younosaycitizens.trickip.org Open in urlscan Pro
185.209.162.219  Malicious Activity! Public Scan

URL: http://younosaycitizens.trickip.org/
Submission Tags: tweet @atomspam #phishing #citizens #bank #financial #infosec #cybersecurity #atomspam Search All
Submission: On February 24 via api from FI — Scanned from NL

Summary

This website contacted 33 IPs in 8 countries across 30 domains to perform 107 HTTP transactions. The main IP is 185.209.162.219, located in Ede, Netherlands and belongs to HOSTING-SOLUTIONS, US. The main domain is younosaycitizens.trickip.org.
This is the only time younosaycitizens.trickip.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
42 185.209.162.219 14576 (HOSTING-S...)
1 9 34.255.162.196 16509 (AMAZON-02)
3 13.32.110.125 16509 (AMAZON-02)
2 178.249.97.23 11054 (LIVEPERSON)
2 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
4 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.89.95 16509 (AMAZON-02)
3 151.101.129.175 54113 (FASTLY)
1 54.154.235.81 16509 (AMAZON-02)
1 15.236.125.10 16509 (AMAZON-02)
1 1 54.229.62.148 16509 (AMAZON-02)
3 54.76.146.46 16509 (AMAZON-02)
2 143.204.89.24 16509 (AMAZON-02)
2 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
3 178.249.97.99 11054 (LIVEPERSON)
7 178.249.101.98 11054 (LIVEPERSON)
2 2 35.244.174.68 15169 (GOOGLE)
1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 1 23.35.209.176 16625 (AKAMAI-AS)
2 3 142.250.186.34 15169 (GOOGLE)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 1 3.127.178.105 16509 (AMAZON-02)
1 1 54.229.20.73 16509 (AMAZON-02)
8 8 151.101.194.49 54113 (FASTLY)
3 44.197.36.222 14618 (AMAZON-AES)
1 69.173.144.138 26667 (RUBICONPR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.37.25.97 16509 (AMAZON-02)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 2 2.18.79.145 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2 37.252.171.84 29990 (ASN-APPNEX)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 35.241.45.82 15169 (GOOGLE)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 208.89.15.170 11054 (LIVEPERSON)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2 34.206.163.95 14618 (AMAZON-AES)
2 208.89.12.87 11054 (LIVEPERSON)
107 33
Apex Domain
Subdomains
Transfer
42 trickip.org
younosaycitizens.trickip.org
451 KB
10 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 3317
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3650
418 KB
10 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 198
citizensbank.demdex.net — Cisco Umbrella Rank: 52831
13 KB
9 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1048
sync-tm.everesttech.net — Cisco Umbrella Rank: 591
2 KB
6 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3288
va.idp.liveperson.net — Cisco Umbrella Rank: 9802
va.v.liveperson.net — Cisco Umbrella Rank: 4026
122 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2096
d7gjslqccjhzcy7yowya-poww6v-a2f16cf77-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2090
fiabmmaaaidaekqce3yacgqaabr7q5nq-poww6v-cfb4abd9f-clienttons-s.akamaihd.net
1 KB
4 citizensbank.com
smetrics.citizensbank.com — Cisco Umbrella Rank: 68523
www.citizensbank.com — Cisco Umbrella Rank: 56617
metrics.citizensbank.com
7 KB
4 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4323
udc-neb.kampyle.com — Cisco Umbrella Rank: 2257
121 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 470
39 KB
3 glassboxdigital.io
report.citizen.glassboxdigital.io — Cisco Umbrella Rank: 59825
4 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
1 KB
3 omtrdc.net
citizensbank.tt.omtrdc.net — Cisco Umbrella Rank: 102343
2 KB
3 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3631
101 KB
3 glassboxcdn.com
cdn.glassboxcdn.com — Cisco Umbrella Rank: 14026
224 KB
3 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2969
37 KB
2 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1077
234 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 709
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
1 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 342
835 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1224
c.go-mpulse.net — Cisco Umbrella Rank: 618
51 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
747 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 846
449 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 422
273 B
1 akstat.io
02179919.akstat.io — Cisco Umbrella Rank: 51475
210 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
239 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 759
204 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1027
418 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 770
731 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1281
175 B
107 30
Domain Requested by
42 younosaycitizens.trickip.org younosaycitizens.trickip.org
9 dpm.demdex.net 1 redirects younosaycitizens.trickip.org
8 sync-tm.everesttech.net 8 redirects
7 lpcdn.lpsnmedia.net cdn.appdynamics.com
4 assets.adobedtm.com younosaycitizens.trickip.org
cdn.appdynamics.com
3 report.citizen.glassboxdigital.io cdn.glassboxcdn.com
3 cm.g.doubleclick.net 2 redirects
3 accdn.lpsnmedia.net cdn.appdynamics.com
lpcdn.lpsnmedia.net
3 citizensbank.tt.omtrdc.net younosaycitizens.trickip.org
cdn.glassboxcdn.com
3 nebula-cdn.kampyle.com younosaycitizens.trickip.org
cdn.appdynamics.com
3 cdn.appdynamics.com younosaycitizens.trickip.org
cdn.appdynamics.com
3 cdn.glassboxcdn.com 1 redirects younosaycitizens.trickip.org
3 nexus.ensighten.com younosaycitizens.trickip.org
2 va.v.liveperson.net cdn.appdynamics.com
2 mid.rkdms.com 1 redirects
2 va.idp.liveperson.net cdn.appdynamics.com
va.idp.liveperson.net
2 sync.search.spotxchange.com 1 redirects
2 ib.adnxs.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 www.citizensbank.com younosaycitizens.trickip.org
cdn.appdynamics.com
2 lptag.liveperson.net younosaycitizens.trickip.org
1 www.facebook.com
1 image2.pubmatic.com
1 udc-neb.kampyle.com
1 us-u.openx.net
1 fiabmmaaaidaekqce3yacgqaabr7q5nq-poww6v-cfb4abd9f-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 d7gjslqccjhzcy7yowya-poww6v-a2f16cf77-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 metrics.citizensbank.com cdn.appdynamics.com
1 02179919.akstat.io s.go-mpulse.net
1 pixel.rubiconproject.com
1 sync.crwdcntrl.net 1 redirects
1 ps.eyeota.net 1 redirects
1 p.rfihub.com 1 redirects
1 x.dlx.addthis.com 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 cm.everesttech.net 1 redirects
1 smetrics.citizensbank.com younosaycitizens.trickip.org
1 citizensbank.demdex.net younosaycitizens.trickip.org
1 s.go-mpulse.net younosaycitizens.trickip.org
107 42
Subject Issuer Validity Valid
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA
2022-04-26 -
2023-04-26
a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-15 -
2023-04-19
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
glassboxcdn.com
Cloudflare Inc ECC CA-3
2022-04-01 -
2023-04-01
a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-17 -
2023-07-22
a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-26 -
2023-12-28
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
smetrics.citizensbank.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-24 -
2023-07-25
a year crt.sh
www.citizensbank.com
Entrust Certification Authority - L1M
2022-07-01 -
2023-07-01
a year crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA
2023-01-09 -
2024-01-09
a year crt.sh
citizen.glassboxdigital.io
Amazon RSA 2048 M01
2023-02-21 -
2023-11-17
9 months crt.sh
*.idp.liveperson.net
Sectigo RSA Organization Validation Secure Server CA
2022-06-09 -
2023-06-09
a year crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA
2022-03-22 -
2023-03-22
a year crt.sh

This page contains 5 frames:

Primary Page: http://younosaycitizens.trickip.org/
Frame ID: 7C9118D274D3E41E38058EA8D488ADBC
Requests: 83 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Frame ID: 1E9ABC319BCFF0EC37D6FF2E07CF848D
Requests: 4 HTTP requests in this frame

Frame: https://citizensbank.demdex.net/dest5.html?d_nsid=0
Frame ID: B5118EED4E2E8A8556E1DA4435D22D6F
Requests: 16 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=http%3A%2F%2Fyounosaycitizens.trickip.org&site=89632304&env=prod&isCrossDomain=true
Frame ID: EF831C5737DE00DA84D875218A5A9157
Requests: 2 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1677227440626&loc=http%3A%2F%2Fyounosaycitizens.trickip.org
Frame ID: 96B813DE5E6CF2A303AA3025DD44DBCD
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Online Banking | Citizens

