urlscan.io logo urlscan.io
SecurityTrails logo

www.citizensfinance.biz Open in urlscan Pro
199.34.228.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.citizensfinanceinc.com/
Effective URL: https://www.citizensfinance.biz/
Submission: On February 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 199.34.228.69, located in San Francisco, United States and belongs to WEEBLY - Weebly, Inc., US. The main domain is www.citizensfinance.biz.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 8th 2019. Valid for: 3 months.
This is the only time www.citizensfinance.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.86.87.7 8100 (ASN-QUADR...)
10 199.34.228.69 27647 (WEEBLY)
9 2a04:4e42::302 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 8
1    172.86.87.7 (Jacksonville, United States)

ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US)
PTR: 172.86.87.7.static.theserverdns.com
www.citizensfinanceinc.com
10    199.34.228.69 (San Francisco, United States)

ASN27647 (WEEBLY - Weebly, Inc., US)
PTR: pages-custom-21.weebly.com
www.citizensfinance.biz
9    2a04:4e42::302 (European Union)

ASN54113 (FASTLY - Fastly, US)
cdn2.editmysite.com
5    2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2a00:1450:4001:81e::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
6    2a00:1450:4001:81a::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:825::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
1    2a00:1450:4001:825::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
10 www.citizensfinance.biz www.citizensfinance.biz
ajax.googleapis.com
9 cdn2.editmysite.com www.citizensfinance.biz
cdn2.editmysite.com
6 fonts.gstatic.com www.citizensfinance.biz
5 fonts.googleapis.com www.citizensfinance.biz
1 www.google-analytics.com www.googletagmanager.com
1 ssl.google-analytics.com www.citizensfinance.biz
1 www.googletagmanager.com www.citizensfinance.biz
1 ajax.googleapis.com www.citizensfinance.biz
1 www.citizensfinanceinc.com 1 redirects
34 9

This site contains links to these domains. Also see Links.

Domain
www.vismediagroup.com
Subject Issuer Validity Valid
www.citizensfinance.biz
Let's Encrypt Authority X3		 2019-01-08 -
2019-04-08		 3 months crt.sh
editmysite.com
GlobalSign CloudSSL CA - SHA256 - G3		 2018-06-07 -
2019-03-21		 9 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.citizensfinance.biz/
Frame ID: ACA0DD624CEE52D12ADA06890E150467
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.citizensfinanceinc.com/ HTTP 301
    https://www.citizensfinance.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /cdn\d+\.editmysite\.com/i
Overall confidence: 100%
Detected patterns
  • env /^mejs$/i
Overall confidence: 100%
Detected patterns
  • env /^VideoJS$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Mustache$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^Hammer$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

34
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

729 kB
Transfer

2098 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.citizensfinanceinc.com/ HTTP 301
    https://www.citizensfinance.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.citizensfinance.biz/
Redirect Chain
  • https://www.citizensfinanceinc.com/
  • https://www.citizensfinance.biz/
31 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
Apache /
Resource Hash
c345ec63cbc5c7b38970c1edd0ad08b2e78115aff3532cef5ad522a885366272

Request headers

Host
www.citizensfinance.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Server
Apache
Set-Cookie
is_mobile=0; path=/; domain=www.citizensfinance.biz language=en; expires=Sun, 17-Feb-2019 04:01:58 GMT; Max-Age=1209600; path=/
Vary
X-W-SSL,Accept-Encoding,User-Agent
Cache-Control
private
ETag
W/"1f4489fd72896d944976fa237928c435-gzip"
Content-Encoding
gzip
X-Host
pages38.sf2p.intern.weebly.net
X-UA-Compatible
IE=edge,chrome=1
Content-Length
7011
Keep-Alive
timeout=10, max=74
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

status
301
content-type
text/html
content-length
617
date
Sun, 03 Feb 2019 04:01:56 GMT
server
LiteSpeed
location
https://www.citizensfinance.biz/
alt-svc
quic=":443"; ma=2592000; v="35,39,43"
Cookie set gdprscript.js
www.citizensfinance.biz/gdpr/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citizensfinance.biz/gdpr/gdprscript.js?buildTime=1549055933&hasRemindMe=true&stealth=false
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
Apache /
Resource Hash
ffac94f92ff82bd187e921f86a5438a5184f9bb993e6ce4c4e53f5ddeab46613

