www.citizenencoveragebonus.com Open in urlscan Pro
3.224.141.128  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.citizenencoveragebonus.com/	46 KB 10 KB	545ms 104ms	Document text/html	3.224.141.128 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.citizenencoveragebonus.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.224.141.128 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-141-128.compute-1.amazonaws.com Software / Resource Hash 5c44b14ce11aa4371833261eb0dc8dced651f9d5c994a86654d09df42f8e8e1c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-length 9483 content-location https://www.citizenencoveragebonus.com/ content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 21:40:04 GMT etag "a:a66ffa0ebf364299a3ca5e31bc98476a" link <https://www.citizenencoveragebonus.com/>; rel="canonical" x-proxy-backend page-server x-unbounce-pageid ff24ea70-d514-43bd-acbe-0d728ad63bd2 x-unbounce-variant a x-unbounce-visitorid a66ffa0e-bf36-4299-a3ca-5e31bc98476a
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	194ms 51ms	Stylesheet text/css	143.204.29.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.29.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-29-73.den50.r.cloudfront.net Software AmazonS3 / Resource Hash 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863 Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 26 Sep 2023 02:21:59 GMT content-encoding gzip via 1.1 9204cf44179493ed42c678800a26918a.cloudfront.net (CloudFront) x-amz-version-id fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc x-amz-cf-pop DEN50-C2 age 1279086 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2902 last-modified Tue, 11 Jul 2023 16:18:48 GMT server AmazonS3 etag "99b89a3d5f7bab4f89aad694ef70a6d8" content-type text/css cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id ptcwF5nyGbnFoGFoJQJCSDIY5BHI82ugPJKJnJ-Xr7t9m5-2M3HApQ==
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	108ms 28ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 21:40:04 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1735904 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-nyc-kteb1890068-NYC last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1696974005.857316,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 22, 153957
GET H2	200	bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js Show response d1wbjksx0xxdn3.cloudfront.net/lts/	43 KB 43 KB	146ms 41ms	Script application/javascript	2600:9000:20ed:ce00:b:3165:13c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1wbjksx0xxdn3.cloudfront.net/lts/bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ed:ce00:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 26 Sep 2023 21:17:18 GMT x-amz-version-id L8NSUzd.VhCea40EMWB5R42ATfjEGDgY via 1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront) last-modified Tue, 26 Sep 2023 20:49:59 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 age 1210968 etag "e31f6a704f0c9b178435edc2658c9e37" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 accept-ranges bytes content-length 43694 x-amz-cf-id jWtERcqe4zswPru07PD3I79cR5f6W_Xtt8T0oZok9Ro3H6hBkvy9cg==
GET H2	200	main.bundle-b8bce47.z.js Show response builder-assets.unbounce.com/published-js/	104 KB 33 KB	59ms 59ms	Script application/javascript	143.204.29.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.29.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-29-73.den50.r.cloudfront.net Software AmazonS3 / Resource Hash b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 02 Oct 2023 02:03:37 GMT content-encoding gzip via 1.1 9204cf44179493ed42c678800a26918a.cloudfront.net (CloudFront) x-amz-version-id 6jHAL9fP889t4NCAfewK2ptLZfkpx6Fe x-amz-cf-pop DEN50-C2 age 761788 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 33784 last-modified Tue, 11 Jul 2023 16:18:45 GMT server AmazonS3 etag "3208b0848f289d158acfc0caf5894954" content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id j51enPsu2Eg5niztLr3dZd45z-xftaOHrM223yXi77PHSKNNdECDQA==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	198 KB 53 KB	268ms 29ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 10 Oct 2023 21:40:05 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 53364 x-xss-protection 0 pragma public x-fb-debug mdeI65njOzgfF9HH0nPLp/o+ykYtReiCw953o/FSI2K/46bnjAmqIk2TChm2m0Y58UW1iANsWolMk5ZbWEnGAw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	/ Show response api.stimiinc.com/is-valid-fbclid/	0 289 B	262ms 28ms	XHR text/html	172.104.216.67 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://api.stimiinc.com/is-valid-fbclid/?fbclid=null Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.104.216.67 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS emailrelaysys.com Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://www.citizenencoveragebonus.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Tue, 10 Oct 2023 21:40:05 GMT Content-Encoding gzip Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive
