77f394ca297126abaed94;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ib4A9F4pA6k1iYdefeQokFkEkmqlEASJ2d20BQ6gqRYj3teYDu8Cyg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:20 GMT
age: 78925
etag: "381edb4758da428db5ffe884f8fb38bf11044f69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 78580
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cdaacab30d73a7d05180cc16f4a96a3f
6cc0e39e0decbc20c765f171f63affd85fc9e6da
f015c3b1d838bd7d100ee104551bed2bb06a512b20ce3e5ac419d54b747fadd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10720
x-amzn-requestid: 96267527-f482-4bfa-ba7a-12467408efe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MvGutIAMFc8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b7-25f2624559b0fb7d62ced3a3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4--AiSTKMMOm9HnJL_ervFnd5rkQ-WZfGM-FNkxXKO892SPw67cxXA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:42 GMT
age: 79083
etag: "6cc0e39e0decbc20c765f171f63affd85fc9e6da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsps.ssl.com/
200 OK 1.8 kB IP
Hash ba9a1fa780a4fc6f144a3c834eefd27b
129d065f4a8ce68f5042a1c8c2413a3f33656da0
c2ad56e8e97bc352343ea4e4c4f1882284d56db37a8fff799a2faf3ca1bb0b75
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 20:09:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Sat, 29 Oct 2022 15:30:20 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "129d065f4a8ce68f5042a1c8c2413a3f33656da0"
Last-Modified: Sat, 22 Oct 2022 15:30:21 GMT
X-Proxy-Cache: HIT
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f%3A0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pv=2&f_cls_s=true
200 OK 429 B URL HTTP/1.1 report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f%3A0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pv=2&f_cls_s=true
IP
File type JSON data\012- , ASCII text, with very long lines (737), with no line terminators
Hash cae6670e54481cf1edd29659d6923633
b341ef37e4fbfc7e3d31241ee5a05d49f2d4e2a1
5c6ea49e6812bb648e70aade6829fe797e6a4a9450ab62b88eb1c8a47a41124f
GET /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f%3A0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pv=2&f_cls_s=true HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:45 GMT
Content-Type: application/json
Content-Length: 429
Connection: keep-alive
Set-Cookie: AWSALB=tXBH0A6nUnq6R60rbp4nmd7pYcqYBFgnao3GPKQNnxotMb5/sxAkkWQAPQqoEy+p0sO16mIQoMtyIDuHL3YKmkdas5233FqE91Ce3WODi9LORdmdbgFQdSDIg41l; Expires=Sat, 29 Oct 2022 20:09:45 GMT; Path=/
AWSALBCORS=tXBH0A6nUnq6R60rbp4nmd7pYcqYBFgnao3GPKQNnxotMb5/sxAkkWQAPQqoEy+p0sO16mIQoMtyIDuHL3YKmkdas5233FqE91Ce3WODi9LORdmdbgFQdSDIg41l; Expires=Sat, 29 Oct 2022 20:09:45 GMT; Path=/; SameSite=None; Secure
_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6; Secure; SameSite=None
_cls_cfgver=27baeec; Secure; SameSite=None
_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0; Secure; SameSite=None
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5015
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY2NDY5Mzk5NjI4IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODQwMTUxMGMzOTYyLTBhMzNhZjI5MzQxZjU3LTMwNmQ0NjRhLTE0MDAwMC0xODQwMTUxMGMzYTQ4YiIsImVudmlyb21lbnQiOiAicHJvZFVzT3JlZ29uIiwiYWNjb3VudElkIjogMzU2ODYwLCJ1cmwiOiAiaHR0cDovL2NpdGl6ZW5zLW9ubGluZS1zdXBwb3J0LmNvbS9jaXRpemVuYmFuay9sb2dpbi5waHAiLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjMyMGMtMTEwMC1iZjhjLTQ1NDEtMzk0YS04YzJiLTMxZjQtMWUxZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDY5Mzk5NjI2Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU3MCwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ2OTM5OTYyOCwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY2NDY5Mzk5NjI4IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODQwMTUxMGMzOTYyLTBhMzNhZjI5MzQxZjU3LTMwNmQ0NjRhLTE0MDAwMC0xODQwMTUxMGMzYTQ4YiIsImVudmlyb21lbnQiOiAicHJvZFVzT3JlZ29uIiwiYWNjb3VudElkIjogMzU2ODYwLCJ1cmwiOiAiaHR0cDovL2NpdGl6ZW5zLW9ubGluZS1zdXBwb3J0LmNvbS9jaXRpemVuYmFuay9sb2dpbi5waHAiLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjMyMGMtMTEwMC1iZjhjLTQ1NDEtMzk0YS04YzJiLTMxZjQtMWUxZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDY5Mzk5NjI2Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU3MCwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ2OTM5OTYyOCwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIExvZ2luIHwgQ2l0aXplbnMiLCJwYWdlX3VybCI6ICJodHRwOi8vY2l0aXplbnMtb25saW5lLXN1cHBvcnQuY29tL2NpdGl6ZW5iYW5rL2xvZ2luLnBocCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY2NDY5Mzk5NjI4IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODQwMTUxMGMzOTYyLTBhMzNhZjI5MzQxZjU3LTMwNmQ0NjRhLTE0MDAwMC0xODQwMTUxMGMzYTQ4YiIsImVudmlyb21lbnQiOiAicHJvZFVzT3JlZ29uIiwiYWNjb3VudElkIjogMzU2ODYwLCJ1cmwiOiAiaHR0cDovL2NpdGl6ZW5zLW9ubGluZS1zdXBwb3J0LmNvbS9jaXRpemVuYmFuay9sb2dpbi5waHAiLCJ3ZWJzaXRlSWQiOiAzNTY4NjEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjMyMGMtMTEwMC1iZjhjLTQ1NDEtMzk0YS04YzJiLTMxZjQtMWUxZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY2NDY5Mzk5NjI2Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU3MCwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NjQ2OTM5OTYyOCwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-4pw9
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/desktopEmbedded.js?version=10.22.0.0-release_5548
200 OK 306 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/desktopEmbedded.js?version=10.22.0.0-release_5548
IP
Size 306 kB (305816 bytes)
Hash 1fe3f754c06ca31134c3c2f4f7a30e69
38dde417f3169a29b059617d84df5f622f3f688a
f9099062b6486235adaa3b2d5454708f234ff3eda2ad7cdbe57f951ae4f24497
GET /le_unified_window/10.22.0.0-release_5548/desktopEmbedded.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:45 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 20:09:45 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=76012684287849726271239122901299202840
302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=76012684287849726271239122901299202840
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=76012684287849726271239122901299202840 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sat, 22 Oct 2022 20:09:45 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y1ROCQAAAFwkKAN-; Domain=.everesttech.net; Expires=Sun, 22-Oct-2023 20:09:45 GMT; Path=/
everest_session_v2=Y1ROCQAAAFwkKQN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1ROCQAAAFwkKAN-
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y1ROCQAAAFwkKAN-
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y1ROCQAAAFwkKAN-
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y1ROCQAAAFwkKAN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-00b67553b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1ROCQAAAFwkKAN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=12158383748314071712165529370501710386; Max-Age=15552000; Expires=Thu, 20 Apr 2023 20:09:45 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8aSxGBmiR6Q=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1ROCQAAAFwkKAN-
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1ROCQAAAFwkKAN-
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1ROCQAAAFwkKAN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v044-0cad15b9d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Gkq/Oxi1RDI=
Content-Length: 59
Connection: keep-alive
ocsp.sectigo.com/
200 OK 15 kB IP
File type gzip compressed data, from Unix\012- data
Hash 598eb1f48f897a6b34c6c76add7e5231
77f4e1b906f8342f382137289e62004d0f9c1cef
c1da810d77058340b5603ca09b8116aa196bc920c16694e0228fe666ae7b37b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 13:42:44 GMT
Expires: Wed, 26 Oct 2022 13:42:43 GMT
Etag: "f69c09fc42619141fcaba7b824d611c484c5e118"
Cache-Control: max-age=321777,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4df5c2f600b65-OSL
accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb71747x22104
200 OK 5.7 kB URL HTTP/2 accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb71747x22104
IP
Hash 86f9560d457dfdd016638205ac6fa4e5
dbca1f98c98544f58dda2195e4e673e7e295251b
0cef787bea6aecbe500b90ada5b54b7c111b9df908e251e2c3f2bb7bc058f0fa
GET /api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb71747x22104 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:45 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:3c9bc583-1830-41ae-92dd-0320e552a54b; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:15 GMT; Path=/
ADRUM_BTa=R:28|g:3c9bc583-1830-41ae-92dd-0320e552a54b|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:15 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:15 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:15 GMT; Path=/