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adrum

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

33 %
HTTPS

21 %
IPv6

30
Domains

42
Subdomains

33
IPs

8
Countries

1592 kB
Transfer

5388 kB
Size

41
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1677227438492 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1677227438492
Request Chain 52
  • https://cm.everesttech.net/cm/dd?d_uuid=75977975967535786324521866831106772915 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-h1rwAAADf9jAN-
Request Chain 67
  • https://idsync.rlcdn.com/365868.gif?partner_uid=75977975967535786324521866831106772915 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzU5Nzc5NzU5Njc1MzU3ODYzMjQ1MjE4NjY4MzExMDY3NzI5MTUQABoNCK_r4Z8GEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=8df1bdcb9b00c83ec0206c714498ce343b9829d93b50bb3d2fad14b0aa35ebf2b0da87c991749652
Request Chain 69
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=75977975967535786324521866831106772915&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023022408303900016033427111
Request Chain 72
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzU5Nzc5NzU5Njc1MzU3ODYzMjQ1MjE4NjY4MzExMDY3NzI5MTU= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzU5Nzc5NzU5Njc1MzU3ODYzMjQ1MjE4NjY4MzExMDY3NzI5MTU=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECBA9ej5VtOQOLJwHrFD4Hk&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 73
  • https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455421255449531
Request Chain 76
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=75977975967535786324521866831106772915&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 77
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=75977975967535786324521866831106772915?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Request Chain 78
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1oMXJ3QUFBRGY5akFOLQ==
Request Chain 82
  • http://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1675696813407.js HTTP 307
  • https://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1675696813407.js
Request Chain 85
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-h1rwAAADf9jAN-&expires=90
Request Chain 86
  • http://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js HTTP 301
  • https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js
Request Chain 90
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-h1rwAAADf9jAN- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-h1rwAAADf9jAN-&C=1
Request Chain 91
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=poww6vdt0 HTTP 302
  • https://d7gjslqccjhzcy7yowya-poww6v-a2f16cf77-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 92
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=poww6vdt0 HTTP 302
  • https://fiabmmaaaidaekqce3yacgqaabr7q5nq-poww6v-cfb4abd9f-clienttons-s.akamaihd.net/eum/results.txt
Request Chain 93
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y-h1rwAAADf9jAN- HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY-h1rwAAADf9jAN-
Request Chain 94
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-h1rwAAADf9jAN-
Request Chain 96
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-h1rwAAADf9jAN-
Request Chain 97
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-h1rwAAADf9jAN-&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-h1rwAAADf9jAN-&img=1&__user_check__=1&sync_id=85a417cf-b41d-11ed-8595-1fe3cd8f0206
Request Chain 99
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-h1rwAAADf9jAN-&t=2592000&o=0
Request Chain 100
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=75977975967535786324521866831106772915&_ct=img HTTP 302
  • https://mid.rkdms.com/restricted

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
younosaycitizens.trickip.org/
32 KB
11 KB
Document
General
Full URL
http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
658eccb1f4fd1ef0c21aa13fca83d458ecb7d76a33d7a79e9600c2af3f9d5891

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
10491
Content-Type
text/html
Date
Fri, 24 Feb 2023 08:30:38 GMT
ETag
"816d-5f54ed71d3590-gzip"
Last-Modified
Wed, 22 Feb 2023 19:24:08 GMT
Server
nginx
Vary
Accept-Encoding
Bootstrap.js
younosaycitizens.trickip.org/index_files/
102 KB
32 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/Bootstrap.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
b5b180aa9146794e3db5796294f0e99bbe303bb369a74eb6178e1749254fcce1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:11 GMT
Server
nginx
ETag
W/"63f66bdb-19972"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pm_fp.js
younosaycitizens.trickip.org/index_files/
23 KB
7 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/pm_fp.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
c6fbe2de716de3100ada73ac3cd1f0c52d3bcd0957ae1623c2abd1c94e91e21e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:17 GMT
Server
nginx
ETag
W/"63f66be1-5cbf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-ui-1.10.3.custom.min.css
younosaycitizens.trickip.org/index_files/
24 KB
4 KB
Stylesheet
General
Full URL
http://younosaycitizens.trickip.org/index_files/jquery-ui-1.10.3.custom.min.css
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
ed8d47e31521785484d48c96b36240c3574714e4ff5e976df0a61dd38ad0ea70

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:13 GMT
Server
nginx
ETag
W/"63f66bdd-6139"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
normalize.css
younosaycitizens.trickip.org/index_files/
4 KB
1 KB
Stylesheet
General
Full URL
http://younosaycitizens.trickip.org/index_files/normalize.css
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
1e6be51ea21cb7c32432510738a91d761ebc8ce2e20ac16e3a4e5e0b755e6c02

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:15 GMT
Server
nginx
ETag
W/"63f66bdf-10e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
younosaycitizens.trickip.org/index_files/
52 KB
9 KB
Stylesheet
General
Full URL
http://younosaycitizens.trickip.org/index_files/main.css
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
abbb0149861c3a8fac56321ea2c104898fd755c73056c63e0fb8aee0728b8c81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:14 GMT
Server
nginx
ETag
W/"63f66bde-cf68"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
flows.css
younosaycitizens.trickip.org/index_files/
8 KB
2 KB
Stylesheet
General
Full URL
http://younosaycitizens.trickip.org/index_files/flows.css
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
ceb7baaaa6b7787e6c292bc745e400163bf83f58bc4d10c1ef88d9c6fc26135b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:13 GMT
Server
nginx
ETag
W/"63f66bdd-1fd0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ad-containers.css
younosaycitizens.trickip.org/index_files/
5 KB
1 KB
Stylesheet
General
Full URL
http://younosaycitizens.trickip.org/index_files/ad-containers.css
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
39ea5a0d4d224f0bb918f7b5044c487ede8dfe08200ccefe8d661c97fba70b0c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:11 GMT
Server
nginx
ETag
W/"63f66bdb-142c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr-2.6.2.min.js
younosaycitizens.trickip.org/index_files/
15 KB
6 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/modernizr-2.6.2.min.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:15 GMT
Server
nginx
ETag
W/"63f66bdf-3c36"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
plugins.js
younosaycitizens.trickip.org/index_files/
199 KB
45 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/plugins.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:16 GMT
Server
nginx
ETag
W/"63f66be0-31d24"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
younosaycitizens.trickip.org/index_files/
19 KB
5 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/main.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:14 GMT
Server
nginx
ETag
W/"63f66bde-4c03"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholders.min.js
younosaycitizens.trickip.org/index_files/
4 KB
2 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/placeholders.min.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:16 GMT
Server
nginx
ETag
W/"63f66be0-10aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
CTZ_Green-01.png
younosaycitizens.trickip.org/index_files/
5 KB
5 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/index_files/CTZ_Green-01.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Last-Modified
Wed, 22 Feb 2023 19:24:12 GMT
Server
nginx
ETag
"63f66bdc-149d"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5277
Expires
Thu, 31 Dec 2037 23:55:55 GMT
citizensHeaderFooter-citizensns2606.js
younosaycitizens.trickip.org/index_files/
428 KB
126 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/citizensHeaderFooter-citizensns2606.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
81eaa86cc084c9c37260cc87d34aff2ed5ea9036c16caf5f52aac810841e2641

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:12 GMT
Server
nginx
ETag
W/"63f66bdc-6b0fa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
n0CA3I.js
younosaycitizens.trickip.org/index_files/
195 KB
75 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/n0CA3I.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
53f2faf84b057fde014e48650ebe533c15a60ac55eff658ec7705790aeeff7ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:15 GMT
Server
nginx
ETag
W/"63f66bdf-30ad0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sec-3-9.css
younosaycitizens.trickip.org/index_files/
2 KB
1007 B
Stylesheet
General
Full URL
http://younosaycitizens.trickip.org/index_files/sec-3-9.css
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
ebb6a3aa448faedabdd032ad56b2f196894e780fddab1b75ed7d48cd8e6d2cb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:17 GMT
Server
nginx
ETag
W/"63f66be1-7bd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sec-cpt-3-9.js
younosaycitizens.trickip.org/index_files/
10 KB
4 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/sec-cpt-3-9.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
c6b4ade6fa79bbf42a9ba1be3a979f301139b4b9af2d79d2224f8db049d89438

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:17 GMT
Server
nginx
ETag
W/"63f66be1-28d7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
common.js
younosaycitizens.trickip.org/index_files/
5 KB
2 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/common.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
e8c5013c999bee8dd455c1ac01133c69dd9aa06b34a7397bdff291c5ecbdc84d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:12 GMT
Server
nginx
ETag
W/"63f66bdc-12f5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
launch-e2c3d40f4766.min.js
younosaycitizens.trickip.org/index_files/
319 KB
92 KB
Script
General
Full URL
http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
daa8db32b5905c55292c7da7ae257435c4a99881d5aafeb42b1ae6c0de7d224d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 19:24:14 GMT
Server
nginx
ETag
W/"63f66bde-4fbb0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1677227438492
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1677227438492
4 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1677227438492
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-162-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ff48fef7b3857e41c70d997933f8e5ba7f020060843f52c1cfd73d08d799b22d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-017db7cbf.edge-irl1.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
72QedDk9TCc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://younosaycitizens.trickip.org
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1317
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v046-03a127b6a.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
SK0kd+QHSwk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://younosaycitizens.trickip.org
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1677227438492
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
serverComponent.php
nexus.ensighten.com/citizensbank/olbprod/
398 B
837 B
Script
General
Full URL
http://nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Thu%20Feb%2002%2019:51:06%20GMT%202023&ClientID=397&PageID=http%3A%2F%2Fyounosaycitizens.trickip.org%2F
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/Bootstrap.js
Protocol
HTTP/1.1
Server
13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-125.vie50.r.cloudfront.net
Software
CloudFront /
Resource Hash
44ee3a202a0cc3463b60eb9ef6a94c20658836964f08ee08ebe899db7758a047