GET BLOB	200 OK	f4a9d13d-35a3-4f11-83f2-53e55213f9dc https://www.citizenencoveragebonus.com/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://www.citizenencoveragebonus.com/f4a9d13d-35a3-4f11-83f2-53e55213f9dc Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Length 5611 Content-Type text/css
GET H2	200	css fonts.ub-assets.com/	11 KB 1 KB	160ms 63ms	Stylesheet text/css	108.139.29.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-117.jfk50.r.cloudfront.net Software / Resource Hash d10cf18bb6410c9849aace6f6d41c277ce8f0edfd5c8e8edef4bfdd790b90002 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 21:40:05 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 via 1.1 4a1ea8b67dc2325b2469ed51d3e186ac.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P2 x-amzn-requestid e6ad778c-b2f3-4f57-9041-b0ed80c5fb98 x-cache Miss from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id MmusYFvBoAMEuRQ= content-length 855 x-xss-protection 0 cross-origin-opener-policy same-origin-allow-popups x-amzn-trace-id Root=1-6525c4b5-3bd8c58243af46d16c6ef026 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * x-amz-cf-id _Fn68uXhLFhuFxwvWobyXt_SejlkxeNtA1mufu7B5aM_qjNhxQEDow==
GET H2	200	f9a8ade6-group-171.svg d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/	34 KB 12 KB	592ms 454ms	Image image/svg+xml	18.160.146.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/f9a8ade6-group-171.svg Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.146.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-146-44.den52.r.cloudfront.net Software AmazonS3 / Resource Hash 24afec876188f08bd8648d3b3db184c92cd72fa3b02638693d03c4ce1c45ffd8 Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 21:40:06 GMT x-amz-version-id Unz0xL3YLmn2zBAVsUz6zjrbTM7sEJ8t content-encoding gzip last-modified Wed, 20 Sep 2023 17:21:30 GMT server AmazonS3 via 1.1 025e84e972a461c1dd140ac5fbbbd0aa.cloudfront.net (CloudFront) x-amz-cf-pop DEN52-P2 etag W/"1608b8ef41ff2af0bb2d7488a260b885" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=31557600 x-amz-cf-id m-MM9ZYZRBS8qvWAfdHbsj9xxbe0FxPnLYWfaO1LEDp1HfWaf5Dgog==
GET H2	200	62e82ffe-animation-16892802444991.gif d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/	179 KB 180 KB	649ms 513ms	Image image/gif	18.160.146.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/62e82ffe-animation-16892802444991.gif Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.146.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-146-44.den52.r.cloudfront.net Software AmazonS3 / Resource Hash cb70fd4c80c82f3754c005a95b272350bf54038d1a71d690109245e36867e459 Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 21:40:06 GMT x-amz-version-id ggB0arARsT.YidCZ8DVIAf8q_M5ntep0 via 1.1 025e84e972a461c1dd140ac5fbbbd0aa.cloudfront.net (CloudFront) last-modified Wed, 20 Sep 2023 17:21:30 GMT server AmazonS3 x-amz-cf-pop DEN52-P2 etag "16119c438ddc6c068948877df1b64a2d" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/gif cache-control max-age=31557600 accept-ranges bytes content-length 183791 x-amz-cf-id Kfo5LLrEzXPWhoPDyd-J3MOVfDbsJwMPkDkwAIXgwIfmoKoXLSDy2g==
GET H2	200	eadb9c6e-adobestock-192875699-converted-_107805k000000000000028.png d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/	7 KB 7 KB	547ms 412ms	Image image/png	18.160.146.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/eadb9c6e-adobestock-192875699-converted-_107805k000000000000028.png Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.146.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-146-44.den52.r.cloudfront.net Software AmazonS3 / Resource Hash 0eddd1cdd321be399e897d44d4c6e7fe9eda6a769495ec7df7ed29003cc336e2 Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 21:40:06 GMT x-amz-version-id fqSqBE7CGXc2VFExB.ksy1dPK.UqmBdF via 1.1 025e84e972a461c1dd140ac5fbbbd0aa.cloudfront.net (CloudFront) last-modified Wed, 20 Sep 2023 17:21:30 GMT server AmazonS3 x-amz-cf-pop DEN52-P2 etag "feb0b1aeb690ca75448a99c9e72fbc80" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 7234 x-amz-cf-id DyTQyxUC4rDF3Uyp9zhxYAhfFRLZjtPMfqwY7GI22vqfYLst3yvojQ==
OPTIONS H2	200	i events.ub-analytics.com/_ub/	0 0	106ms 32ms	Preflight	184.72.178.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.ub-analytics.com/_ub/i Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 184.72.178.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-184-72-178-168.compute-1.amazonaws.com Software akka-http/10.2.9 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.citizenencoveragebonus.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, SP-Anonymous access-control-allow-origin https://www.citizenencoveragebonus.com access-control-max-age 3600 content-length 0 date Tue, 10 Oct 2023 21:40:05 GMT server akka-http/10.2.9
