urlscan.io logo urlscan.io
SecurityTrails logo

citizen-teamsupport.com Open in urlscan Pro
45.147.197.70  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://citizen-teamsupport.com/
Effective URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Submission: On May 11 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 48 HTTP transactions. The main IP is 45.147.197.70, located in Ukraine and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is citizen-teamsupport.com.
TLS certificate: Issued by R3 on May 11th 2021. Valid for: 3 months.
This is the only time citizen-teamsupport.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 42 45.147.197.70 204601 (ON-LINE-D...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
48 5
Domain Requested by
42 citizen-teamsupport.com 1 redirects citizen-teamsupport.com
4 p11.techlab-cdn.com citizen-teamsupport.com
1 c.go-mpulse.net citizen-teamsupport.com
1 s.go-mpulse.net citizen-teamsupport.com
48 4

This site contains no links.

Subject Issuer Validity Valid
citizen-teamsupport.com
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
go.chameleonx.com
DigiCert SHA2 Secure Server CA		 2020-12-24 -
2022-01-03		 a year crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Frame ID: CA3576288EDEA93D1E561DD4CFFA8531
Requests: 47 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Frame ID: 6C7EFF0243E81D27B2388A4EBDBC9D1F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://citizen-teamsupport.com/ HTTP 302
    https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

48
Requests

98 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

594 kB
Transfer

1695 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://citizen-teamsupport.com/ HTTP 302
    https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %D0%86%D0%BEg%D1%96n.php
citizen-teamsupport.com/
Redirect Chain
  • https://citizen-teamsupport.com/
  • https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard / PHP/5.6.40
Resource Hash
b179e19bea4af50f3f837b4c6821f572f80d4e1943d4e8a5b61ae79b6fe9c574

Request headers

:method
GET
:authority
citizen-teamsupport.com
:scheme
https
:path
/%D0%86%D0%BEg%D1%96n.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
ddos-guard
date
Tue, 11 May 2021 19:43:41 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-encoding
br
vary
Accept-Encoding

Redirect headers

server
ddos-guard
set-cookie
__ddg1=N7pK2B6fz3TkYcABei4b; Domain=.citizen-teamsupport.com; HttpOnly; Path=/; Expires=Wed, 11-May-2022 19:43:36 GMT PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; path=/
date
Tue, 11 May 2021 19:43:41 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
location
./Іоgіn.php
content-encoding
br
vary
Accept-Encoding
justme.js
citizen-teamsupport.com/public/ 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/public/justme.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
2f28f024d97de1c1123d799ec77e968ee535b081524b1789809b869377901f37

Request headers

:path
/public/justme.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 16:57:30 GMT
server
ddos-guard
age
1250
etag
W/"604ceefa-218fb"
vary
Accept-Encoding
content-type
application/javascript
set-cookie
__ddgid=QN8iaipPlJAGj66G; Domain=.citizen-teamsupport.com; HttpOnly; Path=/; Expires=Wed, 11-May-2022 19:43:41 GMT __ddgmark=2Rh7YEx1IXAuTYli; Domain=.citizen-teamsupport.com; HttpOnly; Path=/; Expires=Wed, 12-May-2021 19:43:41 GMT
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
45994
Bootstrap.js
citizen-teamsupport.com/%D0%B5f%D1%95%D0%B5%D1%95/efs/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/%D0%B5f%D1%95%D0%B5%D1%95/efs/js/Bootstrap.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash

Request headers

:path
/%D0%B5f%D1%95%D0%B5%D1%95/efs/js/Bootstrap.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:43:41 GMT
content-encoding
br
server
ddos-guard
age
0
x-ddg-cachegen
1592501076
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
pm_fp.js
citizen-teamsupport.com/efs/efs/jsp-ns/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/pm_fp.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
ae571edfb75648a099b4bb67a1b33cf1be1133eac6d74e92a786f0303fc08298

Request headers

:path
/efs/efs/jsp-ns/pm_fp.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:07:10 GMT
server
ddos-guard
age
1250
etag
W/"604c022e-6022"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
6541
jquery-ui-1.10.3.custom.min.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac

Request headers

:path
/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:08:06 GMT
server
ddos-guard
age
1250
etag
W/"604c0266-4a56"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
3410
normalize.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/normalize.css
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2