ADRUM_BT1=R:28|i:2241585|e:6; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:15 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 20:10:45 GMT
x-envoy-upstream-service-time: 0
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pid=6b6c853d-5977-48c5-8083-5689b11b0b4b&sn=1&cfg&pv=2&aid=
200 OK 429 B URL HTTP/1.1 report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pid=6b6c853d-5977-48c5-8083-5689b11b0b4b&sn=1&cfg&pv=2&aid=
IP
File type JSON data\012- , ASCII text, with very long lines (737), with no line terminators
Hash cae6670e54481cf1edd29659d6923633
b341ef37e4fbfc7e3d31241ee5a05d49f2d4e2a1
5c6ea49e6812bb648e70aade6829fe797e6a4a9450ab62b88eb1c8a47a41124f
POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pid=6b6c853d-5977-48c5-8083-5689b11b0b4b&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4635
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_v=2e65d291-cc57-4f86-851a-9683412afcb6; _cls_cfgver=27baeec; _cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0; AWSALBCORS=tXBH0A6nUnq6R60rbp4nmd7pYcqYBFgnao3GPKQNnxotMb5/sxAkkWQAPQqoEy+p0sO16mIQoMtyIDuHL3YKmkdas5233FqE91Ce3WODi9LORdmdbgFQdSDIg41l
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:46 GMT
Content-Type: application/json
Content-Length: 429
Connection: keep-alive
Set-Cookie: AWSALB=Iw+yP53txrHmkp2lSCBXZ/BGiInthnReXiPDydNoGTxCFS/EJAmXH7iiVh/+W6fyGUymZtBL+mvX4IZFYdC7mJcJ/ogMMkOY+JXV53saVjEmGBPYCAiDsDfcnVgj; Expires=Sat, 29 Oct 2022 20:09:46 GMT; Path=/
AWSALBCORS=Iw+yP53txrHmkp2lSCBXZ/BGiInthnReXiPDydNoGTxCFS/EJAmXH7iiVh/+W6fyGUymZtBL+mvX4IZFYdC7mJcJ/ogMMkOY+JXV53saVjEmGBPYCAiDsDfcnVgj; Expires=Sat, 29 Oct 2022 20:09:46 GMT; Path=/; SameSite=None; Secure
_cls_cfgver=27baeec; Secure; SameSite=None
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5015
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true
200 OK 16 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32175)
Hash d528d49f6ca34317890c749d74c570ef
d06dc45a61f69353df75ff189ad2968159a7a409
7ed22c553cff14457c17edbe6c29e9b84a7428e6bce91ed45433cd8018158712
GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: text/html
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 20:09:44 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pid=6b6c853d-5977-48c5-8083-5689b11b0b4b&sn=4&cfg=27baeec&pv=2&aid=
200 OK 139 B URL HTTP/1.1 report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pid=6b6c853d-5977-48c5-8083-5689b11b0b4b&sn=4&cfg=27baeec&pv=2&aid=
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash fd68f24ba67db88a6ea2809914249ee9
ab5d573525b144199288dcdf42d07dfe75228f12
20bc39188dd8711cb6807be57716c8fe208c3b5ebe3af1f49459786668cb1d05
POST /glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0&_cls_v=2e65d291-cc57-4f86-851a-9683412afcb6&pid=6b6c853d-5977-48c5-8083-5689b11b0b4b&sn=4&cfg=27baeec&pv=2&aid= HTTP/1.1
Host: report.citizen.glassboxdigital.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 267
Origin: http://citizens-online-support.com
Connection: keep-alive
Referer: http://citizens-online-support.com/
Cookie: _cls_v=2e65d291-cc57-4f86-851a-9683412afcb6; _cls_cfgver=27baeec; _cls_s=453a75d0-088c-4aa9-9177-fc53816fcf7f:0; AWSALBCORS=zKVMua6q5rOniSSfciK43rpD8AqFlty0Vn4f4388B16e2i7ICmnqtqC/e/DzhsNdHYZPxPVMerBSP0aYtReJi18xVkbclLjG1Gelnq4EPfUrdwM1VBKPtnGc4UIe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:46 GMT
Content-Type: application/json
Content-Length: 139
Connection: keep-alive
Set-Cookie: AWSALB=PMtpq5CDIuet1prpoQzlR4f1sIiRglulhuXFD+9XXvFeFembk6Mm/NgsaQwc+aBf4z3ZZkUi4Zo2yQibf/0V5cmdNNrKib4hMY65V+jNu5FZikYL0txUNHjNSC3q; Expires=Sat, 29 Oct 2022 20:09:46 GMT; Path=/
AWSALBCORS=PMtpq5CDIuet1prpoQzlR4f1sIiRglulhuXFD+9XXvFeFembk6Mm/NgsaQwc+aBf4z3ZZkUi4Zo2yQibf/0V5cmdNNrKib4hMY65V+jNu5FZikYL0txUNHjNSC3q; Expires=Sat, 29 Oct 2022 20:09:46 GMT; Path=/; SameSite=None; Secure
ROUTEID=.cligate1; path=/
Server: GlassBox Cligate
access-control-allow-origin: http://citizens-online-support.com
vary: origin
access-control-allow-credentials: true
content-encoding: gzip
X-Robots-Tag: noindex
GB-Server: g5015
accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB
200 OK 1.8 kB URL HTTP/2 accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB
IP
File type ASCII text, with very long lines (7686), with no line terminators
Hash 1d67ed560917e8a976a1f00b0effd14b
c0bada7a9a19e5cc3c16ab97bfe4461e671ce4ed