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.citizensfinance.biz/
Cookie
is_mobile=0; language=en
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Server
Apache
Vary
X-W-SSL,User-Agent
Content-Type
application/javascript
Set-Cookie
language=en; expires=Sun, 17-Feb-2019 04:01:58 GMT; Max-Age=1209600; path=/
Cache-Control
private
Transfer-Encoding
chunked
X-Host
pages4.sf2p.intern.weebly.net
Connection
Keep-Alive
Keep-Alive
timeout=10, max=69
X-UA-Compatible
IE=edge,chrome=1
sites.css
cdn2.editmysite.com/css/ 		229 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/sites.css?buildTime=1547782136
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e6137374f011ef7f8a2a23b2dd5de55c5fa30836eb098e71016c2fd832fc0e70

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Via
1.1 varnish, 1.1 varnish
Age
402753
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
33141
X-Served-By
cache-sjc3122-SJC, cache-fra19139-FRA
Last-Modified
Mon, 28 Jan 2019 18:51:27 GMT
Server
nginx
X-Timer
S1549166518.275716,VS0,VE0
ETag
W/"5c4f4f2f-395f9"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Tue, 12 Feb 2019 12:09:25 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
1, 1338
fancybox.css
cdn2.editmysite.com/css/old/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/old/fancybox.css?1547782136
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Via
1.1 varnish, 1.1 varnish
Age
174753
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1218
X-Served-By
cache-sjc3134-SJC, cache-fra19136-FRA
Last-Modified
Thu, 31 Jan 2019 22:27:52 GMT
Server
nginx
X-Timer
S1549166518.275685,VS0,VE0
ETag
"5c537668-f47"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Fri, 15 Feb 2019 03:29:25 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
1, 1195
social-icons.css
cdn2.editmysite.com/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/social-icons.css?buildtime=1547782136
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
28fa3e2922fcf3027560d77d70978b534dc3cccddbfcc44de9d2ab85b14a3089

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Via
1.1 varnish, 1.1 varnish
Age
174753
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1640
X-Served-By
cache-sjc3148-SJC, cache-fra19148-FRA
Last-Modified
Thu, 31 Jan 2019 22:27:52 GMT
Server
nginx
X-Timer
S1549166518.275966,VS0,VE0
ETag
W/"5c537668-3319"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Fri, 15 Feb 2019 03:29:24 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
2, 282
main_style.css
www.citizensfinance.biz/files/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citizensfinance.biz/files/main_style.css?1548193380
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
9c4ee24f2f579691857c77f1a5ae4da6dd7d673435e617289e7384d9cfb937c5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.citizensfinance.biz/
Cookie
is_mobile=0; language=en
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Transfer-Encoding
chunked
X-Host
pages55.sf2p.intern.weebly.net
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
Expires
Mon, 04 Feb 2019 04:01:58 GMT
css
fonts.googleapis.com/ 		3 KB
547 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,300,200,700&subset=latin,latin-ext
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
650055035dc060dd9dd073b3c6ac778a5ef2a490d21e4454a77f41f39d2b3e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 03 Feb 2019 04:01:58 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 03 Feb 2019 04:01:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sun, 03 Feb 2019 04:01:58 GMT
css
fonts.googleapis.com/ 		7 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1a57bdd1ceab8984484bc737b689887392fbff8d84c3b1728f74250e65f433bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 03 Feb 2019 04:01:58 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 03 Feb 2019 04:01:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sun, 03 Feb 2019 04:01:58 GMT
css
fonts.googleapis.com/ 		3 KB
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Gentium+Basic:400,700,400italic,700italic&subset=latin,latin-ext
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5971e9fc0ea8ede0f85d9db14feca1bfdb05acc1d593901664e260fae491efc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 03 Feb 2019 04:01:58 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 03 Feb 2019 04:01:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sun, 03 Feb 2019 04:01:58 GMT
css
fonts.googleapis.com/ 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
dae88be3f9824cc56d05c5f37f689b2452c104f2fe8dcea4d8cf3f9fead4028b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 03 Feb 2019 04:01:58 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 03 Feb 2019 04:01:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sun, 03 Feb 2019 04:01:58 GMT
font.css
cdn2.editmysite.com/fonts/Saginaw/ 		164 B
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/fonts/Saginaw/font.css?2
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
f0d3ac2760d8823459cc995f608dabf61545286137c842f8cb46f9c729e9c13d