Request headers

:path
/efs/efs/jsp-ns/inc/css/normalize.css
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:08:30 GMT
server
ddos-guard
age
1250
etag
W/"604c027e-26c2"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
2524
main.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ 		61 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
e2b62cc25517f3453606f1906143abb7ce41e6aca4d54232afe06bd03d068ce7

Request headers

:path
/efs/efs/jsp-ns/inc/css/main.css
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 21:31:50 GMT
server
ddos-guard
age
1249
etag
W/"604d2f46-f45f"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
12083
flows.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8

Request headers

:path
/efs/efs/jsp-ns/inc/css/flows.css
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:08:40 GMT
server
ddos-guard
age
1250
etag
W/"604c0288-21ce"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
2153
ad-containers.css
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/ad-containers.css
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
c8a977fd23fc151d7944387ad07220eb673de84b4343d6304efe5a8e1c061b02

Request headers

:path
/efs/efs/jsp-ns/inc/css/ad-containers.css
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:41:45 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:08:44 GMT
server
ddos-guard
age
116
etag
W/"604c028c-1f31"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
1378
modernizr-2.6.2.min.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

:path
/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:09:52 GMT
server
ddos-guard
age
1250
etag
W/"604c02d0-3c36"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
5959
plugins.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ 		199 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/scripts/plugins.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8

Request headers

:path
/efs/efs/jsp-ns/scripts/plugins.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:10:00 GMT
server
ddos-guard
age
1250
etag
W/"604c02d8-31d24"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
44816
main.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/scripts/main.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441

Request headers

:path
/efs/efs/jsp-ns/scripts/main.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:10:06 GMT
server
ddos-guard
age
1250
etag
W/"604c02de-4c03"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
4613
placeholders.min.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/scripts/placeholders.min.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5

Request headers

:path
/efs/efs/jsp-ns/scripts/placeholders.min.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:10:10 GMT
server
ddos-guard
age
1250
etag
W/"604c02e2-10aa"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
1494
tealeaf.js
citizen-teamsupport.com/efs/efs/js/ 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/js/tealeaf.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
76cba77b2278e1a607e6cfee801c924f6df8ae49920102e12599aa266010cab5

Request headers

:path
/efs/efs/js/tealeaf.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:51 GMT
content-encoding
br
last-modified
Sun, 14 Mar 2021 02:10:42 GMT
server
ddos-guard
age
1250
etag
W/"604d70a2-237a7"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
44892
CTZ_Green-01.png
citizen-teamsupport.com/efs/hhf/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/hhf/img/CTZ_Green-01.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab

Request headers

:path
/efs/hhf/img/CTZ_Green-01.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 00:13:00 GMT
server
ddos-guard
age
1249
etag
"604c038c-106e"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
4206
citizensns.min.42588.js
citizen-teamsupport.com/efs/hhf/js/ 		423 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/hhf/js/citizensns.min.42588.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
87d14a13d44a09391efc17e466fb3962cb7ff0382715b88bced66c19ae3fd581

Request headers

:path
/efs/hhf/js/citizensns.min.42588.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 21:40:26 GMT
server
ddos-guard
age
1250
etag
W/"604d314a-69dd7"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
121195
sec-3-2.css
citizen-teamsupport.com/efs/cp_challenge/ 		2 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/cp_challenge/sec-3-2.css
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
e98c61d19f0e628139216fc2f3103faedad7910a4653db598c120b8fa7537ac8

Request headers

:path
/efs/cp_challenge/sec-3-2.css
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:18:44 GMT
server
ddos-guard
age
1250
etag
W/"604c04e4-641"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
503
sec-cpt-3-2.js
citizen-teamsupport.com/efs/cp_challenge/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/cp_challenge/sec-cpt-3-2.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
84d4423c9fb8eeedae8c949fcb1703b0439505f8e39a28fca2d3af142414b85a

Request headers

:path
/efs/cp_challenge/sec-cpt-3-2.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:18:52 GMT
server
ddos-guard
age
1249
etag
W/"604c04ec-2322"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
3278
789df05eano181e2e23b8a2156a8762
citizen-teamsupport.com/public/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/public/789df05eano181e2e23b8a2156a8762
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash

Request headers

:path
/public/789df05eano181e2e23b8a2156a8762
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:43:41 GMT
content-encoding
br
server
ddos-guard
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
common.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/scripts/common.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
88146e8caa732ee54c82fcb58a0c95d5a0bcd44df238a3ebe91a6cb0ed764c7b