59203103013f4cf757804f4301afb00f90b3795982e39758106b2243c36b3cce
GET /api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:c0f89cfd-0b83-41f7-a180-abd2d393dffa; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/
ADRUM_BTa=R:35|g:c0f89cfd-0b83-41f7-a180-abd2d393dffa|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:8; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 20:10:44 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 913f1b27298f63f2a7fd4e4bd111c122
5b7617638b7cb79d235be543f55e2242de9329f7
3edb79be98abcf38d13935f26dd4432747020edf620904eaa8888db00820706a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 20:09:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 11:37:43 GMT
Expires: Fri, 28 Oct 2022 11:37:42 GMT
Etag: "5b7617638b7cb79d235be543f55e2242de9329f7"
Cache-Control: max-age=487074,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e4df66aa9e0b65-OSL
cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
200 OK 0 B URL HTTP/2 cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
IP
GET /citizen/OLB/p/detector-dom.min.js? HTTP/1.1
Host: cdn.glassboxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://citizens-online-support.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/javascript
last-modified: Thu, 13 May 2021 10:48:21 GMT
x-amz-version-id: bbfnKPP3ulrtofSzPJqgXAlMwVq2hNWe
content-encoding: gzip
etag: W/"845173368b011e7fa14658b57426fe09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: TjES7ym4ShstKtpj1GLznZjl8VeU-G2N0yGQlAXn4IB-OQXucq9_RQ==
cf-cache-status: HIT
age: 6281
expires: Sun, 23 Oct 2022 00:09:44 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 75e4df549823b509-OSL
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548
200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548
IP
GET /le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 20:09:44 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/89632304?&cb=lpCb61444x69591&t=sp&ts=1666469400220&pid=155468348&tid=8207729569&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%229f5d000a-69d4-4d30-9d00-0a69d43d30f9%22%2C%22account%22%3A%2289632304%22%7D%5D
200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/89632304?&cb=lpCb61444x69591&t=sp&ts=1666469400220&pid=155468348&tid=8207729569&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%229f5d000a-69d4-4d30-9d00-0a69d43d30f9%22%2C%22account%22%3A%2289632304%22%7D%5D
IP
GET /api/js/89632304?&cb=lpCb61444x69591&t=sp&ts=1666469400220&pid=155468348&tid=8207729569&pt=Online%20Login%20%7C%20Citizens&u=http%3A%2F%2Fcitizens-online-support.com%2Fcitizenbank%2Flogin.php&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%229f5d000a-69d4-4d30-9d00-0a69d43d30f9%22%2C%22account%22%3A%2289632304%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:47 GMT
content-type: application/javascript
set-cookie: LPVisitorID=FiOGEzMGFjMDViZjJmMDUz; Expires=Sun, 22-Oct-2023 20:09:47 GMT; Path=/; HttpOnly
LPSessionID=KFTPUvkhSGG-XeFOA1jZ5Q; Path=/api/js/89632304; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548
200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548
IP
GET /le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:41 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 20:09:44 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP
GET /lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
GET /api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:33f5b795-8321-41a4-8b89-957afdf58703; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/
ADRUM_BTa=R:35|g:33f5b795-8321-41a4-8b89-957afdf58703|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:6; Max-Age=30; Expires=Sat, 22-Oct-2022 20:10:14 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 20:10:44 GMT
x-envoy-upstream-service-time: 0
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true
200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true
IP
GET /le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=http%3A%2F%2Fcitizens-online-support.com&site=89632304&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://citizens-online-support.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 20:09:44 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 20:09:44 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
23.254.132.83
104.110.3.220
104.18.32.68
178.249.101.99
54.74.40.111
151.101.85.175
13.36.218.177