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Via
1.1 varnish, 1.1 varnish
Age
323234
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
131
X-Served-By
cache-sjc3141-SJC, cache-fra19147-FRA
Last-Modified
Tue, 29 Jan 2019 21:43:39 GMT
Server
nginx
X-Timer
S1549166518.277588,VS0,VE0
ETag
"5c50c90b-a4"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Wed, 13 Feb 2019 10:14:44 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
3, 18
css
fonts.googleapis.com/ 		4 KB
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c3dad67a08080a266e21b05646996aa41c3c9cd4f65cb902916d6a76978baa0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 03 Feb 2019 04:01:58 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 03 Feb 2019 04:01:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sun, 03 Feb 2019 04:01:58 GMT
templateArtifacts.js
www.citizensfinance.biz/files/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citizensfinance.biz/files/templateArtifacts.js?1548193380
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.citizensfinance.biz/
Cookie
is_mobile=0; language=en
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Transfer-Encoding
chunked
X-Host
pages40.sf2p.intern.weebly.net
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
Expires
Mon, 04 Feb 2019 04:01:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 03 Jan 2019 09:47:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2657644
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
33593
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2020 09:47:54 GMT
stl.js
cdn2.editmysite.com/js/lang/en/ 		126 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1547782136&
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
04742cb3d5ec78b22274103f49cffb8da319562194bad74acd2e89898b666460

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Via
1.1 varnish, 1.1 varnish
Age
234743
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
22118
X-Served-By
cache-sjc3135-SJC, cache-fra19147-FRA
Last-Modified
Thu, 31 Jan 2019 01:06:40 GMT
Server
nginx
X-Timer
S1549166518.277652,VS0,VE0
ETag
W/"5c524a20-1f964"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
Thu, 14 Feb 2019 10:49:36 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
1, 1152
main.js
cdn2.editmysite.com/js/site/ 		465 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/site/main.js?buildTime=1547782136
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
a10ebacc598a70bed220076c4c2783de4c95ff7b92bdee8a99a1535d5ff925b4

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Via
1.1 varnish, 1.1 varnish
Age
407663
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
149602
X-Served-By
cache-sjc3150-SJC, cache-fra19151-FRA
Last-Modified
Mon, 28 Jan 2019 18:51:27 GMT
Server
nginx
X-Timer
S1549166518.277723,VS0,VE0
ETag
W/"5c4f4f2f-743b2"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
Tue, 12 Feb 2019 10:47:35 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
114, 28
cf-logo-horizontal.png
www.citizensfinance.biz/uploads/1/6/2/7/16274104/published/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citizensfinance.biz/uploads/1/6/2/7/16274104/published/cf-logo-horizontal.png?1545880405
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
ea58ae01ffaa2eb1fe76bfb7b6b89b62dce2b7bbd0897c008067e0a72cea49f7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.citizensfinance.biz/
Cookie
is_mobile=0; language=en
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Last-Modified
Thu, 27 Dec 2018 03:15:47 GMT
Server
nginx
ETag
"8bdbd2270-20ae-57df85cde7ec0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8366
plugins.js
www.citizensfinance.biz/files/theme/ 		83 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citizensfinance.biz/files/theme/plugins.js?1531150540
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
6ee5ff05679a26a9027cbb63cadee08104fa248a93d3582a333a5d134c25460b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.citizensfinance.biz/
Cookie
is_mobile=0; language=en
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Jul 2018 15:35:40 GMT
Server
nginx
ETag
W/"8a78b3d32-14b3d-57092c408cb00"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
custom.js
www.citizensfinance.biz/files/theme/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citizensfinance.biz/files/theme/custom.js?1531150540
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
c057541328f3e6fcee23c1ec11a2d1d57dc8450e5ad366d56d41df4202955765

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.citizensfinance.biz/
Cookie
is_mobile=0; language=en
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Last-Modified
Mon, 09 Jul 2018 15:35:40 GMT
Server
nginx
ETag
"8a6a98524-ca1-57092c408cb00"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3233
mobile.js
www.citizensfinance.biz/files/theme/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citizensfinance.biz/files/theme/mobile.js?1531150540
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
52fce566223a538d2037cd7f8ee707362452d0e935d018f857322f10c4446e64