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Via
1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
VIE50-C2
X-Cache
Miss from cloudfront
Content-Type
text/javascript
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
398
X-Amz-Cf-Id
m2ib04o-LlMg1iweci4Vwebg0orun-LibalyBLn0J8suK8kjsJ1GUw==
Expires
Fri, 24 Feb 2023 08:30:37 GMT
tag.js
lptag.liveperson.net/tag/
21 KB
8 KB
Script
General
Full URL
https://lptag.liveperson.net/tag/tag.js?site=89632304
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 07 Dec 2022 20:20:28 GMT
server
ws
etag
"6390f58c-1da4"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
7588
citizen_roman.woff
younosaycitizens.trickip.org/index_files/font/
0
0
Font
General
Full URL
http://younosaycitizens.trickip.org/index_files/font/citizen_roman.woff
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://younosaycitizens.trickip.org/index_files/main.css
Origin
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
jquery-1.9.1.min.js
younosaycitizens.trickip.org/efs/efs/jsp-ns/scripts/
0
0
Script
General
Full URL
http://younosaycitizens.trickip.org/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
citizen_roman.ttf
younosaycitizens.trickip.org/index_files/font/
0
0
Font
General
Full URL
http://younosaycitizens.trickip.org/index_files/font/citizen_roman.ttf
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://younosaycitizens.trickip.org/index_files/main.css
Origin
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
s.go-mpulse.net/boomerang/ Frame 1E9A
205 KB
50 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:dc:18c::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:38 GMT
content-encoding
br
last-modified
Tue, 24 Jan 2023 04:05:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
icon-secure.png
younosaycitizens.trickip.org/efs/efs/grafx/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/efs/grafx/icon-secure.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/flows.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/index_files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
flows-tooltip.png
younosaycitizens.trickip.org/efs/efs/grafx/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/efs/grafx/flows-tooltip.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/flows.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/index_files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
arrow-button-white.png
younosaycitizens.trickip.org/efs/efs/grafx/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/efs/grafx/arrow-button-white.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/flows.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/index_files/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
arrow-down-blue.png
younosaycitizens.trickip.org/efs/efs/grafx/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/efs/grafx/arrow-down-blue.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/index_files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
arrow-right-orange.png
younosaycitizens.trickip.org/efs/efs/grafx/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/efs/grafx/arrow-right-orange.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/index_files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
citizen_extrabold.woff
younosaycitizens.trickip.org/index_files/font/
0
0
Font
General
Full URL
http://younosaycitizens.trickip.org/index_files/font/citizen_extrabold.woff
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://younosaycitizens.trickip.org/index_files/main.css
Origin
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
citizen_book.woff
younosaycitizens.trickip.org/index_files/font/
0
0
Font
General
Full URL
http://younosaycitizens.trickip.org/index_files/font/citizen_book.woff
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://younosaycitizens.trickip.org/index_files/main.css
Origin
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
citizen_extrabold.ttf
younosaycitizens.trickip.org/index_files/font/
0
0
Font
General
Full URL
http://younosaycitizens.trickip.org/index_files/font/citizen_extrabold.ttf
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://younosaycitizens.trickip.org/index_files/main.css
Origin
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
citizen_book.ttf
younosaycitizens.trickip.org/index_files/font/
0
0
Font
General
Full URL
http://younosaycitizens.trickip.org/index_files/font/citizen_book.ttf
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://younosaycitizens.trickip.org/index_files/main.css
Origin
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
EX79edef42b4ae460c95fb330a3d6ef99d-libraryCode_source.min.js
assets.adobedtm.com/c6a477a8a7f5/5b9adfd1f79d/adbd934971b3/
82 KB
28 KB
Script
General
Full URL
https://assets.adobedtm.com/c6a477a8a7f5/5b9adfd1f79d/adbd934971b3/EX79edef42b4ae460c95fb330a3d6ef99d-libraryCode_source.min.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9ec7512c8fc6297b47b3842af0daa51ffe34550763b1f6a0285efdfc0ea81e9d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:38 GMT
content-encoding
gzip
last-modified
Thu, 16 Feb 2023 21:47:35 GMT
server
AkamaiNetStorage
etag
"6ae158715cf9d696d665ae39ebea7153:1676584055.109308"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
http://younosaycitizens.trickip.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
28799
expires
Fri, 24 Feb 2023 09:30:38 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:38 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:27 GMT
server
AkamaiNetStorage
etag
"72152d82739a20813d7490454a0d252e:1642630707.464895"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
http://younosaycitizens.trickip.org
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8755
expires
Fri, 24 Feb 2023 09:30:38 GMT
detector-dom.min.js
cdn.glassboxcdn.com/citizen/OLB/p/
364 KB
112 KB
Script
General
Full URL
https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539fb8c821a40281df9376733a982048cbee054507dc38c35b9a5df712f6abc5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:38 GMT
x-amz-version-id
T2Bc1qyjIqiEa_6kvvmJw6SM3Q31lyb3
content-encoding
gzip
cf-cache-status
HIT
via
1.1 759d447e04dad48878f29ac5fabe9524.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P7
age
2842
x-cache
Hit from cloudfront
last-modified
Wed, 04 Jan 2023 14:39:25 GMT
server
cloudflare
etag
W/"845173368b011e7fa14658b57426fe09"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
79e6d72519181eb1-AMS
x-amz-cf-id
X0Wb4Tg38cuLJaVvQM2S_rS-6CnJCNiCiApn8GTUWiu1PUUKDoP3bA==
expires
Fri, 24 Feb 2023 12:30:38 GMT
adrum-latest.js
cdn.appdynamics.com/adrum/
110 KB
40 KB
Script
General
Full URL
https://cdn.appdynamics.com/adrum/adrum-latest.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-95.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
d9c69594744647024b8797524eae0a935b2cb63ae1948e1d44fe4575d5d103c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 01:21:27 GMT
content-encoding
gzip
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
716951
x-cache
Hit from cloudfront
last-modified
Wed, 21 Dec 2022 18:37:28 GMT
server
nginx/1.16.1
etag
W/"63a35268-1b785"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6v8D8nEelUMo9vukmiWG956DX1wCJg0WA0hL78_Qgtplmx_Q_m1atg==
embed.js
nebula-cdn.kampyle.com/wu/356861/onsite/
1 KB
967 B
Script
General
Full URL
https://nebula-cdn.kampyle.com/wu/356861/onsite/embed.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c39d7204e9bfd10003a89343538d29ed58b062a53c594fec199477c4905a7a32
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
ZYDwGxEDPOSvg7oL8mYigsZO2UmcwGlA
content-encoding
gzip
via
1.1 varnish
date
Fri, 24 Feb 2023 08:30:39 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
GMTGX9K2S0CGG06X
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
518
x-amz-id-2
Glg2V1SvbAg5wqMEm0Kz5wFzSG6wWkyocGoC7kJwNrX+gsrcFEqhsQ4As/rDIjdReHI5uSOk/5c=
x-served-by
cache-ewr18124-EWR
last-modified
Mon, 06 Feb 2023 15:20:15 GMT
server
AmazonS3
x-timer
S1677227439.123482,VS0,VE0
etag
"debbc5b47fccff0848c5a910deacda1c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
140672
RC1dceab5157a84f33804b708fffdf811d-source.min.js
assets.adobedtm.com/c6a477a8a7f5/5b9adfd1f79d/adbd934971b3/
860 B
791 B
Script
General
Full URL
https://assets.adobedtm.com/c6a477a8a7f5/5b9adfd1f79d/adbd934971b3/RC1dceab5157a84f33804b708fffdf811d-source.min.js
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e4640c4d89cfc72e0655ddf7517e1ed70ab17375a65cc20a894bdb48ee4949e3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:38 GMT
content-encoding
gzip
last-modified
Thu, 16 Feb 2023 21:47:35 GMT
server
AkamaiNetStorage
etag
"6ae158715cf9d696d665ae39ebea7153:1676584055.109308"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
http://younosaycitizens.trickip.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
517
expires
Fri, 24 Feb 2023 09:30:38 GMT
citizensns.min.2606.css
younosaycitizens.trickip.org/efs/hhf/css/
0
0
Stylesheet
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/css/citizensns.min.2606.css
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/citizensHeaderFooter-citizensns2606.js
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
citiolb_icons.woff
younosaycitizens.trickip.org/index_files/font/
0
0
Font
General
Full URL
http://younosaycitizens.trickip.org/index_files/font/citiolb_icons.woff
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://younosaycitizens.trickip.org/index_files/main.css
Origin
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
CTZ_Green-01.png
younosaycitizens.trickip.org/efs/hhf/img/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/img/CTZ_Green-01.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
equal-housing.gif
younosaycitizens.trickip.org/efs/hhf/img/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/img/equal-housing.gif
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
footer-follow-facebook.png
younosaycitizens.trickip.org/efs/hhf/img/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/img/footer-follow-facebook.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
footer-follow-twitter.png
younosaycitizens.trickip.org/efs/hhf/img/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/img/footer-follow-twitter.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
footer-follow-linkedin.png
younosaycitizens.trickip.org/efs/hhf/img/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/img/footer-follow-linkedin.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
footer-follow-youtube.png
younosaycitizens.trickip.org/efs/hhf/img/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/img/footer-follow-youtube.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
elh.gif
younosaycitizens.trickip.org/efs/hhf/img/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/img/elh.gif
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
fdicFooter.gif
younosaycitizens.trickip.org/efs/hhf/img/
1 KB
1 KB
Image
General
Full URL
http://younosaycitizens.trickip.org/efs/hhf/img/fdicFooter.gif
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
dest5.html
citizensbank.demdex.net/ Frame B511
7 KB
3 KB
Document
General
Full URL
https://citizensbank.demdex.net/dest5.html?d_nsid=0
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.235.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-235-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://younosaycitizens.trickip.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v046-0f71a5189.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
LjVsBxcASVY=
content-encoding
gzip
date
Fri, 24 Feb 2023 08:30:39 GMT
last-modified
Wed, 8 Feb 2023 11:53:45 GMT
vary
accept-encoding
id
smetrics.citizensbank.com/
48 B
470 B
XHR
General
Full URL
https://smetrics.citizensbank.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=4C3B0C3755C3822E7F000101%40AdobeOrg&mid=76020754207597334874526071537596461524&ts=1677227438882
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.125.10 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
f2da9c7b99464bd5b9fa83e9c25038cef9a81644b96040b5c85c822eac238e76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://younosaycitizens.trickip.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
http://younosaycitizens.trickip.org
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y-h1rwAAADf9jAN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=75977975967535786324521866831106772915
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-h1rwAAADf9jAN-
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-h1rwAAADf9jAN-
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-162-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-0040bba41.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7BctVXEKSZo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-h1rwAAADf9jAN-
Date
Fri, 24 Feb 2023 08:30:39 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
citizensbank.tt.omtrdc.net/rest/v1/
355 B
935 B
XHR
General
Full URL
http://citizensbank.tt.omtrdc.net/rest/v1/delivery?client=citizensbank&sessionId=4728289b56e643f8b2ac9b237868841e&version=2.8.1
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Protocol
HTTP/1.1
Server
54.76.146.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-146-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3000bfd5cb94730e9810ece4b7e02628d1c7dab798d6b0198cf8722acd6ea1e8