POST H2	200	i events.ub-analytics.com/_ub/	2 B 241 B	99ms 31ms	Ping text/plain	184.72.178.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.ub-analytics.com/_ub/i Requested by Host: d1wbjksx0xxdn3.cloudfront.net URL: https://d1wbjksx0xxdn3.cloudfront.net/lts/bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 184.72.178.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-184-72-178-168.compute-1.amazonaws.com Software akka-http/10.2.9 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://www.citizenencoveragebonus.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://www.citizenencoveragebonus.com date Tue, 10 Oct 2023 21:40:05 GMT access-control-allow-credentials true p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" server akka-http/10.2.9 content-length 2 content-type text/plain; charset=UTF-8
GET H2	200	651346190305405 Show response connect.facebook.net/signals/config/	131 KB 34 KB	247ms 246ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/651346190305405?v=2.9.133&r=stable&domain=www.citizenencoveragebonus.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1d4e475fab43eb4f3e136918474d18c425ee26191dd6358bee4fb4721bc51a20 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 10 Oct 2023 21:40:05 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug TYVNa8hLQaOZLgWFTlGdXDgVR9L7WV+UfwGVDWhQfbkE2TMNU8orwDwigHsekKgrLgMk7KYYdW/lRBGQ9eeeuA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.ub-assets.com/fonts/s/roboto/v30/	15 KB 16 KB	97ms 34ms	Font font/woff2	108.139.29.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-117.jfk50.r.cloudfront.net Software / Resource Hash 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Origin https://www.citizenencoveragebonus.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 03 Oct 2023 07:00:51 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 15752 via 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P2 age 657554 x-amzn-requestid 50dfb45d-e75e-4f08-9b67-8cadd91b520b content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id MNpVmEi8IAMEtLg= content-length 15775 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-651bbc23-7fa4f7870ec7d4cd70d20cb8 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id K-2eSLJo8Gus5WcoXDJeuunuLIYRfDhtEgEvPdwC5CdjNMtIIJuMOA==
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.ub-assets.com/fonts/s/roboto/v30/	16 KB 16 KB	120ms 58ms	Font font/woff2	108.139.29.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-117.jfk50.r.cloudfront.net Software / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Origin https://www.citizenencoveragebonus.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 20 Sep 2023 11:56:39 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 15920 via 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P2 age 1763006 x-amzn-requestid 4da6d481-5e85-45cb-9a4f-86b4822ea07d content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id LjeeuFdxIAMEjig= content-length 15943 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-650addf7-051cb66f4a7ec1f35b6c9343 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id yEp3Ih2irf72pxxr4DOIg2qr5cSDDHfYFpQvsTXA4qptUEGcE_s59Q==
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.ub-assets.com/fonts/s/roboto/v30/	15 KB 16 KB	132ms 70ms	Font font/woff2	108.139.29.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-117.jfk50.r.cloudfront.net Software / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Origin https://www.citizenencoveragebonus.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 18 Sep 2023 19:19:00 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 15744 via 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P2 age 1909265 x-amzn-requestid 2c0807ca-9a2d-41a1-8adf-baa19bf1c9a5 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id Ld5ZwHmLoAMEuvQ= content-length 15767 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-6508a2a4-0cb37b525e70de813c9f779e report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id IB1sciL1kGXRW4E_XvInMU8x1vTeIHvCqOxOyrvyknwKjFuJV5jPTw==
