www.firstcitizens.org Open in urlscan Pro
74.200.39.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://firstcitizens.org/
Effective URL:
https://www.firstcitizens.org/
Submission: On January 25 via automatic, source certstream-suspicious (January 25th 2021, 3:26:15 pm UTC)

Summary HTTP 107 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 29 domains to perform 107 HTTP transactions. The main IP is 74.200.39.23, located in Rock Hill, United States and belongs to JACKHENRY, US. The main domain is www.firstcitizens.org.
TLS certificate: Issued by GeoTrust RSA CA 2018 on February 20th 2018. Valid for: 3 years.

This is the only time www.firstcitizens.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	74.200.39.23 74.200.39.23	14010 (JACKHENRY) (JACKHENRY)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::5f	15169 (GOOGLE) (GOOGLE)
2	3.133.247.61 3.133.247.61	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c0c::5f	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
1	2606:4700:e6:... 2606:4700:e6::ac40:c418	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	3.124.230.65 3.124.230.65	16509 (AMAZON-02) (AMAZON-02)
37	52.36.248.170 52.36.248.170	16509 (AMAZON-02) (AMAZON-02)
16 22	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4216:52a3:d23b:f34f:1231	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	52.28.175.104 52.28.175.104	16509 (AMAZON-02) (AMAZON-02)
2	65.9.67.93 65.9.67.93	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	136.144.49.28 136.144.49.28	54825 (PACKET) (PACKET)
1	54.208.200.8 54.208.200.8	14618 (AMAZON-AES) (AMAZON-AES)
1	104.108.41.56 104.108.41.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
107	33

19 74.200.39.23 (Rock Hill, United States) 1 redirects

ASN14010 (JACKHENRY, US)
PTR: www.anbfl.com

firstcitizens.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.firstcitizens.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.133.247.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-247-61.us-east-2.compute.amazonaws.com

collector-7188.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c418 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.230.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-230-65.eu-central-1.compute.amazonaws.com

86419.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 52.36.248.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-248-170.us-west-2.compute.amazonaws.com

chat.mcsoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.253.128.183 (Amsterdam, Netherlands) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:52a3:d23b:f34f:1231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.175.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.67.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.144.49.28 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.200.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-200-8.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.41.56 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.87 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	mcsoftware.com chat.mcsoftware.com	77 KB
24	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
19	firstcitizens.org 1 redirects firstcitizens.org www.firstcitizens.org	11 MB
9	gstatic.com fonts.gstatic.com	108 KB
6	doubleclick.net 4 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	8 KB
3	google.de www.google.de	725 B
3	google.com 1 redirects www.google.com	902 B
3	google-analytics.com www.google-analytics.com	19 KB
2	openx.net 1 redirects us-u.openx.net	481 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	976 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	pro-market.net 2 redirects fei.pro-market.net	882 B
2	intentiq.com sync.intentiq.com
2	tapad.com 1 redirects pixel.tapad.com	908 B
2	tvsquared.com collector-7188.tvsquared.com	9 KB
2	googletagmanager.com www.googletagmanager.com	71 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	googleadservices.com 1 redirects www.googleadservices.com	308 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	329 B
1	bfmio.com sync.bfmio.com	421 B
1	agkn.com 1 redirects aa.agkn.com	322 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	siteimproveanalytics.io 86419.global.siteimproveanalytics.io	650 B
1	siteimproveanalytics.com siteimproveanalytics.com	8 KB
107	29

	Domain	Requested by
37	chat.mcsoftware.com	www.firstcitizens.org chat.mcsoftware.com
22	um.simpli.fi	16 redirects
18	www.firstcitizens.org	www.firstcitizens.org
9	fonts.gstatic.com	fonts.googleapis.com
3	cm.g.doubleclick.net	3 redirects
3	www.google.de	www.firstcitizens.org
3	www.google.com	1 redirects www.firstcitizens.org
3	fonts.googleapis.com	ajax.googleapis.com chat.mcsoftware.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	collector-7188.tvsquared.com	www.firstcitizens.org
2	www.googletagmanager.com	www.firstcitizens.org
1	pixel.rubiconproject.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	stags.bluekai.com
1	sync.bfmio.com
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	i.simpli.fi	tag.simpli.fi
1	86419.global.siteimproveanalytics.io	www.firstcitizens.org
1	siteimproveanalytics.com	www.firstcitizens.org
1	tag.simpli.fi	www.googletagmanager.com
1	ajax.googleapis.com	www.firstcitizens.org
1	firstcitizens.org	1 redirects
107	35

This site contains links to these domains. Also see Links.

Domain
get.adobe.com
open.myvirtualbranch.com
www.billerpayments.com
secure.myvirtualbranch.com
www.deluxe.com
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.firstcitizens.org GeoTrust RSA CA 2018	`2018-02-20` - `2021-02-19`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.tvsquared.com Amazon	`2020-10-16` - `2021-11-14`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.global.siteimproveanalytics.io DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-04-04`	2 years	crt.sh
*.mcsoftware.com Go Daddy Secure Certificate Authority - G2	`2020-01-23` - `2021-01-30`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.firstcitizens.org/
Frame ID: 11112036E7E391CD10D898F4AC9977FE
Requests: 90 HTTP requests in this frame

Frame: https://chat.mcsoftware.com/chatbeacon/content/windows/chat.html?&accountid=10&siteid=14&queueid=30&skipprechat=false&skippostchat=false&theme=fccu_slim&type=child&origin=https://www.firstcitizens.org&visitorid=5ce0ebe5-f5f8-4e73-b77e-2337e2eda656&sessionid=c89c329e-87c9-401c-b07c-399bcfd7ace3&c=1
Frame ID: 894781D71EC484D2B29481143EF965D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://firstcitizens.org/ HTTP 301
https://www.firstcitizens.org/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

107
Requests

99 %
HTTPS

46 %
IPv6

29
Domains

35
Subdomains

33
IPs

5
Countries

11488 kB
Transfer

12040 kB
Size

0
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://get.adobe.com/reader/
Title: PDF files require Adobe Acrobat Reader 5.0 or higher to view. Download it now. (opens in a new window)

Search URL Search Domain Scan URL

URL: https://open.myvirtualbranch.com/COCC/1138/Application
Title: Open an Account (opens in a new window)

Search URL Search Domain Scan URL

URL: https://www.billerpayments.com/app/cust/login.do?bsn=fcua
Title: Pay Your Loan (opens in a new window)

Search URL Search Domain Scan URL

URL: https://secure.myvirtualbranch.com/FirstCitizensFCU/signin.aspx
Title: Personal Banking Login

Search URL Search Domain Scan URL

URL: http://www.deluxe.com/shopdeluxe/fiweblink/fiReferralPage.jsp?refCode=Ref1501001
Title: Order Checks (opens in a new window)

Search URL Search Domain Scan URL

URL: https://www.billerpayments.com/app/cust/guestauth.do?bsn=fcua
Title: External link to pay your loan (opens in a new window)

Search URL Search Domain Scan URL

URL: https://twitter.com/FirstCitizensCU
Title: Twitter (opens in a new window)