Request headers

:path
/efs/efs/jsp-ns/scripts/common.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:19:40 GMT
server
ddos-guard
age
1249
etag
W/"604c051c-1302"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
1454
65319_1825232283.js
p11.techlab-cdn.com/e/ 		55 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65319_1825232283.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1efea7200f622de0ea17ac76fc4737fec4c5679b16a0a7a905160b6c52cdeafc

Request headers

Referer
https://citizen-teamsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:43:41 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 20:14:28 GMT
content-md5
YwvEZXw6FtFfURTYlVd3ZQ==
etag
"0x8D8C7B725157160"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
18595
expires
Tue, 11 May 2021 19:53:41 GMT
65257_1825232252.js
p11.techlab-cdn.com/e/ 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65257_1825232252.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e827785f43a3c6e3166227ab3d91cd1a5c85ee03755d49a2017a679d3a4156fb

Request headers

Referer
https://citizen-teamsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:43:41 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 13:43:47 GMT
content-md5
VqGkun3uwdWBFirzDpD1cg==
etag
"0x8D8D1B7B891C089"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
5937
expires
Tue, 11 May 2021 19:53:41 GMT
64885_1825232283.js
p11.techlab-cdn.com/e/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/64885_1825232283.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2281bceeaf3c81dc26731248960c8d210a0d461a02759c39b7a7b6c5ee1e06a0

Request headers

Referer
https://citizen-teamsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:43:41 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 20:14:20 GMT
content-md5
kYjINenfgD1AmqSEyGQZvA==
etag
"0x8D8C7B7200E6A28"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
1872
expires
Tue, 11 May 2021 19:53:41 GMT
65226_1825232283.js
p11.techlab-cdn.com/e/ 		69 KB
31 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65226_1825232283.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6247b325d302c4b1903c7d0e8d371f1dc0d749c863166b5506dcce892ca95af8

Request headers

Referer
https://citizen-teamsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:43:41 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 20:17:34 GMT
content-md5
ZYtFvmotfWYx18An+LRqag==
etag
"0x8D8C7B7938204CF"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
31227
expires
Tue, 11 May 2021 19:53:41 GMT
citizen_roman.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42

Request headers

sec-fetch-mode
cors
origin
https://citizen-teamsupport.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
:path
/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://citizen-teamsupport.com
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 16:22:50 GMT
server
ddos-guard
age
1249
etag
W/"7ce0-5bd6d6d83ea80"
vary
Accept-Encoding
content-type
application/font-woff
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
31556
jquery-1.9.1.min.js
citizen-teamsupport.com/efs/efs/jsp-ns/scripts/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801

Request headers

:path
/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 00:09:56 GMT
server
ddos-guard
age
1249
etag
W/"604c02d4-169d6"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
31912
A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
s.go-mpulse.net/boomerang/ Frame 6C7E 		187 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Referer
https://citizen-teamsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:43:41 GMT
content-encoding
br
last-modified
Mon, 26 Apr 2021 15:03:53 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
47928
truncated
/ 		723 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1699319d1a0e97bc5dab1f23467264b58c0ae190c5554892b675ae348e2b88e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
icon-secure.png
citizen-teamsupport.com/efs/efs/grafx/ 		292 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/efs/grafx/icon-secure.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46

Request headers

:path
/efs/efs/grafx/icon-secure.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:41:46 GMT
server
ddos-guard
age
1249
etag
"604c185a-124"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
292
flows-tooltip.png
citizen-teamsupport.com/efs/efs/grafx/ 		364 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/efs/grafx/flows-tooltip.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2

Request headers

:path
/efs/efs/grafx/flows-tooltip.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:41:34 GMT
server
ddos-guard
age
1249
etag
"604c184e-16c"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
364
arrow-button-white.png
citizen-teamsupport.com/efs/efs/grafx/ 		1017 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/efs/grafx/arrow-button-white.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

Request headers

:path
/efs/efs/grafx/arrow-button-white.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:41:18 GMT
server
ddos-guard
age
1249
etag
"604c183e-3f9"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
1017
arrow-down-blue.png
citizen-teamsupport.com/efs/efs/grafx/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/efs/grafx/arrow-down-blue.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c

Request headers

:path
/efs/efs/grafx/arrow-down-blue.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 16:55:04 GMT
server
ddos-guard
age
1249
etag
"604cee68-41e"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
1054
arrow-right-orange.png
citizen-teamsupport.com/efs/efs/grafx/ 		165 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/efs/grafx/arrow-right-orange.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69