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.citizensfinance.biz/
Cookie
is_mobile=0; language=en
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Jul 2018 15:35:40 GMT
Server
nginx
ETag
W/"8a6a98525-28ab-57092c408cb00"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
main-customer-accounts-site.js
cdn2.editmysite.com/js/site/ 		484 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1547782136
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
af2812869f8ba2e1e7b2ca90aa5f28efa8be1c9210a37bc4f16c5ce0f841faa1

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Via
1.1 varnish, 1.1 varnish
Age
755479
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
153284
X-Served-By
cache-sjc3136-SJC, cache-fra19151-FRA
Last-Modified
Fri, 25 Jan 2019 00:08:58 GMT
Server
nginx
X-Timer
S1549166519.673087,VS0,VE0
ETag
W/"5c4a539a-7910f"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
Fri, 08 Feb 2019 10:10:39 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
3, 1187
js
www.googletagmanager.com/gtag/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-125181625-2
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
f112f759606032f6cd358c040c7bfc2f525e30a61ced824fa54fe1237bd80c5e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Feb 2019 04:01:58 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
32359
x-xss-protection
1; mode=block
expires
Sun, 03 Feb 2019 04:01:58 GMT
snowday261.js
cdn2.editmysite.com/js/wsnbn/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/wsnbn/snowday261.js
Requested by
Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/site/main.js?buildTime=1547782136
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
1529c73abb48b223f2c5337afea8ab4f0cefe98348c17205c4c8161223608a43

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Via
1.1 varnish, 1.1 varnish
Age
326217
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
25690
X-Served-By
cache-sjc3135-SJC, cache-fra19139-FRA
Last-Modified
Tue, 29 Jan 2019 21:43:40 GMT
Server
nginx
X-Timer
S1549166519.670826,VS0,VE0
ETag
W/"5c50c90c-12441"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
Wed, 13 Feb 2019 09:25:01 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
1, 36195
1676755215.jpg
www.citizensfinance.biz/uploads/1/6/2/7/16274104/background-images/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citizensfinance.biz/uploads/1/6/2/7/16274104/background-images/1676755215.jpg
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
ebca6efc64cf1f11613153a045927b184746b57222cb17ee8922d743d4935d40

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.citizensfinance.biz/
Cookie
is_mobile=0; language=en
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:58 GMT
Last-Modified
Thu, 27 Dec 2018 04:46:30 GMT
Server
nginx
ETag
"831eea18b-10c63-57df9a14c1580"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68707
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3ff817f9993de055634774310a26061f2feafbccfaad8aaa6bfb9e4d6fe5ce94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
Origin
https://www.citizensfinance.biz

Response headers

date
Fri, 25 Jan 2019 14:55:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:25:39 GMT
server
sffe
age
738403
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13064
x-xss-protection
1; mode=block
expires
Sat, 25 Jan 2020 14:55:15 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v13/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a301f4dd52945b5cf0f0c018af9779de11a70d82c26edb17139756af5a16d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext
Origin
https://www.citizensfinance.biz

Response headers

date
Tue, 22 Jan 2019 18:17:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:20:15 GMT
server
sffe
age
985440
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16652
x-xss-protection
1; mode=block
expires
Wed, 22 Jan 2020 18:17:58 GMT
Wnz9HAw9aB_JD2VGQVR80We3LA2JiBA8YII.woff2
fonts.gstatic.com/s/gentiumbasic/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/gentiumbasic/v10/Wnz9HAw9aB_JD2VGQVR80We3LA2JiBA8YII.woff2
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4225224ecdb476c4a5ff4e1224924a1320899cbdac37f3c8ab003c6c47bd75f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Gentium+Basic:400,700,400italic,700italic&subset=latin,latin-ext
Origin
https://www.citizensfinance.biz

Response headers

date
Mon, 21 Jan 2019 09:17:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 20:05:23 GMT
server
sffe
age
1104255
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15392
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2020 09:17:43 GMT
nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7yRZrPA.woff2
fonts.gstatic.com/s/playfairdisplay/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v13/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7yRZrPA.woff2
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d96d61e0766027a2675475a6981713e4ccc4fe1dd7f11eb1148fff2d027727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext
Origin
https://www.citizensfinance.biz