Search URL Search Domain Scan URL

URL: http://www.facebook.com/FirstCitizensFCU
Title: Facebook (opens in a new window)

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/first-citizens%27%E2%80%8B-federal-credit-union?trk=biz-companies-cym
Title: LinkedIn (opens in a new window)

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/FirstCitizensFCU
Title: YouTube (opens in a new window)

Search URL Search Domain Scan URL

URL: https://www.instagram.com/firstcitizens_fcu/
Title: Instagram (opens in a new window)

Search URL Search Domain Scan URL

URL: https://secure.myvirtualbranch.com/videos/GenMajesticOBOverview/GenMajesticOBOverview.htm
Title: Demo (opens in a new window)

Search URL Search Domain Scan URL

URL: https://secure.myvirtualbranch.com/FirstCitizensFCU/ForgotPassword.aspx
Title: Forgot Password (opens in a new window)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://firstcitizens.org/ HTTP 301
https://www.firstcitizens.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 45

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1C7A26BF1E5E4C33A212FAC5FDC9AA95 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 46

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95 HTTP 302
https://um.simpli.fi/aa_px?sk=164970303677001005617

Request Chain 48

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 51

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=1C7A26BF1E5E4C33A212FAC5FDC9AA95;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=1C7A26BF1E5E4C33A212FAC5FDC9AA95;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-7332454699085574272

Request Chain 52

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&j=0&xl8blockcheck=1

Request Chain 54

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 55

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 56

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1C7A26BF1E5E4C33A212FAC5FDC9AA95 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 57

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=1C7A26BF1E5E4C33A212FAC5FDC9AA95 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&dnr=1

Request Chain 58

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 59

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1611588351098&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1824447089&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=_-IOYJXKGOnatgfVjbegBw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1824447089&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_-IOYJXKGOnatgfVjbegBw&cid=CAQSKQCNIrLMblBSnDN_TYuhW54YROq-DUlR9QvDV5mOMsoIulOIaJhR_7tb&random=3692842993 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1824447089&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_-IOYJXKGOnatgfVjbegBw&cid=CAQSKQCNIrLMblBSnDN_TYuhW54YROq-DUlR9QvDV5mOMsoIulOIaJhR_7tb&random=3692842993&ipr=y

Request Chain 60

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&__user_check__=1&sync_id=9bbe7859-5f21-11eb-ab68-182a6e993d06

Request Chain 61

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=1C7A26BF1E5E4C33A212FAC5FDC9AA95 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 62

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1C7A26BF1E5E4C33A212FAC5FDC9AA95&expires=365

Request Chain 63

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=1C7A26BF1E5E4C33A212FAC5FDC9AA95 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEP-k0F-YFfoJdcauCPHxptk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1C7A26BF1E5E4C33A212FAC5FDC9AA95 HTTP 302
https://um.simpli.fi/g_match?id=

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.firstcitizens.org/
Redirect Chain

https://firstcitizens.org/
https://www.firstcitizens.org/

31 KB
7 KB

442ms
219ms

Document
text/html

74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

26cb3fb83f003c5b10f44a3da47651a5c2a5021ed7a1991721d08ac727a01349

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.firstcitizens.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Mon, 25 Jan 2021 15:25:49 GMT
content-type: text/html; charset=utf-8
content-length: 6864
vary: Accept-Encoding
expires: Mon, 25 Jan 2021 15:25:49 GMT
set-cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; Max-Age=32400; Expires=Tue, 26 Jan 2021 00:25:49 GMT; Path=/; Secure; HTTPOnly
cache-control: public, max-age=0
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
x-ad-insert-result: no ads - index
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 78
x-varnish-ttl: 0.000
x-varnish: 356629107
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: c45b4d56160d741b
x-request-id: c1223a20-6526-4bf6-b2fa-b2b6469d27cf

Redirect headers

server: nginx
date: Mon, 25 Jan 2021 15:25:48 GMT
content-type: text/html
content-length: 162
location: https://www.firstcitizens.org/

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-28144007-1

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf73c69344848f2e24bb1a3820d7c8165dbcada1123aac9a9b2e076772b62d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39628
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Jan 2021 15:25:49 GMT

GET
H2 200 style.css
www.firstcitizens.org/assets/css/ 135 KB
24 KB 147ms
146ms Stylesheet
text/css 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstcitizens.org/assets/css/style.css

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

fcb94e3e58038e1d2d06b0cba1171532d77ff8f2b0feeb2f8c4d80a24f6d8695

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-b3-traceid: 19be288e626f21a4
age: 75706
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="style.css"
vary: Accept-Encoding
x-varnish-count: 969
x-xss-protection: 1; mode=block
x-request-id: 8aaae975-d6c7-4645-b44f-e2b37e4219b2
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9bd03ef40832f65c50b0892c90a361c9"
strict-transport-security: max-age=16070400
x-varnish: 363901799 358438697
via: varnish
cache-control: public, max-age=0
content-length: 24064
content-type: text/css
expires: Sun, 24 Jan 2021 18:24:03 GMT

GET
H2 200 Calendar%20Book%20Appointment_Homebanner-01.jpg
www.firstcitizens.org/assets/files/cPorjSMc/ 9 MB
9 MB 152ms
152ms Image
image/jpeg 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/files/cPorjSMc/Calendar%20Book%20Appointment_Homebanner-01.jpg

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

90767edb913c617144ec3d8c3af874babe1119fb06372bba96d02a28973e92c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: 4e831f252ef789bd
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 12
content-disposition: filename="Calendar Book Appointment_Homebanner-01.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: eff72ca3-1347-438d-b190-7a4febb6ff53
last-modified: Thu, 27 Aug 2020 18:07:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "962a61fa442b2731c8bf1f387a6f2b99"
strict-transport-security: max-age=16070400
x-varnish: 451313753
cache-control: private
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 25 Jan 2021 15:25:49 GMT

GET
H2 200 Beware%20of%20Scammers_Homebanner-01.jpg
www.firstcitizens.org/assets/files/xs6OT9cA/ 522 KB
523 KB 646ms
638ms Image
image/jpeg 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/files/xs6OT9cA/Beware%20of%20Scammers_Homebanner-01.jpg

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

095bf320744b2c783193c78a1edf206024ea7d9b99653917fe1e6a812ee5d5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: 1d5f9c4e3cbaf9a6
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 9
content-disposition: filename="Beware of Scammers_Homebanner-01.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 833afea4-4c87-450a-adc6-be45a7687b52
last-modified: Thu, 29 Oct 2020 16:06:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ea7f5fac04791edb5d153a6bbf3ab6a2"
strict-transport-security: max-age=16070400
x-varnish: 376974151
cache-control: private
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 25 Jan 2021 15:25:49 GMT

GET
H2 200 Scholarship_Enroll_2017.jpg
www.firstcitizens.org/assets/files/bbZ4JUAc/ 286 KB
286 KB 645ms
638ms Image
image/jpeg 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/files/bbZ4JUAc/Scholarship_Enroll_2017.jpg