Request headers

:path
/efs/efs/grafx/arrow-right-orange.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 16:55:24 GMT
server
ddos-guard
age
1249
etag
"604cee7c-a5"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
165
citiolb_icons.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ 		18 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115

Request headers

sec-fetch-mode
cors
origin
https://citizen-teamsupport.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
:path
/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://citizen-teamsupport.com
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 01:40:28 GMT
server
ddos-guard
age
1249
etag
W/"485c-5bd6119ed1b00"
vary
Accept-Encoding
content-type
application/font-woff
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
8688
citizen_extrabold.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759

Request headers

sec-fetch-mode
cors
origin
https://citizen-teamsupport.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
:path
/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://citizen-teamsupport.com
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 01:40:14 GMT
server
ddos-guard
age
1249
etag
W/"6ccc-5bd6119177b80"
vary
Accept-Encoding
content-type
application/font-woff
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
27784
citizen_book.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277

Request headers

sec-fetch-mode
cors
origin
https://citizen-teamsupport.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli
:path
/efs/efs/jsp-ns/inc/css/font/citizen_book.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://citizen-teamsupport.com
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 01:39:54 GMT
server
ddos-guard
age
1249
etag
W/"7c78-5bd6117e64e80"
vary
Accept-Encoding
content-type
application/font-woff
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
31332
TealeafTarget.jsp
citizen-teamsupport.com/efs/servlet/efs/ 		176 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/servlet/efs/TealeafTarget.jsp
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
83eda21a4f7806fdbb15794c39cc28eaaa15f80d80a3093634a1ca63c57c0557

Request headers

sec-fetch-mode
cors
origin
https://citizen-teamsupport.com
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
x-tealeaf-saas-appkey
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
sec-fetch-dest
empty
x-tealeaf-endpointcheck
true
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
content-length
0
:path
/efs/servlet/efs/TealeafTarget.jsp
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
x-pageid
P.XFKZXBQRPN2DQWGRPHP9KKSEPH4P
:method
POST
X-Requested-With
XMLHttpRequest
X-Tealeaf-SaaS-AppKey
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Tealeaf-EndpointCheck
true
X-PageId
P.XFKZXBQRPN2DQWGRPHP9KKSEPH4P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php

Response headers

date
Tue, 11 May 2021 19:43:41 GMT
content-encoding
br
server
ddos-guard
vary
Accept-Encoding
content-type
text/html
citizensns.min.42588.css
citizen-teamsupport.com/efs/hhf/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/hhf/css/citizensns.min.42588.css
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
77657c69749f9a701c6776297b015a7bc609fff91e9ceb9356d51e2324b433c0

Request headers

:path
/efs/hhf/css/citizensns.min.42588.css
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
content-encoding
br
last-modified
Sat, 13 Mar 2021 21:14:22 GMT
server
ddos-guard
age
1249
etag
W/"604d2b2e-175e"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
1729
equal-housing.gif
citizen-teamsupport.com/efs/hhf/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/hhf/img/equal-housing.gif
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149

Request headers

:path
/efs/hhf/img/equal-housing.gif
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:39:00 GMT
server
ddos-guard
age
1249
etag
"604c17b4-46e"
content-type
image/gif
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
1134
footer-follow-facebook.png
citizen-teamsupport.com/efs/hhf/img/ 		395 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/hhf/img/footer-follow-facebook.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0

Request headers

:path
/efs/hhf/img/footer-follow-facebook.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:38:06 GMT
server
ddos-guard
age
1249
etag
"604c177e-18b"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
395
footer-follow-twitter.png
citizen-teamsupport.com/efs/hhf/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/hhf/img/footer-follow-twitter.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5

Request headers

:path
/efs/hhf/img/footer-follow-twitter.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:37:26 GMT
server
ddos-guard
age
1249
etag
"604c1756-cdf"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
3295
footer-follow-linkedin.png
citizen-teamsupport.com/efs/hhf/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/hhf/img/footer-follow-linkedin.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b

Request headers

:path
/efs/hhf/img/footer-follow-linkedin.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:38:18 GMT
server
ddos-guard
age
1249
etag
"604c178a-ca7"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
3239
footer-follow-youtube.png
citizen-teamsupport.com/efs/hhf/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/hhf/img/footer-follow-youtube.png
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36