Request headers

Referer
http://younosaycitizens.trickip.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Feb 2023 08:30:39 GMT
Content-Encoding
gzip
Accept-CH
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
Transfer-Encoding
chunked
Vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://younosaycitizens.trickip.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-ID
eae71db60327d7f147f8e3264533fccc
fa032e76acdf51a05932768fc255b20e.js
nexus.ensighten.com/citizensbank/olbprod/code/
27 KB
5 KB
Script
General
Full URL
http://nexus.ensighten.com/citizensbank/olbprod/code/fa032e76acdf51a05932768fc255b20e.js?conditionId0=421909
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/Bootstrap.js
Protocol
HTTP/1.1
Server
13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-125.vie50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5fe543fc3d4105afd5ba9d35740996f3f8e0f55ad4d8cdeb3767aa76d7624ac1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 06:11:50 GMT
x-amz-version-id
70eya25cJt7bT.1fNfHwkrC13ExNiLKW
Content-Encoding
gzip
Via
1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-C2
Age
699529
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Thu, 02 Feb 2023 19:51:08 GMT
Server
CloudFront
ETag
W/"0c02b0006337c705c6723177ef79e4c2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
X-Amz-Cf-Id
DR11oQ0ui5Z0QeqHy_MFXn_roJNvfqQcbEBmHFQl3Wjf0rA0GOAKGA==
28663fdb1da63e0b261fc581f8084619.js
nexus.ensighten.com/citizensbank/olbprod/code/
88 KB
31 KB
Script
General
Full URL
http://nexus.ensighten.com/citizensbank/olbprod/code/28663fdb1da63e0b261fc581f8084619.js?conditionId0=4921117
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/Bootstrap.js
Protocol
HTTP/1.1
Server
13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-125.vie50.r.cloudfront.net
Software
CloudFront /
Resource Hash
3b531a8826aeb7dd365eb418b6aee5b8204f5e38c311f588ad75bbe7de570b16

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 10:52:57 GMT
x-amz-version-id
7Vz_bNM1vqq_ptJsDOdn8z3nddxBTl2j
Content-Encoding
gzip
Via
1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-C2
Age
596263
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Wed, 12 Oct 2022 04:24:01 GMT
Server
CloudFront
ETag
W/"7f943d1386ac8d666a04c5f7c1aca6a2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
X-Amz-Cf-Id
1fqTf7lKpdy5LBqNkUYyVCaYIEvhOjLFfhBNF4fV7OnTd4-oHlpVcQ==
citiolb_icons.ttf
younosaycitizens.trickip.org/index_files/font/
0
0
Font
General
Full URL
http://younosaycitizens.trickip.org/index_files/font/citiolb_icons.ttf
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/main.css
Protocol
HTTP/1.1
Server
185.209.162.219 Ede, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://younosaycitizens.trickip.org/index_files/main.css
Origin
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 18:32:59 GMT
Server
nginx
ETag
W/"5b3-5f54e2023f7e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
.jsonp
lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/
293 KB
105 KB
Script
General
Full URL
https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
43c6fe1fd9a98fbc6f6193e553a52e6981e95879cbb7fb4f88b418231a16a63d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
MISS
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
adrum-latest.js
cdn.appdynamics.com/adrum/
110 KB
40 KB
Script
General
Full URL
http://cdn.appdynamics.com/adrum/adrum-latest.js?
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
HTTP/1.1
Server
143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-24.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
d9c69594744647024b8797524eae0a935b2cb63ae1948e1d44fe4575d5d103c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 01:21:27 GMT
Content-Encoding
gzip
Via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Age
716952
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 21 Dec 2022 18:37:28 GMT
Server
nginx/1.16.1
ETag
W/"63a35268-1b785"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id
lgfMZNRqg7y2SKEorqAA0bWdlkyXZ0W6indBSOaQCknlEqEAnT3lSQ==
feedback.png
www.citizensbank.com/assets/CB_media/images/
824 B
1 KB
Image
General
Full URL
https://www.citizensbank.com/assets/CB_media/images/feedback.png
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:397::1f37 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 22 Jan 2020 18:38:44 GMT
server
openresty/1.21.4.1
etag
"5e2896b4-338"
content-type
image/png
cache-control
max-age=600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="465896_1750271023_3043410879_119_63000_43_0";dur=1
accept-ranges
bytes
x-robots-tag
none
content-length
824
delivery
citizensbank.tt.omtrdc.net/rest/v1/
0
321 B
Ping
General
Full URL
http://citizensbank.tt.omtrdc.net/rest/v1/delivery?client=citizensbank&sessionId=4728289b56e643f8b2ac9b237868841e&version=2.8.1
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/index_files/launch-e2c3d40f4766.min.js
Protocol
HTTP/1.1
Server
54.76.146.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-146-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://younosaycitizens.trickip.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
http://younosaycitizens.trickip.org
Date
Fri, 24 Feb 2023 08:30:39 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Request-ID
b9be52f2fe83da51d3fc12619b36d7d5
/
accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/
7 KB
3 KB
Script
General
Full URL
https://accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
2ca01b9a92fc83290e4ab69d661b807e2bfc2dd8dbaf8baa578cd44e1bcf760a
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
MISS
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 24 Feb 2023 08:31:39 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/
40 KB
15 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/ui-framework.js?version=10.24.1.0-release_5557
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Feb 2023 02:05:10 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Sat, 24 Feb 2024 08:30:39 GMT
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/
88 KB
30 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/UMSClientAPI.min.js?version=10.24.1.0-release_5557
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Feb 2023 02:05:09 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Sat, 24 Feb 2024 08:30:39 GMT
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/
92 KB
31 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/lpChatV3.min.js?version=10.24.1.0-release_5557
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Feb 2023 02:05:10 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Sat, 24 Feb 2024 08:30:39 GMT
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/
8 KB
3 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/surveylogicinstance.min.js?version=10.24.1.0-release_5557
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Feb 2023 02:05:10 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Sat, 24 Feb 2024 08:30:39 GMT
zones
accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/
5 KB
2 KB
Script
General
Full URL
https://accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
35b27ff3ee662d6566c3058d785bdf1e3021bbeb7e311a5353cd756747af679c
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
MISS
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 24 Feb 2023 08:31:39 GMT
ibs:dpid=477&dpuuid=8df1bdcb9b00c83ec0206c714498ce343b9829d93b50bb3d2fad14b0aa35ebf2b0da87c991749652
dpm.demdex.net/ Frame B511
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=75977975967535786324521866831106772915
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzU5Nzc5NzU5Njc1MzU3ODYzMjQ1MjE4NjY4MzExMDY3NzI5MTUQABoNCK_r4Z8GEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=8df1bdcb9b00c83ec0206c714498ce343b9829d93b50bb3d2fad14b0aa35ebf2b0da87c991749652
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=8df1bdcb9b00c83ec0206c714498ce343b9829d93b50bb3d2fad14b0aa35ebf2b0da87c991749652
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-162-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v046-02a7d0da5.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3YP+4lMMQLU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 24 Feb 2023 08:30:39 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=8df1bdcb9b00c83ec0206c714498ce343b9829d93b50bb3d2fad14b0aa35ebf2b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
config.json
c.go-mpulse.net/api/ Frame 1E9A
801 B
1 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=A9397-AA2WQ-WQN9E-BBVTK-Y8BXE&d=younosaycitizens.trickip.org&t=5590758&v=1.720.0&if=&sl=0&si=d9558b57-e048-4592-91f3-cb3c27a59b39-rqksz0&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=354307
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:dc:383::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a0a42b55256de8725daf6f1173280f7f72b3fe1072c685c040d86a69731e2d56