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

c6590272ed30fa26ad7e9c11546aca56ad383f6bf4022c71c9492d9827837d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: 5fc544f29d7fa3ac
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 8
content-disposition: filename="Scholarship_Enroll_2017.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 61ac56fb-23a4-4079-96e6-f7327e505b00
last-modified: Mon, 23 Jan 2017 19:43:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "53bd6ad6e54718691f4991bc1f96318e"
strict-transport-security: max-age=16070400
x-varnish: 374888493
cache-control: private
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 25 Jan 2021 15:25:49 GMT

GET
H2 200 Covid_Homebanner-01.jpg
www.firstcitizens.org/assets/files/P6kHzDEB/ 358 KB
359 KB 716ms
709ms Image
image/jpeg 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/files/P6kHzDEB/Covid_Homebanner-01.jpg

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

f6d8200e932d67f4f6de1d458b4be3addb94383505b25b29e7bdb188f4a3b836

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: ce9220a676bc0876
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 10
content-disposition: filename="Covid_Homebanner-01.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 70194336-1e67-434d-9635-a23c8b1b236b
last-modified: Wed, 13 Jan 2021 16:04:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "fd97a59e481ebccd76a452679bbe81ca"
strict-transport-security: max-age=16070400
x-varnish: 448745998
cache-control: private
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 25 Jan 2021 15:25:49 GMT

GET
H2 200 sticky-nav-logo.png
www.firstcitizens.org/assets/img/ 477 B
1005 B 513ms
506ms Image
image/png 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/img/sticky-nav-logo.png

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

4772e9cc18480ee50462c1faa687f3a525c8d92dd7d81bf1e55fbafac05383b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: fb4c304d298f23c7
age: 75636
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="sticky-nav-logo.png"
x-varnish-count: 950
x-xss-protection: 1; mode=block
x-request-id: 1661b3ee-c0c8-42ac-ae18-acbe4ac9e577
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "7c94068442e2589cbb97d41717be0c5d"
strict-transport-security: max-age=16070400
x-varnish: 377620394 359461349
cache-control: public, max-age=0
content-length: 477
content-type: image/png
expires: Sun, 24 Jan 2021 18:25:13 GMT

GET
H2 200 Car_WebImage.jpg
www.firstcitizens.org/assets/files/V4tIHsBf/ 184 KB
185 KB 980ms
977ms Image
image/jpeg 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/files/V4tIHsBf/Car_WebImage.jpg

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

95c8f4775500763c29281a16def2ea2f15a1e03a71c954a07f366cf21790bcc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: ee9f2fe0b39816f4
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 45
content-disposition: filename="Car_WebImage.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: f8af1f86-4e47-470a-9d15-2e28049fd749
last-modified: Mon, 01 Jun 2020 17:20:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "732c8f647627f3b90386cd171d275cfa"
strict-transport-security: max-age=16070400
x-varnish: 449851693
cache-control: private
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 25 Jan 2021 15:25:49 GMT

GET
H2 200 ehl-logo.png
www.firstcitizens.org/assets/img/ 1 KB
2 KB 328ms
327ms Image
image/png 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/img/ehl-logo.png

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

d56b16bc861543dc5a9b9958255aa26eeb5b3bcc8b2a6f54f58941b545d5b096

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:50 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: b0a3f23ff33b11b3
age: 75578
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="ehl-logo.png"
x-varnish-count: 966
x-xss-protection: 1; mode=block
x-request-id: f88b2592-396e-4888-aaf0-d1450b57d92c
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "e1544044d7afab947fa668f17798dc2f"
strict-transport-security: max-age=16070400
x-varnish: 435485174 433036495
cache-control: public, max-age=0
content-length: 1100
content-type: image/png
expires: Sun, 24 Jan 2021 18:26:12 GMT

GET
H2 200 ncua-logo.png
www.firstcitizens.org/assets/img/ 1 KB
2 KB 164ms
156ms Image
image/png 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/img/ncua-logo.png

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

0792edf5fddd169f8801a23235a47f59847cd9c20ec769f343392e9585902a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:50 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: de78243eba585205
age: 75737
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="ncua-logo.png"
x-varnish-count: 904
x-xss-protection: 1; mode=block
x-request-id: 5bb2d53a-f0a7-4d03-8529-7bb41b968f53
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "45a35035439af3e38ccb547f7845724e"
strict-transport-security: max-age=16070400
x-varnish: 436172805 434427400
cache-control: public, max-age=0
content-length: 1265
content-type: image/png
expires: Sun, 24 Jan 2021 18:23:32 GMT

GET
H2 200 msic-logo.png
www.firstcitizens.org/assets/img/ 1 KB
2 KB 166ms
158ms Image
image/png 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/img/msic-logo.png

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

7ba86966be364c5afa2961c6fa035e32d25354d2c2daaab17425b64931727a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:50 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: a7687cffeae17189
age: 75728
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="msic-logo.png"
x-varnish-count: 981
x-xss-protection: 1; mode=block
x-request-id: 69ec673c-655a-47c1-9120-ca185e186010
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "7c1729714a824ab4f8d4f627a9632158"
strict-transport-security: max-age=16070400
x-varnish: 375831504 357862079
cache-control: public, max-age=0
content-length: 1216
content-type: image/png
expires: Sun, 24 Jan 2021 18:23:42 GMT

GET
H2 200 jquery-1.10.1.min.js Show response
www.firstcitizens.org/assets/js/ 135 KB
40 KB 227ms
227ms Script
application/javascript 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstcitizens.org/assets/js/jquery-1.10.1.min.js

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

8c3fef24559c4fddcd7fef1f33dbc38c19a65e84f113644d9caa2b268edf387d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-b3-traceid: 74bb2f6fb7ae72d3
age: 75671
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="jquery-1.10.1.min.js"
vary: Accept-Encoding
x-varnish-count: 889
x-xss-protection: 1; mode=block
x-request-id: 30676b33-54fc-4e28-9580-68794a09a7aa
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "99cedf2d5b74fcf626fe12e44bb40970"
strict-transport-security: max-age=16070400
x-varnish: 435485156 435758559
via: varnish
cache-control: public, max-age=0
content-length: 40367
content-type: application/javascript
expires: Sun, 24 Jan 2021 18:24:37 GMT

GET
H2 200 script.min.js Show response
www.firstcitizens.org/assets/js/ 115 KB
30 KB 164ms
156ms Script
application/javascript 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstcitizens.org/assets/js/script.min.js

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

c1483b365f16e472e7267bc77141755de13515288c9b52940799810f0799d2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-b3-traceid: 97fc81ff19f5ebf0
age: 97824
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="script.min.js"
vary: Accept-Encoding
x-varnish-count: 1380
x-xss-protection: 1; mode=block
x-request-id: 4b16c4f9-c704-47df-b9b3-3c3606cf1432
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "e7387c7acbd257becb3652a315683643"
strict-transport-security: max-age=16070400
x-varnish: 24302123 1114149
via: varnish
cache-control: public, max-age=0
content-length: 29697
content-type: application/javascript
expires: Sun, 24 Jan 2021 12:15:25 GMT

GET
H2 200 disclaimers.js Show response
www.firstcitizens.org/assets/target/ 3 KB
2 KB 159ms
158ms Script
application/javascript 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstcitizens.org/assets/target/disclaimers.js?bh=45ce80