Request headers

:path
/efs/hhf/img/footer-follow-youtube.png
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:38:30 GMT
server
ddos-guard
age
1249
etag
"604c1796-cce"
content-type
image/png
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
3278
elh.gif
citizen-teamsupport.com/efs/hhf/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/hhf/img/elh.gif
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c

Request headers

:path
/efs/hhf/img/elh.gif
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 01:38:46 GMT
server
ddos-guard
age
1249
etag
"604c17a6-599"
content-type
image/gif
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
1433
fdicFooter.gif
citizen-teamsupport.com/efs/hhf/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizen-teamsupport.com/efs/hhf/img/fdicFooter.gif
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d

Request headers

:path
/efs/hhf/img/fdicFooter.gif
pragma
no-cache
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:52 GMT
last-modified
Sat, 13 Mar 2021 16:22:34 GMT
server
ddos-guard
age
1249
etag
"604ce6ca-8c5"
content-type
image/gif
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
2245
TealeafTarget.jsp
citizen-teamsupport.com/efs/servlet/efs/ 		176 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/servlet/efs/TealeafTarget.jsp
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
83eda21a4f7806fdbb15794c39cc28eaaa15f80d80a3093634a1ca63c57c0557

Request headers

x-tealeaf-page-url
/%D0%86%D0%BEg%D1%96n.php
sec-fetch-mode
cors
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
x-tealeaf-syncxhr
false
origin
https://citizen-teamsupport.com
accept-encoding
gzip, deflate, br
accept-language
en-US
x-tealeaf-messagetypes
2,12,14
x-sec-clge-req-type
ajax
x-tealeaftype
GUI
x-tealeaf-saas-appkey
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
x-tealeaf-saas-tltsid
00008540558067337487650675359870
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
content-encoding
gzip
content-length
9081
x-wcxsid
8540558067337487650675359870
:path
/efs/servlet/efs/TealeafTarget.jsp
pragma
no-cache
x-tealeaf
device (UIC) Lib/5.4.0.1805
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php
:scheme
https
sec-fetch-site
same-origin
x-pageid
P.XFKZXBQRPN2DQWGRPHP9KKSEPH4P
:method
POST
X-WCXSID
8540558067337487650675359870
X-Tealeaf-SyncXHR
false
X-PageId
P.XFKZXBQRPN2DQWGRPHP9KKSEPH4P
X-Tealeaf
device (UIC) Lib/5.4.0.1805
X-Tealeaf-MessageTypes
2,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-Sec-Clge-Req-Type
ajax
X-Tealeaf-SaaS-AppKey
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
X-Tealeaf-SaaS-TLTSID
00008540558067337487650675359870
X-Requested-With
XMLHttpRequest
X-TealeafType
GUI
X-TeaLeaf-Page-Url
/%D0%86%D0%BEg%D1%96n.php
Content-Encoding
gzip
Referer
https://citizen-teamsupport.com/%D0%86%D0%BEg%D1%96n.php

Response headers

date
Tue, 11 May 2021 19:43:42 GMT
content-encoding
br
server
ddos-guard
vary
Accept-Encoding
content-type
text/html
citizen_bold.woff
citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/font/citizen_bold.woff
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.70 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s21.server-panel.net
Software
ddos-guard /
Resource Hash
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6

Request headers

sec-fetch-mode
cors
origin
https://citizen-teamsupport.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__ddg1=N7pK2B6fz3TkYcABei4b; PHPSESSID=j7mura8b1v2oaj2spnmdv9ttv5; __ddgid=QN8iaipPlJAGj66G; __ddgmark=2Rh7YEx1IXAuTYli; WCXSID=8540558067337487650675359870; TLTSID=00008540558067337487650675359870
:path
/efs/efs/jsp-ns/inc/css/font/citizen_bold.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
citizen-teamsupport.com
referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://citizen-teamsupport.com
Referer
https://citizen-teamsupport.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 19:22:53 GMT
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 01:40:38 GMT
server
ddos-guard
age
1249
etag
W/"7278-5bd611a85b180"
vary
Accept-Encoding
content-type
application/font-woff
accept-ranges
bytes
x-ddg-cachegen
1592501076
content-length
29180
config.json
c.go-mpulse.net/api/ Frame 6C7E 		68 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=A9397-AA2WQ-WQN9E-BBVTK-Y8BXE&d=citizen-teamsupport.com&t=5402541&v=1.571.0&if=&sl=0&si=botdl2wuget-NaN&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by
Host: citizen-teamsupport.com
URL: https://citizen-teamsupport.com/public/justme.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