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Feb 2023 08:30:39 GMT
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
801
Content-Type
application/json
ibs:dpid=134096&dpuuid=2023022408303900016033427111
dpm.demdex.net/ Frame B511
Redirect Chain
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=75977975967535786324521866831106772915&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023022408303900016033427111
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023022408303900016033427111
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-162-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v046-0f71a5189.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
laxPIhItQYw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023022408303900016033427111
pragma
no-cache
date
Fri, 24 Feb 2023 08:30:39 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Fri, 24 Feb 2023 08:30:39 GMT
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ Frame EF83
39 KB
16 KB
Document
General
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=http%3A%2F%2Fyounosaycitizens.trickip.org&site=89632304&env=prod&isCrossDomain=true
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://younosaycitizens.trickip.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods
GET, POST, PATCH
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
content-encoding
gzip
content-type
text/html
date
Fri, 24 Feb 2023 08:30:39 GMT
expires
Sat, 24 Feb 2024 08:30:39 GMT
last-modified
Thu, 03 Nov 2022 22:00:32 GMT
server
ws
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-cache-status
HIT
x-content-type-options
nosniff
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/
37 KB
15 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=http%3A%2F%2Fyounosaycitizens.trickip.org&site=89632304&force=1&env=prod&isCrossDomain=true
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:00:32 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Sat, 24 Feb 2024 08:30:39 GMT
ibs:dpid=771&dpuuid=CAESECBA9ej5VtOQOLJwHrFD4Hk&google_cver=1
dpm.demdex.net/ Frame B511
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzU5Nzc5NzU5Njc1MzU3ODYzMjQ1MjE4NjY4MzExMDY3NzI5MTU=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzU5Nzc5NzU5Njc1MzU3ODYzMjQ1MjE4NjY4MzExMDY3NzI5MTU=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECBA9ej5VtOQOLJwHrFD4Hk&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECBA9ej5VtOQOLJwHrFD4Hk&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-162-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v046-00542c3f7.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
yhBImaQeRYE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 24 Feb 2023 08:30:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECBA9ej5VtOQOLJwHrFD4Hk&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=1121&dpuuid=5134455421255449531
dpm.demdex.net/ Frame B511
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=7085
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455421255449531
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455421255449531
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-162-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-03cf679dc.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dEqZQenvQi8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455421255449531
Date
Fri, 24 Feb 2023 08:30:39 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
refererrestrictions
accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/ Frame EF83
748 B
2 KB
Script
General
Full URL
https://accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb76632x72154
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=http%3A%2F%2Fyounosaycitizens.trickip.org&site=89632304&env=prod&isCrossDomain=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
5cad8537b8d0d720a7ade121e00ca749ba0e36284aebf84fdaf6b04d26bff272
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://lpcdn.lpsnmedia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
MISS
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Fri, 24 Feb 2023 08:31:39 GMT
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/
964 KB
301 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/desktopEmbedded.js?version=10.24.1.0-release_5557
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
c441d9a7e2301ce5e76a204bd8bc68ac2412963142a747d5afebeefc5b97b45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 11 Feb 2023 02:05:10 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Sat, 24 Feb 2024 08:30:39 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame B511
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=75977975967535786324521866831106772915&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-162-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v046-0dc39c7af.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PtYRsfyVRg0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Fri, 24 Feb 2023 08:30:39 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame B511
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=75977975967535786324521866831106772915?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Requested by
Host: younosaycitizens.trickip.org
URL: http://younosaycitizens.trickip.org/
Protocol
HTTP/1.1
Server
34.255.162.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-162-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-08c2553c3.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mRGHTULhTcE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 24 Feb 2023 08:30:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control
no-cache
x-server
10.45.13.2
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1oMXJ3QUFBRGY5akFOLQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1oMXJ3QUFBRGY5akFOLQ==
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 08:30:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-ewr18134-EWR
pragma
no-cache
date
Fri, 24 Feb 2023 08:30:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677227440.171521,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1oMXJ3QUFBRGY5akFOLQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
delivery
citizensbank.tt.omtrdc.net/rest/v1/
341 B
924 B
XHR
General
Full URL
http://citizensbank.tt.omtrdc.net/rest/v1/delivery?client=citizensbank&sessionId=4728289b56e643f8b2ac9b237868841e&version=2.8.1
Requested by
Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js
Protocol
HTTP/1.1
Server
54.76.146.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-146-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e9db85ecf38c84b3c9a7422f92a991dd2fa9fd0e530c241e26b88ea589784ac6

Request headers

Referer
http://younosaycitizens.trickip.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Feb 2023 08:30:40 GMT
Content-Encoding
gzip
Accept-CH
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
Transfer-Encoding
chunked
Vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://younosaycitizens.trickip.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-ID
9daf250c103d743330537ea969f928c0
RC0b9b275a583541259978debecebf2ec4-source.min.js
assets.adobedtm.com/c6a477a8a7f5/5b9adfd1f79d/adbd934971b3/
655 B
610 B
Script
General
Full URL
https://assets.adobedtm.com/c6a477a8a7f5/5b9adfd1f79d/adbd934971b3/RC0b9b275a583541259978debecebf2ec4-source.min.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
08a9a7d6b804949ac8d6d2889a3707b5d17c6fe4907f358ac96f25af3f8115a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:40 GMT
content-encoding
gzip
last-modified
Thu, 16 Feb 2023 21:47:35 GMT
server
AkamaiNetStorage
etag
"6ae158715cf9d696d665ae39ebea7153:1676584055.109308"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
http://younosaycitizens.trickip.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
336
expires
Fri, 24 Feb 2023 09:30:40 GMT
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/
783 B
1 KB
XHR
General
Full URL
https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=80f3a3ef-b82a-4d85-8ee8-458f069dc132%3A0&_cls_v=b02c0384-eacd-431e-8e1c-cc3a5cdf3015&pv=2&f_cls_s=true
Requested by
Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.36.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-36-222.compute-1.amazonaws.com
Software
GlassBox Cligate /
Resource Hash
e51fb902a502807304e526c741733f7688d46a6e4918e83d8dfb35f404956b2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:40 GMT
content-encoding
gzip
Server
GlassBox Cligate
vary
origin
Content-Type
application/json
access-control-allow-origin
http://younosaycitizens.trickip.org
access-control-allow-credentials
true
Connection
keep-alive
GB-Server
g5015
X-Robots-Tag
noindex
Content-Length
456
generic1675696813407.js
nebula-cdn.kampyle.com/us/wu/356861/onsite/
Redirect Chain
  • http://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1675696813407.js
  • https://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1675696813407.js
860 KB
119 KB
Script
General
Full URL
https://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1675696813407.js
Protocol
H2
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b58319f79d62ef48a401649ec9edf239334f1ac0c04365908b0f8b7861a2023f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
aJUTZigEhSdU4te_lfLACwpbTT0xXWTh
content-encoding
gzip
via
1.1 varnish
date
Fri, 24 Feb 2023 08:30:40 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
DA3D9ADJ2TW4WJGW
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
121568
x-amz-id-2
os1uEKUN8OZzEYXDjqnsvcMsOmL0I8wr6nDwv977PxXVrtTo/NbVIRNL/64yaKYat5ml7Z7G0PQ=
x-served-by
cache-ewr18124-EWR
last-modified
Mon, 06 Feb 2023 15:20:14 GMT
server
AmazonS3
x-timer
S1677227440.095211,VS0,VE0
etag
"810b3e8575b265df809aa6613bef5dbd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
9933

Redirect headers

Location
https://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1675696813407.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
feedback.png
www.citizensbank.com/assets/CB_media/images/
824 B
1 KB
Image
General
Full URL
https://www.citizensbank.com/assets/CB_media/images/feedback.png
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:397::1f37 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 22 Jan 2020 18:38:44 GMT
server
openresty/1.21.4.1
etag
"5e2896b4-338"
content-type
image/png
cache-control
max-age=600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="465896_1750271023_3043412630_16_8038_43_0";dur=1
accept-ranges
bytes
x-robots-tag
none
content-length
824
embed.js
nebula-cdn.kampyle.com/wu/356861/onsite/
1 KB
615 B
Script
General
Full URL
https://nebula-cdn.kampyle.com/wu/356861/onsite/embed.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c39d7204e9bfd10003a89343538d29ed58b062a53c594fec199477c4905a7a32
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
ZYDwGxEDPOSvg7oL8mYigsZO2UmcwGlA
content-encoding
gzip
via
1.1 varnish
date
Fri, 24 Feb 2023 08:30:40 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
GMTGX9K2S0CGG06X
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
518
x-amz-id-2
Glg2V1SvbAg5wqMEm0Kz5wFzSG6wWkyocGoC7kJwNrX+gsrcFEqhsQ4As/rDIjdReHI5uSOk/5c=
x-served-by
cache-ewr18124-EWR
last-modified
Mon, 06 Feb 2023 15:20:15 GMT
server
AmazonS3
x-timer
S1677227440.087430,VS0,VE0
etag
"debbc5b47fccff0848c5a910deacda1c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
140673
tap.php
pixel.rubiconproject.com/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-h1rwAAADf9jAN-&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-h1rwAAADf9jAN-&expires=90
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-ewr18134-EWR
pragma
no-cache
date
Fri, 24 Feb 2023 08:30:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677227440.171500,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-h1rwAAADf9jAN-&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
detector-dom.min.js
cdn.glassboxcdn.com/citizen/OLB/p/
Redirect Chain
  • http://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
  • https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
364 KB
112 KB
Script
General
Full URL
https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
Protocol
H2
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539fb8c821a40281df9376733a982048cbee054507dc38c35b9a5df712f6abc5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:40 GMT
x-amz-version-id
XpM7zLR3NDXhmZ7YmSr9_2dNwYxutFHq
content-encoding
gzip
cf-cache-status
HIT
via
1.1 d8e6d5a84eb26ff3b7d1801d7337b390.cloudfront.net (CloudFront)
x-amz-cf-pop
DUB56-P1
age
2842
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 22 Feb 2023 17:21:34 GMT
server
cloudflare
etag
W/"845173368b011e7fa14658b57426fe09"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
79e6d72cdf251eb1-AMS
x-amz-cf-id
bw-luecxA5r9dPBFxtpF2i2cdcVPO3kX5PrPzJKLareh7RXvV4v-vg==
expires
Fri, 24 Feb 2023 12:30:40 GMT