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-b3-traceid: 74bf6cfaa1977349
age: 156154
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
vary: Accept-Encoding
x-varnish-count: 901
x-xss-protection: 1; mode=block
x-request-id: f5f639ec-433a-475c-a27a-2c5a62275b7e
accept-ranges: bytes
last-modified: Wed, 20 Jan 2021 15:43:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1b832c8332f241946ae3bcdd7a33ea0f"
strict-transport-security: max-age=16070400
x-varnish: 449756808 421593463
via: varnish
cache-control: public, max-age=15552000
content-length: 1400
content-type: application/javascript; charset=utf-8
expires: Thu, 22 Jul 2021 20:03:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-28144007-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3570
date: Mon, 25 Jan 2021 14:26:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 25 Jan 2021 16:26:19 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 17ms
13ms Script
text/javascript 2a00:1450:400c:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 00:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398743
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jan 2022 00:40:06 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 63ms
44ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M2ZHXFT

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99a3e4ae3a219ff79c75d94fa145387eb2dc9e5c307c4b84294d1c80220f76da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32885
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Jan 2021 15:25:49 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-7188.tvsquared.com/ 20 KB
9 KB 531ms
126ms Script
application/javascript 3.133.247.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-7188.tvsquared.com/tv2track.js
Requested by: Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.133.247.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-133-247-61.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jan 2021 11:46:59 GMT
Server: nginx
ETag: "5ff84633-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Mon, 25 Jan 2021 15:35:50 GMT

GET
H2 200 first-citizens-logo.svg
www.firstcitizens.org/assets/img/ 7 KB
3 KB 968ms
967ms Image
image/svg+xml 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/img/first-citizens-logo.svg

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/assets/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

114e7101f7fbf64ed8c28eff53ab2e11fac89c4bdffd4e55e1e14e9c4b898fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/assets/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-b3-traceid: f5e003f88f7fab84
age: 97823
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="first-citizens-logo.svg"
vary: Accept-Encoding
x-varnish-count: 1263
x-xss-protection: 1; mode=block
x-request-id: 6a8ac259-d335-4708-bcf3-3c8ef7572c55
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "81f5353561693761ab869995f37c96a8"
strict-transport-security: max-age=16070400
x-varnish: 22473250 1474594
via: varnish
cache-control: public, max-age=0
content-length: 2327
content-type: image/svg+xml
expires: Sun, 24 Jan 2021 12:15:26 GMT

GET
H2 200 sprites.png
www.firstcitizens.org/assets/img/ 14 KB
15 KB 967ms
966ms Image
image/png 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/img/sprites.png

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/assets/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

f8f7a158102e4afb6996bb54d98fd0fab23e29a3cd51e4a223cf2c4ff00c7172

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/assets/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: 4909f0867aa92be6
age: 75671
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="sprites.png"
x-varnish-count: 953
x-xss-protection: 1; mode=block
x-request-id: f6d1fc71-9f6f-4206-a3f3-289a2c89f2b6
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6473ef110aaa30175e3deb0142f6d051"
strict-transport-security: max-age=16070400
x-varnish: 435485162 435857896
cache-control: public, max-age=0
content-length: 14721
content-type: image/png
expires: Sun, 24 Jan 2021 18:24:38 GMT

GET
H2 200 navbar-divider.jpg
www.firstcitizens.org/assets/img/ 523 B
1 KB 967ms
967ms Image
image/jpeg 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.firstcitizens.org/assets/img/navbar-divider.jpg

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/assets/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

87355f1d3b1c4426fb05094064286f15d262e3ea021756439c3380de83b4e1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firstcitizens.org/assets/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
via: varnish
x-content-type-options: nosniff
x-b3-traceid: f5a5938b74224bbd
age: 97838
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="navbar-divider.jpg"
x-varnish-count: 1111
x-xss-protection: 1; mode=block
x-request-id: c0ff9dac-e9f5-4108-a1ad-d4b4f2b4ee11
accept-ranges: bytes
last-modified: Mon, 23 Nov 2020 22:49:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5a130c2371e3a2f21af3946df0898d12"
strict-transport-security: max-age=16070400
x-varnish: 25989714 393383
cache-control: public, max-age=0
content-length: 523
content-type: image/jpeg
expires: Sun, 24 Jan 2021 12:15:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:400c:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6654469d498f2ee7eae3224a0a21e5ac348f73fafaafbb8e8d72356c6c851e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 15:25:49 GMT
server: ESF
date: Mon, 25 Jan 2021 15:25:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jan 2021 15:25:49 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=833552409&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstcitizens.org%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%BA%20First%20Citizens%27%20Federal%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=294952387&gjid=769465883&cid=1928049268.1611588350&tid=UA-28144007-1&_gid=1328592912.1611588350&_r=1&gtm=2ou1d0&z=1032852820

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstcitizens.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 14ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=833552409&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstcitizens.org%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%BA%20First%20Citizens%27%20Federal%20Credit%20Union&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=892495644&gjid=1105611945&cid=1928049268.1611588350&tid=UA-28144007-1&_gid=1328592912.1611588350&_r=1&gtm=2wg1d0M2ZHXFT&z=687753219

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstcitizens.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 faa318e0-6ba7-0134-ddfa-0cc47abc2b4e Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 104ms
37ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/faa318e0-6ba7-0134-ddfa-0cc47abc2b4e

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2ZHXFT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

86cef5cd7b88f5a36a044b6aacf658cc08fcdc277931d4431c5026bbcfa2729b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 25 Jan 2021 15:25:49 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: Fl2DEMwjlrUBHHUDT-Fl
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 siteanalyze_86419.js Show response
siteimproveanalytics.com/js/ 23 KB
8 KB 38ms
38ms Script
application/javascript 2606:4700:e6::ac40:c418
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_86419.js
Requested by: Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c418 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 502e41e5e1d798dd4f76ae9c888f7974d540e42fa03d6d9d1417330d701be303

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: DTAS0Q0G1P4VFGFG
content-length: 7982
x-amz-id-2: S7BIZMopoZg5/6hviVY+Aj0X5lf9LjlVJeavqK+AfrNTA5MWuIE9MH5VcIau+ZzTlMV9SBxymFg=
last-modified: Mon, 04 Jan 2021 15:00:37 GMT
server: cloudflare
etag: "363845af2618cdbf8d08e4d3cf8c2450"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nub0L6AUdOJw7p1ncwY57QMtGnCeboJWJJ%2BmSwzc9FJhVvZTT8y3lRC9Gcw37qJIww9bJQiMGp2b0cVkzxr5MaLk0qgZw%2B0bD7GRFW5leLxtXysmVVGHozPg7yInErI8lyEbmLA%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
cf-request-id: 07dbbfc73c0000c2db5e3b7000000001
accept-ranges: bytes
cf-ray: 61730251fe2ec2db-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 28ms
27ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-28144007-1&cid=1928049268.1611588350&jid=294952387&gjid=769465883&_gid=1328592912.1611588350&_u=IEBAAUAAAAAAAC~&z=501011523