Response headers

date
Mon, 21 Jan 2019 09:17:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:20:23 GMT
server
sffe
age
1104258
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
17932
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2020 09:17:40 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v12/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1c21dd409e977f176ae963b5510fbdd57669e9861fff9f5d9a46b6fc73f430fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:400,300,200,700&subset=latin,latin-ext
Origin
https://www.citizensfinance.biz

Response headers

date
Tue, 22 Jan 2019 18:18:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:45 GMT
server
sffe
age
985434
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13160
x-xss-protection
1; mode=block
expires
Wed, 22 Jan 2020 18:18:04 GMT
WnzjHAw9aB_JD2VGQVR80We3LAi5iho7QoCBZA.woff2
fonts.gstatic.com/s/gentiumbasic/v10/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/gentiumbasic/v10/WnzjHAw9aB_JD2VGQVR80We3LAi5iho7QoCBZA.woff2
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
947a6efe5df974075b9440ea1bf509e2d8b7c19fe02ee063ae8606e81b315ba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Gentium+Basic:400,700,400italic,700italic&subset=latin,latin-ext
Origin
https://www.citizensfinance.biz

Response headers

date
Tue, 15 Jan 2019 22:44:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 20:09:34 GMT
server
sffe
age
1574227
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
17144
x-xss-protection
1; mode=block
expires
Wed, 15 Jan 2020 22:44:51 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
6090
date
Sun, 03 Feb 2019 02:20:29 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17168
expires
Sun, 03 Feb 2019 04:20:29 GMT
snowday262.js
cdn2.editmysite.com/js/wsnbn/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by
Host: www.citizensfinance.biz
URL: https://www.citizensfinance.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::302 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 04:01:59 GMT
Via
1.1 varnish, 1.1 varnish
Age
238389
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
25723
X-Served-By
cache-sjc3128-SJC, cache-fra19151-FRA
Last-Modified
Thu, 31 Jan 2019 01:06:40 GMT
Server
nginx
X-Timer
S1549166519.004568,VS0,VE0
ETag
W/"5c524a20-124fe"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
Thu, 14 Feb 2019 09:48:49 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Cache-Hits
1, 28405
/
www.citizensfinance.biz/ajax/api/JsonRPC/CustomerAccounts/ 		348 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.citizensfinance.biz/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-21.weebly.com
Software
Apache /
Resource Hash
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Request headers

Pragma
no-cache
Origin
https://www.citizensfinance.biz
Accept-Encoding
gzip, deflate, br
Host
www.citizensfinance.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Cookie
is_mobile=0; language=en
Connection
keep-alive
Referer
https://www.citizensfinance.biz/
Content-Length
83
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.citizensfinance.biz/
Origin
https://www.citizensfinance.biz
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sun, 03 Feb 2019 04:01:59 GMT
Server
Apache
Vary
X-W-SSL,User-Agent
Content-Type
application/json
X-Host
pages51.sf2p.intern.weebly.net
Connection
Keep-Alive
Keep-Alive
timeout=10, max=60
Content-Length
348
X-UA-Compatible
IE=edge,chrome=1
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125181625-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.citizensfinance.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
772
date
Sun, 03 Feb 2019 03:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17543
expires
Sun, 03 Feb 2019 05:49:07 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| w_gdpr object| kingsBanner object| Weebly string| STATIC_BASE string| ASSETS_BASE string| STYLE_PREFIX function| $ function| jQuery object| _W function| publishedWBJP string| RECAPTCHA_PUBLIC_KEY string| INVISIBLE_RECAPTCHA_PUBLIC_KEY function| _ object| Mustache object| jQBrowser function| PlatformElement function| whenThemeCSSLoaded function| isThemeCSSLoaded function| blogCommentDisplayForm object| YTPlayer object| VimeoPlayer function| Sd function| Rd boolean| Cd function| videojs function| _V_ object| jsonrpc object| GlobalSnowplowNamespace function| _wsp function| getCartCount function| getCartNavElement function| reportCartNavElement function| initPublishedFlyoutMenus boolean| flyoutMenusRefreshable function| initEditorFlyoutMenus function| refreshNavCondense boolean| disableFlyouts function| FlyoutMenu function| objectify object| mejs function| MediaElement function| MediaElementPlayer function| require function| platformElementRequire function| initCustomerAccountsModels object| initEvt string| com_currentSite string| com_userID function| initFlyouts object| Snowplow function| Hammer object| jQuery1830680820625891768 object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| gtag object| dataLayer object| _gaq object| r function| snPlObR string| s object| regEx function| snowday string| doNotTrack boolean| lightboxLoaded object| navFlyoutMenu function| refreshPublishedFlyoutMenus object| google_tag_manager string| GoogleAnalyticsObject function| ga object| _gat object| google_tag_data object| gaplugins object| gaGlobal