Redirect headers

Date
Fri, 24 Feb 2023 08:30:40 GMT
Via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
CF-Cache-Status
MISS
Server
cloudflare
X-Amz-Cf-Pop
AMS1-C1
Transfer-Encoding
chunked
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
Cache-Control
public, max-age=14400
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
79e6d72c78d8b7af-AMS
X-Amz-Cf-Id
hqW1CcTNZzeIUeAfPWPjB58TbqyUdK2GPLWjSYnXkg5G_4ErYUZIJw==
Expires
Fri, 24 Feb 2023 12:30:40 GMT
adrum-ext.bb4998b9fa08203795298c5909e8245d.js
cdn.appdynamics.com/
53 KB
21 KB
Script
General
Full URL
http://cdn.appdynamics.com/adrum-ext.bb4998b9fa08203795298c5909e8245d.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
HTTP/1.1
Server
143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-24.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
5ad09b9161e1abea918c16dd0c0fd21a3daaabece5ec6332249731a0107e28b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 09 Feb 2023 00:28:40 GMT
Content-Encoding
gzip
Via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Age
1324920
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 21 Dec 2022 18:37:27 GMT
Server
nginx/1.16.1
ETag
W/"63a35267-d2a0"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id
sdC7ZAWNqcuDKjl6UFpGbLRyWt5YiiShEFdab0XIdM3AIqrdQwwuOQ==
/
02179919.akstat.io/
0
210 B
Ping
General
Full URL
https://02179919.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:dc:18c::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://younosaycitizens.trickip.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 08:30:40 GMT
content-type
image/gif
access-control-allow-origin
http://younosaycitizens.trickip.org
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Fri, 24 Feb 2023 08:30:40 GMT
s84833173144817
metrics.citizensbank.com/b/ss/citizensbankglobalprod/10/JS-2.22.3-LCXS/
3 KB
4 KB
Script
General
Full URL
http://metrics.citizensbank.com/b/ss/citizensbankglobalprod/10/JS-2.22.3-LCXS/s84833173144817?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=24%2F1%2F2023%208%3A30%3A40%205%200&d.&nsid=0&jsonv=1&.d&sdid=5606D81B868F024A-7C3B7B79B9943A7D&mid=76020754207597334874526071537596461524&aamlh=6&ce=UTF-8&ns=citizensbank&pageName=servicing_web%7Ccbolb%7Clogin%7Clogin%7C%7Cstart&g=http%3A%2F%2Fyounosaycitizens.trickip.org%2F&c.&getTimeSinceLastVisit=2.0&inList=3.0&formatTime=2.0&expWidth=1600&expOrientation=landscape&getTimeParting=3%3A30%20AM%7CFriday&getDateParting=3%3A30%20AM%7CFriday&newRepeat=New&visitnum=1&lastVisitDay=First%20Visit&EVENTS=event11%2C&.c&cc=USD&ch=login%7Clogin&events=event11&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=us%7Ceng&c2=D%3Dv2&v2=servicing_web&c3=D%3Dv3&v3=desk&c4=D%3Dv4&v4=cbolb&c5=D%3Dv5&v5=generic&c7=D%3Dv7&v7=login&c8=D%3Dv8&v8=login&c9=D%3Dv9&c10=D%3Dv10&v10=start&c12=D%3Dv12&v12=start&c13=D%3Dv13&c14=D%3Dv14&v27=D%3Dg&c35=D%3Dv35&v35=cbolb%7Clogin%7Clogin%7C%7Cstart&c53=D%3Dv53&v53=olb_legacy_web&c60=D%3Dv90&c62=VisitorAPI%20Present&v62=76020754207597334874526071537596461524&c63=cbolb_legacy%7Camversion%3A2.22.3%7Cmcidversion%3A5.0.1%7Ctarget%3A2.8.1&c71=D%3Dv71&v71=0a42756c-30d6-4a74-b44e-b954ce6f34fc&c72=D%3Dv72&c73=D%3Dv73&v73=cb&v90=cbolb%7Clogin%7Clogin%7C%7Cstart&v153=n&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=4C3B0C3755C3822E7F000101%40AdobeOrg&AQE=1
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
HTTP/1.1
Server
13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
7ec4245546155552b7b71b1453c4ad8bfe8a650ced060117d26d5e394f89527c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-aam-tid
aRH1O+PqS1s=
date
Fri, 24 Feb 2023 08:30:40 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
3550
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v046-0b57eb040.edge-irl1.demdex.com 4 ms
pragma
no-cache
last-modified
Sat, 25 Feb 2023 08:30:40 GMT
server
jag
etag
3601818501975736320-4619692083500980805
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 23 Feb 2023 08:30:40 GMT
rum
dsum-sec.casalemedia.com/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-h1rwAAADf9jAN-
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-h1rwAAADf9jAN-&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-h1rwAAADf9jAN-&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 08:30:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 08:30:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=88&external_user_id=Y-h1rwAAADf9jAN-&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
results.txt
d7gjslqccjhzcy7yowya-poww6v-a2f16cf77-clientnsv4-s.akamaihd.net/eum/ Frame 1E9A
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=poww6vdt0
  • https://d7gjslqccjhzcy7yowya-poww6v-a2f16cf77-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://d7gjslqccjhzcy7yowya-poww6v-a2f16cf77-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2.18.79.145 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-145.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:40 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://d7gjslqccjhzcy7yowya-poww6v-a2f16cf77-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Fri, 24 Feb 2023 08:30:40 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
results.txt
fiabmmaaaidaekqce3yacgqaabr7q5nq-poww6v-cfb4abd9f-clienttons-s.akamaihd.net/eum/ Frame 1E9A
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=poww6vdt0
  • https://fiabmmaaaidaekqce3yacgqaabr7q5nq-poww6v-cfb4abd9f-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://fiabmmaaaidaekqce3yacgqaabr7q5nq-poww6v-cfb4abd9f-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2a02:26f0:11a::217:9a5a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:40 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://fiabmmaaaidaekqce3yacgqaabr7q5nq-poww6v-cfb4abd9f-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Fri, 24 Feb 2023 08:30:40 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y-h1rwAAADf9jAN-
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY-h1rwAAADf9jAN-
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY-h1rwAAADf9jAN-
Protocol
HTTP/1.1
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 08:30:40 GMT
AN-X-Request-Uuid
ad3f45f3-0028-4c03-9764-cc4f9e33c033
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
31.204.153.46; 31.204.153.46; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Feb 2023 08:30:40 GMT
AN-X-Request-Uuid
0d46a908-b669-4388-a668-8658bf1e83cc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY-h1rwAAADf9jAN-
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
31.204.153.46; 31.204.153.46; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-h1rwAAADf9jAN-
43 B
273 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-h1rwAAADf9jAN-
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 08:30:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-ewr18134-EWR
pragma
no-cache
date
Fri, 24 Feb 2023 08:30:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677227440.392779,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-h1rwAAADf9jAN-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/
0
318 B
Image
General
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMC4wLjU0ODEuMTc3IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJPbmxpbmUgQmFua2luZyB8IENpdGl6ZW5zIiwicGFnZV91cmwiOiAiaHR0cDovL3lvdW5vc2F5Y2l0aXplbnMudHJpY2tpcC5vcmcvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NzcyMjc0NDAzNzgiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NjgyOGJiOGU3MTctMDIxNzdjMmRlYTU2YzEtNmYzODU0NTctMWQ0YzAwLTE4NjgyOGJiOGU4MTQzYyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogMzU2ODYwLCJ1cmwiOiAiaHR0cDovL3lvdW5vc2F5Y2l0aXplbnMudHJpY2tpcC5vcmcvIiwid2Vic2l0ZUlkIjogMzU2ODYxLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0ZDliLTA2ZDgtMDA1YS03NzM1LTA0NGItNGRlMC1hMGJlLWMyNmQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY3NzIyNzQ0MDM2NiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA5ODcsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ5LjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ5LjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzcyMjc0NDAzNzgsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJmZWVkYmFja19jb3JyZWxhdGlvbl91dWlkIjogbnVsbH0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-p6sg
date
Fri, 24 Feb 2023 08:30:40 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
Pug
image2.pubmatic.com/AdServer/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-h1rwAAADf9jAN-
1 B
449 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-h1rwAAADf9jAN-
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 24 Feb 2023 08:30:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-ewr18134-EWR
pragma
no-cache
date
Fri, 24 Feb 2023 08:30:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677227440.494511,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-h1rwAAADf9jAN-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-h1rwAAADf9jAN-&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-h1rwAAADf9jAN-&img=1&__user_check__=1&sync_id=85a417cf-b41d-11ed-8595-1fe3cd8f0206
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-h1rwAAADf9jAN-&img=1&__user_check__=1&sync_id=85a417cf-b41d-11ed-8595-1fe3cd8f0206
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 08:30:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
14
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 24 Feb 2023 08:30:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y-h1rwAAADf9jAN-&img=1&__user_check__=1&sync_id=85a417cf-b41d-11ed-8595-1fe3cd8f0206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
23
Connection
keep-alive
Content-Length
0
postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame 96B8
11 KB
5 KB
Document
General
Full URL
https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1677227440626&loc=http%3A%2F%2Fyounosaycitizens.trickip.org
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.idp.liveperson.net
Software
ws /
Resource Hash
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://younosaycitizens.trickip.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods
GET, POST, PATCH
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding
gzip
content-type
text/html
date
Fri, 24 Feb 2023 08:30:41 GMT
etag
W/"5f2ff440-2a51"
last-modified
Sun, 09 Aug 2020 13:04:00 GMT
server
ws
strict-transport-security
max-age=31536000; includeSubDomains
b.php
www.facebook.com/fr/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-h1rwAAADf9jAN-&t=2592000&o=0
43 B
747 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-h1rwAAADf9jAN-&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 00:30:40 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
SPr6NXF8SBRU25nGdWZKLL2XoGTPmAwPMXgZjFiOIUJJeAUhpOGYYrR7fU6ag4ACtw4xozCiZGzYN+5OJs3EXQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
priority
u=3,i
expires
Fri, 24 Feb 2023 00:30:40 PST