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Jan 2021 15:25:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.firstcitizens.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:26:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 10765
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 25 Jan 2022 12:26:24 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 39ms
25ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:26:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 10765
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 25 Jan 2022 12:26:24 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 25ms
22ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 13:34:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 6692
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 25 Jan 2022 13:34:17 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:26:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 10766
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 25 Jan 2022 12:26:23 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
428 B 59ms
16ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-28144007-1&cid=1928049268.1611588350&jid=892495644&gjid=1105611945&_gid=1328592912.1611588350&_u=aEDAAUABAAAAAC~&z=1573908049

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Jan 2021 15:25:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.firstcitizens.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
113 B 34ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-28144007-1&cid=1928049268.1611588350&jid=294952387&_u=IEBAAUAAAAAAAC~&z=39191909

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
31ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-28144007-1&cid=1928049268.1611588350&jid=294952387&_u=IEBAAUAAAAAAAC~&z=39191909

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOiCnqEu92Fr1Mu51QrEzAdL-vwnYg.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOiCnqEu92Fr1Mu51QrEzAdL-vwnYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32849187cfff1af50fd33521bad19f6017ba7a9f38fe32daceb51aec4f9d0529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:26:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:53 GMT
server: sffe
age: 10756
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12420
x-xss-protection: 0
expires: Tue, 25 Jan 2022 12:26:33 GMT

GET
H3-Q050 200 KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 13 KB
13 KB 20ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 19:26:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:39 GMT
server: sffe
age: 158386
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12824
x-xss-protection: 0
expires: Sun, 23 Jan 2022 19:26:03 GMT

GET
H3-Q050 200 KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Roboto:+100,300,500,700,100italic,300italic,500italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 13:34:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:53 GMT
server: sffe
age: 6700
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12668
x-xss-protection: 0
expires: Tue, 25 Jan 2022 13:34:09 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
455 B 37ms
36ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-28144007-1&cid=1928049268.1611588350&jid=892495644&_u=aEDAAUABAAAAAC~&z=1460995222

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 60ms
45ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-28144007-1&cid=1928049268.1611588350&jid=892495644&_u=aEDAAUABAAAAAC~&z=1460995222

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK image.aspx
86419.global.siteimproveanalytics.io/ 34 B
650 B 152ms
32ms Image
image/gif 3.124.230.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://86419.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.firstcitizens.org%2F&title=Home%20%E2%80%BA%20First%20Citizens%27%20Federal%20Credit%20Union&res=1600x1200&accountid=86419&rt=1586&prev=5a9615df-6b49-2b42-ab6e-2484088b2fca&luid=2288d207-bb4f-6311-dd9f-67d8bf1f8ef7&rnd=75625
Requested by: Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.230.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-230-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:50 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Mon, 25 Jan 2021 15:25:50 UTC
Connection: keep-alive
Content-Type: image/gif
Content-Length: 34
P3p: NOI OUR IND COM NAV INT

GET
H/1.1 200
OK tv2track.php
collector-7188.tvsquared.com/ 42 B
361 B 123ms
123ms Image
image/gif 3.133.247.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-7188.tvsquared.com/tv2track.php?action_name=Home%20%E2%80%BA%20First%20Citizens%27%20Federal%20Credit%20Union&idsite=TV-27811818-1&rec=1&r=383237&h=16&m=25&s=50&url=https%3A%2F%2Fwww.firstcitizens.org%2F&_id=e957815409cf38e6&_idts=1611588350&_idvc=0&_idn=1&_viewts=&cookie=1&res=1600x1200&gt_ms=220
Requested by: Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.133.247.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-133-247-61.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:50 GMT
Server: nginx
Connection: keep-alive
Request-Id: 8b63daca-d9d1-480a-9410-06aa27d1be87
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

GET
H2 200 disclaimer Show response
www.firstcitizens.org/_/api/ 888 B
945 B 145ms
144ms XHR
application/json 74.200.39.23
JACKHENRY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstcitizens.org/_/api/disclaimer

Requested by

Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/assets/js/jquery-1.10.1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.200.39.23 Rock Hill, United States, ASN14010 (JACKHENRY, US),

Reverse DNS

www.anbfl.com

Software

nginx /

Resource Hash

c479b6dcafddb03f4e0973a67e471e0d0f78801a6ad08d0071c5e915d2499663

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.firstcitizens.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Jan 2021 15:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-b3-traceid: 7fbd2b2097465290
age: 0
x-varnish-ttl: 0.000
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 3
vary: Accept-Encoding
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 581cca09-d4da-4049-b056-b3d936250c56
accept-ranges: bytes
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
x-varnish: 21853088
via: varnish
cache-control: public, max-age=0
content-length: 486
content-type: application/json; charset=utf-8
expires: Mon, 25 Jan 2021 15:25:50 GMT

GET
H/1.1 200
OK chatbeacon.js Show response
chat.mcsoftware.com/chatbeacon/scripts/ 76 KB
18 KB 972ms
352ms Script
application/javascript 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Requested by: Host: www.firstcitizens.org
URL: https://www.firstcitizens.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9f9a47f54a19990a4d7c0d8beead194220f8c5a53006d730398fdc1a4dccbf41

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Sep 2019 18:42:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80b974566375d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 18622

GET
H2 200 p Show response
i.simpli.fi/ 746 B
1 KB 36ms
35ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=67196&cb=sifi_att_42656._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/faa318e0-6ba7-0134-ddfa-0cc47abc2b4e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

388d7cf1523c7d1458a08f88e6ab36833424794b275d5178e63a345e330084a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
date: Mon, 25 Jan 2021 15:25:51 GMT
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=1C7A26BF1E5E4C33A212FAC5FDC9AA95

43 B
183 B

275ms
88ms

Image
image/gif

2600:1f18:612b:4216:52a3:d23b:f34f:1231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=1C7A26BF1E5E4C33A212FAC5FDC9AA95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:52a3:d23b:f34f:1231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=1C7A26BF1E5E4C33A212FAC5FDC9AA95
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1C7A26BF1E5E4C33A212FAC5FDC9AA95
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1C7A26BF1E5E4C33A212FAC5FDC9AA95

95 B
426 B

68ms
67ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1C7A26BF1E5E4C33A212FAC5FDC9AA95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Mon, 25 Jan 2021 15:25:51 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1C7A26BF1E5E4C33A212FAC5FDC9AA95
alt-svc: clear
content-length: 0

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
https://um.simpli.fi/aa_px?sk=164970303677001005617

43 B
409 B

29ms
28ms

Image
image/gif

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164970303677001005617

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Jan 2021 15:25:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:51 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=164970303677001005617
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 116ms
34ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1C7A26BF1E5E4C33A212FAC5FDC9AA95

0
0

114ms
32ms

Image
text/html

65.9.67.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 117ms
35ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 40ms
29ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=1C7A26BF1E5E4C33A212FAC5FDC9AA95;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=1C7A26BF1E5E4C33A212FAC5FDC9AA95;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-7332454699085574272

0
0

35ms
34ms

Image
text/html

65.9.67.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-7332454699085574272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:51 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-7332454699085574272
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&j=0&xl8blockcheck=1

0
763 B

41ms
40ms

Image
text/plain

136.144.49.28
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.49.28 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 25 Jan 2021 15:25:51 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 40ms
30ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95

