CloudFlare

HTTP/1.1 403 Forbidden
Date: Fri, 10 Jan 2025 19:57:40 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8fff3cc9bd996b57-DFW

HTTP/1.1 200 OK
Date: Thu, 23 Jan 2025 08:28:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
strict-transport-security: max-age=300; includeSubDomains; preload
access-control-allow-origin: *
x-frame-options: deny
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, request_trace_id, theme_id, device, os_version, app_version, app_name, env, time_zone_id, ip_address, internet_type, carrier_name, os_rooted
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private
content-security-policy-report-only: default-src 'self'; connect-src 'self' https://cdn.segment.com https://api.segment.io https://o22816.ingest.sentry.io https://vgs-collect-keeper.apps.verygood.systems/vgs https://geolocation-db.com https://us-autocomplete-pro.api.smartystreets.com; font-src 'self' data: https://use.typekit.net https://fonts.gstatic.com; frame-src 'self' https://js.verygoodvault.com https://cdn.plaid.com; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://cdn.segment.com https://api.segment.io; script-src-elem 'self' 'unsafe-inline' https://js.verygoodvault.com https://cdn.plaid.com https://cdn.segment.com; img-src 'self' https://dfcweb-assets-static.deserve.com https://merchant-static.deserveapis.com https://static-merchant-internal.deserve.com https://platform-payment-assets.deserve.com; style-src 'self' 'report-sample'; style-src-elem 'self' 'unsafe-inline' https://p.typekit.net https://use.typekit.net; style-src-attr 'self' 'unsafe-inline'; base-uri 'none'; object-src 'none'; report-uri https://www.cards.customersbank.com/csp-report
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 906669af8d877c86-LAX

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            fc:e2:fb:ae:3f:36:46:3c:0d:8d:90:27:04:ed:3d:e4
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C=US, O=Google Trust Services, CN=WE1
        Validity
            Not Before: Jan 17 01:40:27 2025 GMT
            Not After : Apr 17 02:40:23 2025 GMT
        Subject: CN=cards.customersbank.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:a1:99:16:cd:24:aa:2b:47:a1:2f:11:28:a0:4d:
                    fd:f1:33:9e:ee:68:11:1a:36:54:3a:7e:1b:3b:93:
                    58:7a:b3:48:8c:3e:e1:8c:9c:c5:4f:7b:7a:7e:dc:
                    0a:c1:a2:7c:58:b4:47:ab:be:e5:53:fa:3e:1d:d8:
                    b1:39:6e:b0:b0
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B7:BD:43:91:C7:82:E4:68:FA:05:72:6C:A0:7E:E4:E3:89:16:71:66
            X509v3 Authority Key Identifier: 
                90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38
            Authority Information Access: 
                OCSP - URI:http://o.pki.goog/s/we1/_OI
                CA Issuers - URI:http://i.pki.goog/we1.crt
            X509v3 Subject Alternative Name: 
                DNS:cards.customersbank.com, DNS:*.cards.customersbank.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://c.pki.goog/we1/BMVG_XL0l_M.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 73:20:22:0F:08:16:8A:F9:F3:C4:A6:8B:0A:B2:6A:9A:
                                4A:00:EE:F5:77:85:8A:08:4D:05:00:D4:A5:42:44:59
                    Timestamp : Jan 17 02:40:27.809 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F6:77:6F:15:F6:D4:49:18:DE:56:A6:
                                E9:1D:F5:B1:BC:A8:12:31:1A:B9:CD:2F:79:44:9E:96:
                                05:DD:81:D5:B2:02:20:53:01:03:85:73:66:35:5A:81:
                                03:61:61:D3:5B:50:68:23:15:B9:D1:95:39:09:F5:28:
                                C4:E6:46:87:BB:07:3C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan 17 02:40:27.780 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:68:B7:7A:16:30:EB:55:3D:C1:07:27:18:
                                CC:92:36:C3:E3:F3:FE:C6:2F:46:E8:F2:FA:D8:79:E9:
                                41:C7:3F:78:02:20:43:9A:EE:BE:52:BF:70:6A:55:82:
                                75:03:2D:C2:B0:D9:05:06:73:59:90:3B:31:7E:20:DE:
                                8C:2F:11:A9:8C:87
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
        30:46:02:21:00:cb:5a:25:a1:4e:fd:fb:55:89:5d:9c:a8:42:
        80:42:d6:53:c2:82:89:27:1c:21:a5:8a:55:53:c9:b1:00:7c:
        df:02:21:00:ed:cd:2b:77:23:f4:dc:09:f9:4f:53:2a:81:87:
        99:48:a2:5b:e8:ab:3d:cf:cd:93:fe:e4:24:8e:04:a3:13:73

HTTP/1.1 403 Forbidden
Date: Sun, 19 Jan 2025 20:10:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5894
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 904977980e14346a-DFW

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 01 Jan 2025 20:38:37 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

HTTP/1.1 403 Forbidden
Date: Mon, 20 Jan 2025 06:31:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5895
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 904d05b3fddc667f-AMS

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Sun, 19 Jan 2025 19:38:46 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

CloudFlare

HTTP/1.1 403 Forbidden
Date: Tue, 21 Jan 2025 06:01:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5893
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 90551683bf167bb3-LAX

CloudFlare

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Mon, 20 Jan 2025 13:02:08 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

HTTP/1.1 403 Forbidden
Date: Tue, 07 Jan 2025 18:07:45 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8fe5e3a84dde2ebd-LAX

error code: 1003