Redirect headers

x-served-by
cache-ewr18134-EWR
pragma
no-cache
date
Fri, 24 Feb 2023 08:30:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677227441.696010,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-h1rwAAADf9jAN-&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
restricted
mid.rkdms.com/ Frame B511
Redirect Chain
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=75977975967535786324521866831106772915&_ct=img
  • https://mid.rkdms.com/restricted
0
0
Image
General
Full URL
https://mid.rkdms.com/restricted
Protocol
H2
Server
34.206.163.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-163-95.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://citizensbank.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 24 Feb 2023 08:30:41 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
server
nginx
location
/restricted
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
authorize
va.idp.liveperson.net/api/account/89632304/anonymous/ Frame 96B8
678 B
2 KB
XHR
General
Full URL
https://va.idp.liveperson.net/api/account/89632304/anonymous/authorize?__d=59277
Requested by
Host: va.idp.liveperson.net
URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1677227440626&loc=http%3A%2F%2Fyounosaycitizens.trickip.org
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.idp.liveperson.net
Software
ws /
Resource Hash
aba5fecbb705ab1186e902fe2e915dc175b652e057161da6a789e47cef217562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

LP-DOMAIN-REFERER
http://younosaycitizens.trickip.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
*/*
Referer
https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1677227440626&loc=http%3A%2F%2Fyounosaycitizens.trickip.org
X-Requested-With
XMLHttpRequest
LP-URL
http://younosaycitizens.trickip.org/

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 08:30:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
access-control-allow-origin
https://va.idp.liveperson.net
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
content-length
678
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/
783 B
1 KB
XHR
General
Full URL
https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=80f3a3ef-b82a-4d85-8ee8-458f069dc132:0&_cls_v=b02c0384-eacd-431e-8e1c-cc3a5cdf3015&pid=6c5aacac-0499-4c3c-9e54-ae6036de596b&sn=1&cfg&pv=2&aid=
Requested by
Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.36.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-36-222.compute-1.amazonaws.com
Software
GlassBox Cligate /
Resource Hash
e51fb902a502807304e526c741733f7688d46a6e4918e83d8dfb35f404956b2b

Request headers

Referer
http://younosaycitizens.trickip.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 24 Feb 2023 08:30:41 GMT
content-encoding
gzip
Server
GlassBox Cligate
vary
origin
Content-Type
application/json
access-control-allow-origin
http://younosaycitizens.trickip.org
access-control-allow-credentials
true
Connection
keep-alive
GB-Server
g5015
X-Robots-Tag
noindex
Content-Length
456
89632304
va.v.liveperson.net/api/js/
235 B
1 KB
Script
General
Full URL
https://va.v.liveperson.net/api/js/89632304?&cb=lpCb98166x76330&t=sp&ts=1677227440617&pid=2089403346&tid=8865169305&pt=Online%20Banking%20%7C%20Citizens&u=http%3A%2F%2Fyounosaycitizens.trickip.org%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22f9311ee4-4d0a-4c5b-b11e-e44d0a3c5bc6%22%2C%22account%22%3A%2289632304%22%7D%5D
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
ef35ceed975624cdd43f6d4429de82bdb77bda05fa3a0f952609ccd495869bb9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:41 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/
191 B
958 B
XHR
General
Full URL
https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=80f3a3ef-b82a-4d85-8ee8-458f069dc132:0&_cls_v=b02c0384-eacd-431e-8e1c-cc3a5cdf3015&pid=6c5aacac-0499-4c3c-9e54-ae6036de596b&sn=2&cfg=27baeec&pv=2&aid=
Requested by
Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.36.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-36-222.compute-1.amazonaws.com
Software
GlassBox Cligate /
Resource Hash
1dca5d8a70b4e9ea3c3834afd8d29fee312897483d651421ad6ace9821b312b9

Request headers

Referer
http://younosaycitizens.trickip.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 24 Feb 2023 08:30:41 GMT
content-encoding
gzip
Server
GlassBox Cligate
vary
origin
Content-Type
application/json
access-control-allow-origin
http://younosaycitizens.trickip.org
access-control-allow-credentials
true
Connection
keep-alive
GB-Server
g5015
X-Robots-Tag
noindex
Content-Length
164
89632304
va.v.liveperson.net/api/js/
111 B
854 B
Script
General
Full URL
https://va.v.liveperson.net/api/js/89632304?sid=tbjCvF8XSeCakmQ4XxrcNg&cb=lpCb64291x27941&t=pl&ts=1677227441496&pid=2089403346&tid=8865169305&vid=U1ZDUzOTZlOWEwNDVjMjI4
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
1175ee45bd345e7f65447fdebd29a01b2eb165a8f7610d90a1d28fa2775b905b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://younosaycitizens.trickip.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:30:42 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless string| timeStamp string| pageURL string| pageName object| digitalData object| ensBootstraps object| Bootstrapper number| _delay object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor boolean| isProductionEnvironment string| lpAccountNumber object| lpTag string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint object| html5 object| Modernizr function| yepnope object| CITIZENSOLB object| Placeholders object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| thebody function| contentLoaded function| citizensHeaderFooter function| $ function| jQuery function| _ function| moment object| HHFJST object| Backbone object| HHF undefined| el object| _cf object| bmak string| _sdTrace function| isNumeric function| needHelp function| isSpecialChar function| validateIE7 function| setFieldState function| hasErrors function| getValidateMessageListCheckSpaces function| getValidateMessageList function| getBasicFieldErrorMessages function| getBasicFieldSuccessMessages function| isIE7 function| isUnsupported function| setupToolTip function| setupNonStickyToolTip function| initPasswordToolTip function| initPasswordCapsLock function| validatePasswordRules function| validateField function| isEmpty function| validateGoodPasswordRules number| screenWidth string| device function| getCookieValue string| sessionId string| cbdlSessionId object| CBDL object| _satellite boolean| __satelliteLoaded object| _sdiToolkit string| tproperty function| targetPageParams object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| __target_telemetry object| enrollpgsectionanchor number| adrum-start-time object| adrum-config function| _0x4a9c function| _0x5eee object| ak_chlge object| _cls_config object| _detector undefined| optimizely object| ADRUM function| checkNested function| waitForGlobal number| formId function| showSurvey function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s string| appMeasurementVersion string| visitorVersion string| targetVersion string| analyticsVersion function| getUrlVars function| getIntUrlVars object| today object| currentDate number| sundays number| currentDayNum function| endOfDatePeriod function| DIL object| eventListenerMap number| s_objectID number| s_giq object| ttMETA string| sName object| olb function| _typeof function| _extends object| KAMPYLE_EMBED object| lpTaglogListeners object| proxyless object| lpMTagConfig number| BOOMR_configt function| createFrameworkGlobals object| liveperson function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| __core-js_shared__ object| lpIntlTelInputUtils object| lpIntlTelInputGlobals number| BOOMR_onload string| key string| f0 object| s_i_citizensbankglobalprod object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata

41 Cookies

Domain/Path Name / Value
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD Name: _cls_cfgver
Value: 27baeec
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD Name: _cls_s
Value: 80f3a3ef-b82a-4d85-8ee8-458f069dc132:0
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD Name: _cls_v
Value: b02c0384-eacd-431e-8e1c-cc3a5cdf3015
.demdex.net/ Name: demdex
Value: 75977975967535786324521866831106772915
.trickip.org/ Name: at_check
Value: true
.trickip.org/ Name: AMCVS_4C3B0C3755C3822E7F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y-h1rwAAADf9jAN-
.dpm.demdex.net/ Name: dpm
Value: 75977975967535786324521866831106772915
.trickip.org/ Name: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19413%7CMCMID%7C76020754207597334874526071537596461524%7CMCAAMLH-1677832238%7C6%7CMCAAMB-1677832238%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1677234639s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19420%7CvVersion%7C5.0.1
.rlcdn.com/ Name: rlas3
Value: Psn273WVgvOvoF6ftRDvVo+M8LUHuX1Xpa2SnuuWHg0=
.rlcdn.com/ Name: pxrc
Value: CK/r4Z8GEgUI6AcQABIGCPHrARAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjQCkiaWpsaGQnyGukW-5Y4FiRnhIVUluQCn6fYiJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjQCkiaWpsaGQnyGukW-5Y4FiRnhIVUluQCn6fYiJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFxGtoZm5uZGRuYmxpZmEEAL2lP0cQAAAA
.doubleclick.net/ Name: IDE
Value: AHWqTUm6uHWZcAVV6ySIywJkJsOHSplqyQF8KEOP9kppojhO400jcbzRjT2obnXBz3I
.eyeota.net/ Name: SERVERID
Value: 24015~DM
.trickip.org/ Name: mbox
Value: session#4728289b56e643f8b2ac9b237868841e#1677229301|PC#4728289b56e643f8b2ac9b237868841e.37_0#1740472241
.trickip.org/ Name: gpv_p5
Value: servicing_web%7Ccbolb%7Clogin%7Clogin%7C%7Cstart
.trickip.org/ Name: s_nr30
Value: 1677227440110-New
.trickip.org/ Name: s_vncm
Value: 1677628799111%26vn%3D1
.trickip.org/ Name: s_ivc
Value: true
.trickip.org/ Name: s_lv
Value: 1677227440111
.trickip.org/ Name: s_lv_s
Value: First%20Visit
.trickip.org/ Name: s_cc
Value: true
younosaycitizens.trickip.org/ Name: mdLogger
Value: false
younosaycitizens.trickip.org/ Name: kampyle_userid
Value: 4d9b-06d8-005a-7735-044b-4de0-a0be-c26d
younosaycitizens.trickip.org/ Name: kampyleUserSession
Value: 1677227440366
younosaycitizens.trickip.org/ Name: kampyleUserSessionsCount
Value: 1
.casalemedia.com/ Name: CMID
Value: Y-h1sLhhFcVvIo1Lc8f2zAAA
.casalemedia.com/ Name: CMPS
Value: 2234
.casalemedia.com/ Name: CMPRO
Value: 2234
younosaycitizens.trickip.org/ Name: kampyleSessionPageCounter
Value: 1
.adnxs.com/ Name: uuid2
Value: 6645213429595327310
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2In1lBZzr!]tbPl1MwL(!R7qUY'CfP4-wnYWJW[VYvj`X@Byfk.:(R<QG=%9sk?bIRwi:w9Ld1ss:(!17Mco/y@Yw#tsdX*lrAH
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y-h1rwAAADf9jAN-&KRTB&22978-Y-h1rwAAADf9jAN-&KRTB&23194-Y-h1rwAAADf9jAN-&KRTB&23209-Y-h1rwAAADf9jAN-
.pubmatic.com/ Name: PugT
Value: 1677227440
.demdex.net/ Name: dextp
Value: 60-1-1677227439238|843-1-1677227439340|771-1-1677227439441|1121-1-1677227439545|30064-1-1677227439646|121998-1-1677227439776|144230-1-1677227439877|144231-1-1677227440038|144232-1-1677227440139|144233-1-1677227440241|144234-1-1677227440343|144235-1-1677227440444|144236-1-1677227440545|144237-1-1677227440646|129099-1-1677227440747
.spotxchange.com/ Name: audience
Value: 85a4177f-b41d-11ed-8595-1fe3cd8f0206
report.citizen.glassboxdigital.io/ Name: AWSALBCORS
Value: Jb6qPrGyRvLNVi0pcOnkPIQG6xu0wgxKlOher7xlPuvlqH6oqIpU5+SYcaiH3yynx0cY11CwlRF2dqk8NGWEzyS3PU4YFwylNbHK2nlrvK7lbgWG3X5ekSshAoPf
.trickip.org/ Name: LPVID
Value: U1ZDUzOTZlOWEwNDVjMjI4
.trickip.org/ Name: LPSID-89632304
Value: tbjCvF8XSeCakmQ4XxrcNg