0
421 B

437ms
110ms

Image
text/plain

54.208.200.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-200-8.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 25 Jan 2021 15:25:50 GMT

Redirect headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=1C7A26BF1E5E4C33A212FAC5FDC9AA95

62 B
329 B

245ms
175ms

Image
image/gif

104.108.41.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=1C7A26BF1E5E4C33A212FAC5FDC9AA95
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.41.56 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-41-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:51 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 41a8
Content-Type: image/gif

Redirect headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=1C7A26BF1E5E4C33A212FAC5FDC9AA95
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H2

200

tpid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=1C7A26BF1E5E4C33A212FAC5FDC9AA95

49 B
712 B

62ms
61ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:51 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.39
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:51 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
cache-control: no-cache
x-server: 10.45.13.39
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
https://ce.lijit.com/merge?pid=2&3pid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&dnr=1

0
433 B

35ms
33ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:51 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:51 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95

0
66 B

127ms
62ms

Image
text/plain

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1611588351098&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1824447089&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1824447089&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1824447089&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
135 B

37ms
37ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1824447089&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_-IOYJXKGOnatgfVjbegBw&cid=CAQSKQCNIrLMblBSnDN_TYuhW54YROq-DUlR9QvDV5mOMsoIulOIaJhR_7tb&random=3692842993&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1824447089&cv=7&fst=1611588351098&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_-IOYJXKGOnatgfVjbegBw&cid=CAQSKQCNIrLMblBSnDN_TYuhW54YROq-DUlR9QvDV5mOMsoIulOIaJhR_7tb&random=3692842993&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&__user_check__=1&sync_id=9bbe7859-5f21-11eb-ab68-182a6e993d06

43 B
548 B

31ms
30ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&__user_check__=1&sync_id=9bbe7859-5f21-11eb-ab68-182a6e993d06
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:51 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 25 Jan 2021 15:25:51 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=1C7A26BF1E5E4C33A212FAC5FDC9AA95&__user_check__=1&sync_id=9bbe7859-5f21-11eb-ab68-182a6e993d06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 133
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=1C7A26BF1E5E4C33A212FAC5FDC9AA95
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1C7A26BF1E5E4C33A212FAC5FDC9AA95

43 B
1 KB

34ms
34ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1C7A26BF1E5E4C33A212FAC5FDC9AA95

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:51 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: c2967ecc-711b-4389-b97d-086011eb329e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:51 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.135:80
AN-X-Request-Uuid: 5882366a-6b17-4df7-8a7a-81111a863655
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1C7A26BF1E5E4C33A212FAC5FDC9AA95
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1C7A26BF1E5E4C33A212FAC5FDC9AA95&expires=365

0
239 B

130ms
33ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1C7A26BF1E5E4C33A212FAC5FDC9AA95&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1C7A26BF1E5E4C33A212FAC5FDC9AA95&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 24 Jan 2021 15:25:51 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=1C7A26BF1E5E4C33A212FAC5FDC9AA95
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=1C7A26BF1E5E4C33A212FAC5FDC9AA95

43 B
180 B

54ms
54ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=1C7A26BF1E5E4C33A212FAC5FDC9AA95
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:51 GMT
via: 1.1 google
server: OXGW/16.200.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=1C7A26BF1E5E4C33A212FAC5FDC9AA95
date: Mon, 25 Jan 2021 15:25:51 GMT
via: 1.1 google
server: OXGW/16.200.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEP-k0F-YFfoJdcauCPHxptk&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1C7A26BF1E5E4C33A212FAC5FDC9AA95
https://um.simpli.fi/g_match?id=

0
320 B

31ms
29ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:25:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 24 Jan 2021 15:25:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jan 2021 15:25:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK 00000000-0000-0000-0000-000000000000
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/00000000-0000-0000-0000-000000000000/site/14/session/ Frame 0
0 758ms
186ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/00000000-0000-0000-0000-000000000000/site/14/session/00000000-0000-0000-0000-000000000000?resolution=1600x1200x24&r=1611588352115
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:24 GMT
Content-Length: 0

GET
H/1.1 200
OK chatbeacon.css
chat.mcsoftware.com/chatbeacon/content/css/ 14 KB
3 KB 185ms
184ms Stylesheet
text/css 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/content/css/chatbeacon.css
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 919b8411fc4fb272dd1cfc53313bf3652b5af92bbb793d485ef86d6067ef29ac

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2017 07:25:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0eed5f07212d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2799

GET
H/1.1 200
OK chatbeacon.css
chat.mcsoftware.com/chatbeacon/content/themes/fccu_frame/css/ 12 KB
2 KB 371ms
184ms Stylesheet
text/css 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/content/themes/fccu_frame/css/chatbeacon.css
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fa8b0293758387a88bf50a59ae7331a0eb157edb75059d9e42042c1a0e954565

Request headers

Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2018 20:00:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80ea596acea5d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2067

POST
H/1.1 201
Created 00000000-0000-0000-0000-000000000000 Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/00000000-0000-0000-0000-000000000000/site/14/session/ 943 B
1 KB 667ms
667ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/00000000-0000-0000-0000-000000000000/site/14/session/00000000-0000-0000-0000-000000000000?resolution=1600x1200x24&r=1611588352115
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0e2dc096f4f973a188abb7a80a23e5f0be1256be16517c19a286388e80f742d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:25 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://chat.mcsoftware.com/ChatBeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 943
Expires: -1

GET
H2 200 css
fonts.googleapis.com/ 2 KB
673 B 16ms
16ms Stylesheet
text/css 2a00:1450:400c:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/content/css/chatbeacon.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

735c136528612f775a92a5c23b77764db00d30a288817822c2af3bd1fcf67520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chat.mcsoftware.com/chatbeacon/content/css/chatbeacon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 14:51:03 GMT
server: ESF
date: Mon, 25 Jan 2021 15:25:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jan 2021 15:25:52 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
908 B 32ms
18ms Stylesheet
text/css 2a00:1450:400c:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Requested by

Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/content/themes/fccu_frame/css/chatbeacon.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3936471d1063f989e6addfcd160ae0a4ce880bbc3412528efb31b7cbc0ecc3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chat.mcsoftware.com/chatbeacon/content/themes/fccu_frame/css/chatbeacon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 15:12:58 GMT
server: ESF
date: Mon, 25 Jan 2021 15:25:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jan 2021 15:25:52 GMT

GET
H/1.1 200
OK profile Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/ 415 B
734 B 204ms
203ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/profile?r=1611588353546
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ba9a4b8108a211336e35222886999f0ba10ea13c9f32ec6c0e8b7c7794324b33

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:25 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 415
Expires: -1

OPTIONS
H/1.1 200
OK profile
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/ Frame 0
0 191ms
190ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/profile?r=1611588353546
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:25 GMT
Content-Length: 0

OPTIONS
H/1.1 200
OK page
chat.mcsoftware.com/chatbeacon/api/v2/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/ Frame 0
0 186ms
186ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v2/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/page?r=1611588353948
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:25 GMT
Content-Length: 0