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.ub-assets.com/fonts/s/roboto/v30/	15 KB 16 KB	126ms 64ms	Font font/woff2	108.139.29.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-117.jfk50.r.cloudfront.net Software / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Origin https://www.citizenencoveragebonus.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:05:05 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 15860 via 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P2 age 1179300 x-amzn-requestid 7c449a44-d9e6-4184-a906-d4f08e157787 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id L5vitGvIIAMEtwA= content-length 15883 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-6513c611-6e6e2381076ed2977f91cdf0 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id grdlVSArarBR9Nt03dr7vGEtMpdVXCm9Ju1sH5fBG9i3FoAZwB5HNQ==
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.ub-assets.com/fonts/s/poppins/v20/	8 KB 8 KB	126ms 66ms	Font font/woff2	108.139.29.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-117.jfk50.r.cloudfront.net Software / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Origin https://www.citizenencoveragebonus.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 10:57:20 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 7816 via 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P2 age 384165 x-amzn-requestid 3ce1c035-b84a-4cb0-b81c-5f827b69b191 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id MYEysGAmoAMEd2g= content-length 7839 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-651fe810-676a1c3f155030181c2cd96b report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id dLcz7KjyJB1v0BBBfgA4-3ITZPUdAbEr-3AUZIhF6rWCO7ISe-k2QQ==
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.ub-assets.com/fonts/s/poppins/v20/	8 KB 8 KB	98ms 37ms	Font font/woff2	108.139.29.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-117.jfk50.r.cloudfront.net Software / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Roboto:900,500,regular,700%7CPoppins:700,500 Origin https://www.citizenencoveragebonus.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 20 Sep 2023 17:23:01 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 7748 via 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P2 age 1743424 x-amzn-requestid fd4951f0-0bc8-42e5-8d04-ff310c49044d content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id LkOSVF54oAMEVdg= content-length 7771 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-650b2a75-04997f51380e13775f3460ff report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id fyBDuQh7ekt4LemyACTON_gNNx8UUCenZ7TDjOXA-MgkGBSZJNGiVA==
GET H2	200	/ www.facebook.com/tr/	0 185 B	235ms 29ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=651346190305405&ev=PageView&dl=https%3A%2F%2Fwww.citizenencoveragebonus.com%2F&rl=&if=false&ts=1696974005627&sw=1600&sh=1200&v=2.9.133&r=stable&ec=0&o=30&fbp=fb.1.1696974005626.416585143&ler=empty&it=1696974005351&coo=false&rqm=GET Requested by Host: www.citizenencoveragebonus.com URL: https://www.citizenencoveragebonus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://www.citizenencoveragebonus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 10 Oct 2023 21:40:05 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ub object| module function| $ function| jQuery function| fbq function| _fbq function| waitingInfo undefined| interval function| countdown function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| ubSnowplowInitialized

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.citizenencoveragebonus.com/	1970-01-20 19:42:06	Name: ubvs Value: a66ffa0e-bf36-4299-a3ca-5e31bc98476a
			.citizenencoveragebonus.com/	1970-01-20 15:27:13	Name: ubvt Value: v2%7Ca66ffa0e-bf36-4299-a3ca-5e31bc98476a%7Cff24ea70-d514-43bd-acbe-0d728ad63bd2%3Aa%3Asingle
			www.citizenencoveragebonus.com/	1970-01-20 19:47:51	Name: ubpv Value: a%2Cff24ea70-d514-43bd-acbe-0d728ad63bd2
			.citizenencoveragebonus.com/	1970-01-20 17:32:30	Name: _fbp Value: fb.1.1696974005626.416585143

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stimiinc.com
builder-assets.unbounce.com
code.jquery.com
connect.facebook.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
www.citizenencoveragebonus.com
www.facebook.com
108.139.29.117
143.204.29.73
172.104.216.67
18.160.146.44
184.72.178.168
2600:9000:20ed:ce00:b:3165:13c0:21
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::649
3.224.141.128
0eddd1cdd321be399e897d44d4c6e7fe9eda6a769495ec7df7ed29003cc336e2
1d4e475fab43eb4f3e136918474d18c425ee26191dd6358bee4fb4721bc51a20
24afec876188f08bd8648d3b3db184c92cd72fa3b02638693d03c4ce1c45ffd8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
5c44b14ce11aa4371833261eb0dc8dced651f9d5c994a86654d09df42f8e8e1c
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
cb70fd4c80c82f3754c005a95b272350bf54038d1a71d690109245e36867e459
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d10cf18bb6410c9849aace6f6d41c277ce8f0edfd5c8e8edef4bfdd790b90002
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e