23 Console Messages

Source Level URL
Text
network error URL: http://younosaycitizens.trickip.org/index_files/font/citizen_roman.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/index_files/font/citizen_roman.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/index_files/font/citizen_extrabold.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/index_files/font/citizen_book.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/efs/grafx/arrow-down-blue.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/efs/grafx/arrow-right-orange.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/efs/grafx/icon-secure.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/efs/grafx/arrow-button-white.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/efs/grafx/flows-tooltip.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/index_files/font/citizen_extrabold.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/index_files/font/citizen_book.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/css/citizensns.min.2606.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/index_files/font/citiolb_icons.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/img/CTZ_Green-01.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/img/equal-housing.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/img/footer-follow-facebook.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/img/footer-follow-twitter.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/img/footer-follow-linkedin.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/img/footer-follow-youtube.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/img/elh.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/efs/hhf/img/fdicFooter.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://younosaycitizens.trickip.org/index_files/font/citiolb_icons.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179919.akstat.io
accdn.lpsnmedia.net
assets.adobedtm.com
c.go-mpulse.net
cdn.appdynamics.com
cdn.glassboxcdn.com
citizensbank.demdex.net
citizensbank.tt.omtrdc.net
cm.everesttech.net
cm.g.doubleclick.net
d7gjslqccjhzcy7yowya-poww6v-a2f16cf77-clientnsv4-s.akamaihd.net
dpm.demdex.net
dsum-sec.casalemedia.com
fiabmmaaaidaekqce3yacgqaabr7q5nq-poww6v-cfb4abd9f-clienttons-s.akamaihd.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
metrics.citizensbank.com
mid.rkdms.com
nebula-cdn.kampyle.com
nexus.ensighten.com
p.rfihub.com
pixel.rubiconproject.com
ps.eyeota.net
report.citizen.glassboxdigital.io
s.go-mpulse.net
smetrics.citizensbank.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
udc-neb.kampyle.com
us-u.openx.net
va.idp.liveperson.net
va.v.liveperson.net
www.citizensbank.com
www.facebook.com
x.dlx.addthis.com
younosaycitizens.trickip.org
13.32.110.125
13.37.25.97
142.250.186.34
143.204.89.24
143.204.89.95
15.236.125.10
151.101.129.175
151.101.194.49
178.249.101.98
178.249.97.23
178.249.97.99
185.209.162.219
185.64.189.110
185.80.39.216
185.94.180.126
193.0.160.131
2.18.79.145
208.89.12.87
208.89.15.170
23.35.209.176
2606:4700::6812:e16
2606:4700::6812:f16
2a02:26f0:11a::217:9a40
2a02:26f0:11a::217:9a5a
2a02:26f0:dc:18c::11a6
2a02:26f0:dc:383::11a6
2a02:26f0:dc:397::1f37
2a02:26f0:f700:481::1e80
2a03:2880:f11c:8183:face:b00c:0:25de
3.127.178.105
34.206.163.95
34.255.162.196
34.98.64.218
35.241.45.82
35.244.174.68
37.252.171.84
44.197.36.222
54.154.235.81
54.229.20.73
54.229.62.148
54.76.146.46
69.173.144.138
08a9a7d6b804949ac8d6d2889a3707b5d17c6fe4907f358ac96f25af3f8115a5
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
1175ee45bd345e7f65447fdebd29a01b2eb165a8f7610d90a1d28fa2775b905b
1dca5d8a70b4e9ea3c3834afd8d29fee312897483d651421ad6ace9821b312b9
1e6be51ea21cb7c32432510738a91d761ebc8ce2e20ac16e3a4e5e0b755e6c02
2ca01b9a92fc83290e4ab69d661b807e2bfc2dd8dbaf8baa578cd44e1bcf760a
3000bfd5cb94730e9810ece4b7e02628d1c7dab798d6b0198cf8722acd6ea1e8
35b27ff3ee662d6566c3058d785bdf1e3021bbeb7e311a5353cd756747af679c
39ea5a0d4d224f0bb918f7b5044c487ede8dfe08200ccefe8d661c97fba70b0c
3b531a8826aeb7dd365eb418b6aee5b8204f5e38c311f588ad75bbe7de570b16
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
43c6fe1fd9a98fbc6f6193e553a52e6981e95879cbb7fb4f88b418231a16a63d
44ee3a202a0cc3463b60eb9ef6a94c20658836964f08ee08ebe899db7758a047
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
539fb8c821a40281df9376733a982048cbee054507dc38c35b9a5df712f6abc5
53f2faf84b057fde014e48650ebe533c15a60ac55eff658ec7705790aeeff7ad
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5ad09b9161e1abea918c16dd0c0fd21a3daaabece5ec6332249731a0107e28b5
5cad8537b8d0d720a7ade121e00ca749ba0e36284aebf84fdaf6b04d26bff272
5fe543fc3d4105afd5ba9d35740996f3f8e0f55ad4d8cdeb3767aa76d7624ac1
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
658eccb1f4fd1ef0c21aa13fca83d458ecb7d76a33d7a79e9600c2af3f9d5891
65a0283e9bca052e068ee3944ae1ae8d5e18c2efa8fd51c7a7aed7ac08e12efe
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ec4245546155552b7b71b1453c4ad8bfe8a650ced060117d26d5e394f89527c
81eaa86cc084c9c37260cc87d34aff2ed5ea9036c16caf5f52aac810841e2641
9ec7512c8fc6297b47b3842af0daa51ffe34550763b1f6a0285efdfc0ea81e9d
a0a42b55256de8725daf6f1173280f7f72b3fe1072c685c040d86a69731e2d56
a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8
aba5fecbb705ab1186e902fe2e915dc175b652e057161da6a789e47cef217562
abbb0149861c3a8fac56321ea2c104898fd755c73056c63e0fb8aee0728b8c81
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b58319f79d62ef48a401649ec9edf239334f1ac0c04365908b0f8b7861a2023f
b5b180aa9146794e3db5796294f0e99bbe303bb369a74eb6178e1749254fcce1
b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b
c39d7204e9bfd10003a89343538d29ed58b062a53c594fec199477c4905a7a32
c441d9a7e2301ce5e76a204bd8bc68ac2412963142a747d5afebeefc5b97b45f
c6b4ade6fa79bbf42a9ba1be3a979f301139b4b9af2d79d2224f8db049d89438
c6fbe2de716de3100ada73ac3cd1f0c52d3bcd0957ae1623c2abd1c94e91e21e
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
ceb7baaaa6b7787e6c292bc745e400163bf83f58bc4d10c1ef88d9c6fc26135b
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d9c69594744647024b8797524eae0a935b2cb63ae1948e1d44fe4575d5d103c7
daa8db32b5905c55292c7da7ae257435c4a99881d5aafeb42b1ae6c0de7d224d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4640c4d89cfc72e0655ddf7517e1ed70ab17375a65cc20a894bdb48ee4949e3
e51fb902a502807304e526c741733f7688d46a6e4918e83d8dfb35f404956b2b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8c5013c999bee8dd455c1ac01133c69dd9aa06b34a7397bdff291c5ecbdc84d
e9db85ecf38c84b3c9a7422f92a991dd2fa9fd0e530c241e26b88ea589784ac6
ebb6a3aa448faedabdd032ad56b2f196894e780fddab1b75ed7d48cd8e6d2cb3
ed8d47e31521785484d48c96b36240c3574714e4ff5e976df0a61dd38ad0ea70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef35ceed975624cdd43f6d4429de82bdb77bda05fa3a0f952609ccd495869bb9
f2da9c7b99464bd5b9fa83e9c25038cef9a81644b96040b5c85c822eac238e76
ff48fef7b3857e41c70d997933f8e5ba7f020060843f52c1cfd73d08d799b22d