POST
H/1.1 204
No Content page Show response
chat.mcsoftware.com/chatbeacon/api/v2/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/ 0
259 B 226ms
226ms XHR
text/plain 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v2/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/page?r=1611588353948
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:26 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Expires: -1

GET
H/1.1 200
OK c89c329e-87c9-401c-b07c-399bcfd7ace3 Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/ 943 B
1 KB 192ms
191ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3?r=1611588354363
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0e2dc096f4f973a188abb7a80a23e5f0be1256be16517c19a286388e80f742d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:26 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 943
Expires: -1

OPTIONS
H/1.1 200
OK c89c329e-87c9-401c-b07c-399bcfd7ace3
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/ Frame 0
0 186ms
186ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3?r=1611588354363
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:26 GMT
Content-Length: 0

GET
H/1.1 200
OK invites Show response
chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/ 776 B
1 KB 191ms
190ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/invites?r=1611588354746
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 60e88cc20af628484fb5047122e45e2116e000321a82a80066c77278ceb80ae3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:26 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 776
Expires: -1

OPTIONS
H/1.1 200
OK invites
chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/ Frame 0
0 188ms
187ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/invites?r=1611588354746
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:26 GMT
Content-Length: 0

GET
H/1.1 200
OK settings Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/site/ 54 B
372 B 196ms
196ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/site/settings?r=1611588355128
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8c6fbd7a11440d7a9f31e58ecf1c6cf8b489f88734b1bdf0518d6b19b21741ba

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:27 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 54
Expires: -1

OPTIONS
H/1.1 200
OK settings
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/site/ Frame 0
0 186ms
186ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/site/settings?r=1611588355128
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:26 GMT
Content-Length: 0

OPTIONS
H/1.1 200
OK 30
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/ Frame 0
0 188ms
188ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30?r=1611588355512
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:27 GMT
Content-Length: 0

GET
H/1.1 200
OK 30 Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/ 42 B
360 B 195ms
195ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30?r=1611588355512
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 72c3fcc4db71568966b57ab4d30e852ab3b9328935a0833114c49dbbb9000b22

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:27 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 42
Expires: -1

OPTIONS
H/1.1 200
OK chatwindow
chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/ Frame 0
0 242ms
241ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/chatwindow?r=1611588355898
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:27 GMT
Content-Length: 0

GET
H/1.1 200
OK chatwindow Show response
chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/ 214 B
533 B 186ms
185ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/chatwindow?r=1611588355898
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 45695cf14061248a3be2bdaca6ab10aeaa7e26f872b778fb62b2fed7141b5db9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:27 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 214
Expires: -1

GET
H/1.1 200
OK chat.html
chat.mcsoftware.com/chatbeacon/content/windows/ Frame 8947 0
0 186ms
186ms Document
text/html 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/content/windows/chat.html?&accountid=10&siteid=14&queueid=30&skipprechat=false&skippostchat=false&theme=fccu_slim&type=child&origin=https://www.firstcitizens.org&visitorid=5ce0ebe5-f5f8-4e73-b77e-2337e2eda656&sessionid=c89c329e-87c9-401c-b07c-399bcfd7ace3&c=1
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host: chat.mcsoftware.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.firstcitizens.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.firstcitizens.org/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 25 Aug 2017 12:46:12 GMT
Accept-Ranges: bytes
ETag: "042a021a01dd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:28 GMT
Content-Length: 505

GET
H/1.1 200
OK 0 Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/chat/ 301 B
620 B 196ms
195ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/chat/0?since=null&r=1611588356341
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ca252130cb68c5f209817b5b2e6a72aba8c64c38310d176f97b72dfc9bcc2e34

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:28 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 301
Expires: -1

OPTIONS
H/1.1 200
OK 0
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/chat/ Frame 0
0 189ms
188ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/chat/0?since=null&r=1611588356341
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:28 GMT
Content-Length: 0

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 19:24:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 158468
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Sun, 23 Jan 2022 19:24:48 GMT

GET
H/1.1 200
OK button Show response
chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/ 736 B
1 KB 197ms
196ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/button?r=1611588359080
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f26f0642694a4f275baba196e3038e03c7a0544dd3fb8c4359db96b8e3aa811b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:31 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 736
Expires: -1

OPTIONS
H/1.1 200
OK button
chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/ Frame 0
0 189ms
188ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/template/fccu_frame/button?r=1611588359080
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:30 GMT
Content-Length: 0

GET
H/1.1 200
OK state Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/ 1 B
318 B 196ms
196ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/state?r=1611588359473
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:31 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 1
Expires: -1

OPTIONS
H/1.1 200
OK state
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/ Frame 0
0 192ms
191ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/state?r=1611588359473
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:31 GMT
Content-Length: 0

OPTIONS
H/1.1 200
OK settings
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/ Frame 0
0 185ms
184ms Other 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/settings?r=1611588359871
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:31 GMT
Content-Length: 0

GET
H/1.1 200
OK settings Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/ 273 B
592 B 205ms
203ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/settings?r=1611588359871
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6e0426af407ad4959f4a7923218bd0482c253ea15463d2799d0c76c723742c2e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:31 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 273
Expires: -1

GET
H/1.1 200
OK online2.png
chat.mcsoftware.com/chatbeacon/content/images/ 20 KB
21 KB 208ms
205ms Image
image/png 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat.mcsoftware.com/chatbeacon/content/images/online2.png
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/content/themes/fccu_frame/css/chatbeacon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7cc2aeb0abcdc47f4858720ffdc0d35af74664a79b9d8e41d62f38affd2bd0d2

Request headers

Referer: https://chat.mcsoftware.com/chatbeacon/content/themes/fccu_frame/css/chatbeacon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:31 GMT
Last-Modified: Tue, 13 Feb 2018 21:52:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "806d40f714a5d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20953

GET
H/1.1 200
OK up2.png
chat.mcsoftware.com/chatbeacon/content/images/ 21 KB
21 KB 209ms
205ms Image
image/png 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat.mcsoftware.com/chatbeacon/content/images/up2.png
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/content/themes/fccu_frame/css/chatbeacon.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0a32509217267439e42f8d11a0b379e53aaa796c612e267b4faf5dc07ea744e7

Request headers

Referer: https://chat.mcsoftware.com/chatbeacon/content/themes/fccu_frame/css/chatbeacon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 15:25:31 GMT
Last-Modified: Tue, 13 Feb 2018 22:33:17 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80b469a41aa5d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 21760

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firstcitizens.org
Referer: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 6668
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 25 Jan 2022 13:34:51 GMT

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/chat/0?since=null&r=1611588361342
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:33 GMT
Content-Length: 0

GET
H/1.1 200
OK 0 Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/chat/ 301 B
620 B 202ms
202ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/chat/0?since=null&r=1611588361342
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ca252130cb68c5f209817b5b2e6a72aba8c64c38310d176f97b72dfc9bcc2e34

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:33 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 301
Expires: -1

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3?r=1611588364750
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:36 GMT
Content-Length: 0

GET
H/1.1 200
OK c89c329e-87c9-401c-b07c-399bcfd7ace3 Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/ 943 B
1 KB 420ms
218ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3?r=1611588364750
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0e2dc096f4f973a188abb7a80a23e5f0be1256be16517c19a286388e80f742d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:36 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 943
Expires: -1