Request headers

Referer
https://citizen-teamsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 11 May 2021 19:43:42 GMT
Cache-Control
public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
68
Content-Type
application/json
ae
p11.techlab-cdn.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p11.techlab-cdn.com
URL
https://p11.techlab-cdn.com/ae?c=5f3eb0a4e1f7170011c6521b

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| jQuery number| ___dm function| ___dto string| timeStamp string| pageURL string| pageName object| digitalData string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint object| html5 object| Modernizr function| yepnope function| $ object| CITIZENSOLB object| Placeholders string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| thebody object| TLT object| pako function| contentLoaded function| citizensHeaderFooter function| _ function| moment object| HHFJST object| Backbone object| HHF undefined| el object| _cf function| isNumeric function| needHelp function| isSpecialChar function| validateIE7 function| setFieldState function| hasErrors function| getValidateMessageListCheckSpaces function| getValidateMessageList function| getBasicFieldErrorMessages function| getBasicFieldSuccessMessages function| isIE7 function| isUnsupported function| setupToolTip function| setupNonStickyToolTip function| initPasswordToolTip function| initPasswordCapsLock function| validatePasswordRules function| validateField function| isEmpty function| validateGoodPasswordRules number| index object| _0x1aad function| _0x546d object| BOOMR_mq string| url string| hostname number| BOOMR_onload object| qsSearch

6 Cookies

Domain/Path Name / Value
.citizen-teamsupport.com/ Name: TLTSID
Value: 00008540558067337487650675359870
.citizen-teamsupport.com/ Name: __ddgmark
Value: 2Rh7YEx1IXAuTYli
.citizen-teamsupport.com/ Name: WCXSID
Value: 8540558067337487650675359870
.citizen-teamsupport.com/ Name: __ddgid
Value: QN8iaipPlJAGj66G
citizen-teamsupport.com/ Name: PHPSESSID
Value: j7mura8b1v2oaj2spnmdv9ttv5
.citizen-teamsupport.com/ Name: __ddg1
Value: N7pK2B6fz3TkYcABei4b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.go-mpulse.net
citizen-teamsupport.com
p11.techlab-cdn.com
s.go-mpulse.net
p11.techlab-cdn.com
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:bab8
45.147.197.70
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
1699319d1a0e97bc5dab1f23467264b58c0ae190c5554892b675ae348e2b88e0
1efea7200f622de0ea17ac76fc4737fec4c5679b16a0a7a905160b6c52cdeafc
2281bceeaf3c81dc26731248960c8d210a0d461a02759c39b7a7b6c5ee1e06a0
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
2f28f024d97de1c1123d799ec77e968ee535b081524b1789809b869377901f37
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
6247b325d302c4b1903c7d0e8d371f1dc0d749c863166b5506dcce892ca95af8
76cba77b2278e1a607e6cfee801c924f6df8ae49920102e12599aa266010cab5
77657c69749f9a701c6776297b015a7bc609fff91e9ceb9356d51e2324b433c0
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
83eda21a4f7806fdbb15794c39cc28eaaa15f80d80a3093634a1ca63c57c0557
84d4423c9fb8eeedae8c949fcb1703b0439505f8e39a28fca2d3af142414b85a
87d14a13d44a09391efc17e466fb3962cb7ff0382715b88bced66c19ae3fd581
88146e8caa732ee54c82fcb58a0c95d5a0bcd44df238a3ebe91a6cb0ed764c7b
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
ae571edfb75648a099b4bb67a1b33cf1be1133eac6d74e92a786f0303fc08298
b179e19bea4af50f3f837b4c6821f572f80d4e1943d4e8a5b61ae79b6fe9c574
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69
c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab
c8a977fd23fc151d7944387ad07220eb673de84b4343d6304efe5a8e1c061b02
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e2b62cc25517f3453606f1906143abb7ce41e6aca4d54232afe06bd03d068ce7
e827785f43a3c6e3166227ab3d91cd1a5c85ee03755d49a2017a679d3a4156fb
e98c61d19f0e628139216fc2f3103faedad7910a4653db598c120b8fa7537ac8
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e