2 Cookies

Domain/Path Name / Value
www.citizensfinance.biz/ Name: language
Value: en
.www.citizensfinance.biz/ Name: is_mobile
Value: 0

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1547782136(Line 7)
Message:
Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api info URL: https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1547782136(Line 7)
Message:
You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn2.editmysite.com
fonts.googleapis.com
fonts.gstatic.com
ssl.google-analytics.com
www.citizensfinance.biz
www.citizensfinanceinc.com
www.google-analytics.com
www.googletagmanager.com
172.86.87.7
199.34.228.69
2a00:1450:4001:816::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2008
2a00:1450:4001:825::2008
2a00:1450:4001:825::200e
2a04:4e42::302
04742cb3d5ec78b22274103f49cffb8da319562194bad74acd2e89898b666460
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1529c73abb48b223f2c5337afea8ab4f0cefe98348c17205c4c8161223608a43
1a57bdd1ceab8984484bc737b689887392fbff8d84c3b1728f74250e65f433bd
1c21dd409e977f176ae963b5510fbdd57669e9861fff9f5d9a46b6fc73f430fa
28fa3e2922fcf3027560d77d70978b534dc3cccddbfcc44de9d2ab85b14a3089
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3ff817f9993de055634774310a26061f2feafbccfaad8aaa6bfb9e4d6fe5ce94
4225224ecdb476c4a5ff4e1224924a1320899cbdac37f3c8ab003c6c47bd75f5
52fce566223a538d2037cd7f8ee707362452d0e935d018f857322f10c4446e64
5971e9fc0ea8ede0f85d9db14feca1bfdb05acc1d593901664e260fae491efc0
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
650055035dc060dd9dd073b3c6ac778a5ef2a490d21e4454a77f41f39d2b3e08
6ee5ff05679a26a9027cbb63cadee08104fa248a93d3582a333a5d134c25460b
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
947a6efe5df974075b9440ea1bf509e2d8b7c19fe02ee063ae8606e81b315ba6
9c4ee24f2f579691857c77f1a5ae4da6dd7d673435e617289e7384d9cfb937c5
a10ebacc598a70bed220076c4c2783de4c95ff7b92bdee8a99a1535d5ff925b4
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
af2812869f8ba2e1e7b2ca90aa5f28efa8be1c9210a37bc4f16c5ce0f841faa1
b3d96d61e0766027a2675475a6981713e4ccc4fe1dd7f11eb1148fff2d027727
c057541328f3e6fcee23c1ec11a2d1d57dc8450e5ad366d56d41df4202955765
c345ec63cbc5c7b38970c1edd0ad08b2e78115aff3532cef5ad522a885366272
c3dad67a08080a266e21b05646996aa41c3c9cd4f65cb902916d6a76978baa0b
d1a301f4dd52945b5cf0f0c018af9779de11a70d82c26edb17139756af5a16d5
dae88be3f9824cc56d05c5f37f689b2452c104f2fe8dcea4d8cf3f9fead4028b
e6137374f011ef7f8a2a23b2dd5de55c5fa30836eb098e71016c2fd832fc0e70
ea58ae01ffaa2eb1fe76bfb7b6b89b62dce2b7bbd0897c008067e0a72cea49f7
ebca6efc64cf1f11613153a045927b184746b57222cb17ee8922d743d4935d40
f0d3ac2760d8823459cc995f608dabf61545286137c842f8cb46f9c729e9c13d
f112f759606032f6cd358c040c7bfc2f525e30a61ced824fa54fe1237bd80c5e
ffac94f92ff82bd187e921f86a5438a5184f9bb993e6ce4c4e53f5ddeab46613