GET
H/1.1 200
OK state Show response
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/ 1 B
318 B 301ms
200ms XHR
application/json 52.36.248.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/state?r=1611588364872
Requested by: Host: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/scripts/chatbeacon.js?accountId=10&siteId=14&queueId=30&m=1&i=1&b=1&c=1&theme=fccu_frame
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.firstcitizens.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 15:25:37 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.firstcitizens.org
Cache-Control: no-cache
Content-Length: 1
Expires: -1

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/state?r=1611588364872
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:36 GMT
Content-Length: 0

GET state
chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/ 0
0

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/state?r=1611588369872
Protocol: HTTP/1.1
Server: 52.36.248.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-248-170.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.firstcitizens.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.firstcitizens.org
Access-Control-Allow-Headers: content-type
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 15:25:41 GMT
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: chat.mcsoftware.com
URL: https://chat.mcsoftware.com/chatbeacon/api/v1/account/10/visitor/5ce0ebe5-f5f8-4e73-b77e-2337e2eda656/site/14/session/c89c329e-87c9-401c-b07c-399bcfd7ace3/queue/30/state?r=1611588369872

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

86419.global.siteimproveanalytics.io
aa.agkn.com
ajax.googleapis.com
bcp.crwdcntrl.net
ce.lijit.com
chat.mcsoftware.com
cm.g.doubleclick.net
collector-7188.tvsquared.com
fei.pro-market.net
firstcitizens.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
simplifi.partners.tremorhub.com
siteimproveanalytics.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.firstcitizens.org
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
chat.mcsoftware.com
104.108.41.56
136.144.49.28
142.250.74.194
159.253.128.183
169.50.137.179
185.33.221.87
185.94.180.126
2600:1901:0:8eee::
2600:1f18:612b:4216:52a3:d23b:f34f:1231
2606:4700:e6::ac40:c418
2a00:1450:4001:800::2003
2a00:1450:4001:800::2008
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:803::200e
2a00:1450:4001:808::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:821::200e
2a00:1450:400c:c00::5f
2a00:1450:400c:c00::9a
2a00:1450:400c:c00::9c
2a00:1450:400c:c0c::5f
3.124.230.65
3.133.247.61
34.120.207.148
34.98.64.218
35.227.248.159
52.28.175.104
52.36.248.170
54.171.173.220
54.208.200.8
65.9.67.93
69.173.144.165
72.251.249.13
74.200.39.23
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0792edf5fddd169f8801a23235a47f59847cd9c20ec769f343392e9585902a04
095bf320744b2c783193c78a1edf206024ea7d9b99653917fe1e6a812ee5d5fa
0a32509217267439e42f8d11a0b379e53aaa796c612e267b4faf5dc07ea744e7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
114e7101f7fbf64ed8c28eff53ab2e11fac89c4bdffd4e55e1e14e9c4b898fef
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
26cb3fb83f003c5b10f44a3da47651a5c2a5021ed7a1991721d08ac727a01349
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32849187cfff1af50fd33521bad19f6017ba7a9f38fe32daceb51aec4f9d0529
388d7cf1523c7d1458a08f88e6ab36833424794b275d5178e63a345e330084a5
3936471d1063f989e6addfcd160ae0a4ce880bbc3412528efb31b7cbc0ecc3fe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
45695cf14061248a3be2bdaca6ab10aeaa7e26f872b778fb62b2fed7141b5db9
4772e9cc18480ee50462c1faa687f3a525c8d92dd7d81bf1e55fbafac05383b5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e41e5e1d798dd4f76ae9c888f7974d540e42fa03d6d9d1417330d701be303
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60e88cc20af628484fb5047122e45e2116e000321a82a80066c77278ceb80ae3
6654469d498f2ee7eae3224a0a21e5ac348f73fafaafbb8e8d72356c6c851e3f
6e0426af407ad4959f4a7923218bd0482c253ea15463d2799d0c76c723742c2e
72c3fcc4db71568966b57ab4d30e852ab3b9328935a0833114c49dbbb9000b22
735c136528612f775a92a5c23b77764db00d30a288817822c2af3bd1fcf67520
7ba86966be364c5afa2961c6fa035e32d25354d2c2daaab17425b64931727a97
7cc2aeb0abcdc47f4858720ffdc0d35af74664a79b9d8e41d62f38affd2bd0d2
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cef5cd7b88f5a36a044b6aacf658cc08fcdc277931d4431c5026bbcfa2729b
87355f1d3b1c4426fb05094064286f15d262e3ea021756439c3380de83b4e1e4
8c3fef24559c4fddcd7fef1f33dbc38c19a65e84f113644d9caa2b268edf387d
8c6fbd7a11440d7a9f31e58ecf1c6cf8b489f88734b1bdf0518d6b19b21741ba
90767edb913c617144ec3d8c3af874babe1119fb06372bba96d02a28973e92c2
919b8411fc4fb272dd1cfc53313bf3652b5af92bbb793d485ef86d6067ef29ac
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
95c8f4775500763c29281a16def2ea2f15a1e03a71c954a07f366cf21790bcc7
99a3e4ae3a219ff79c75d94fa145387eb2dc9e5c307c4b84294d1c80220f76da
9f9a47f54a19990a4d7c0d8beead194220f8c5a53006d730398fdc1a4dccbf41
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e2dc096f4f973a188abb7a80a23e5f0be1256be16517c19a286388e80f742d
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
ba9a4b8108a211336e35222886999f0ba10ea13c9f32ec6c0e8b7c7794324b33
c1483b365f16e472e7267bc77141755de13515288c9b52940799810f0799d2e5
c479b6dcafddb03f4e0973a67e471e0d0f78801a6ad08d0071c5e915d2499663
c6590272ed30fa26ad7e9c11546aca56ad383f6bf4022c71c9492d9827837d4a
ca252130cb68c5f209817b5b2e6a72aba8c64c38310d176f97b72dfc9bcc2e34
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf73c69344848f2e24bb1a3820d7c8165dbcada1123aac9a9b2e076772b62d9c
d56b16bc861543dc5a9b9958255aa26eeb5b3bcc8b2a6f54f58941b545d5b096
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f26f0642694a4f275baba196e3038e03c7a0544dd3fb8c4359db96b8e3aa811b
f6d8200e932d67f4f6de1d458b4be3addb94383505b25b29e7bdb188f4a3b836
f8f7a158102e4afb6996bb54d98fd0fab23e29a3cd51e4a223cf2c4ff00c7172
fa8b0293758387a88bf50a59ae7331a0eb157edb75059d9e42042c1a0e954565
fcb94e3e58038e1d2d06b0cba1171532d77ff8f2b0feeb2f8c4d80a24f6d8695

www.firstcitizens.org Open in urlscan Pro 74.200.39.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

99 %HTTPS

46 %IPv6

29 Domains

35 Subdomains

33 IPs

5 Countries

11488 kBTransfer

12040 kBSize

0 Cookies

13 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.firstcitizens.org Open in urlscan Pro
74.200.39.23 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

99 %
HTTPS

46 %
IPv6

29
Domains

35
Subdomains

33
IPs

5
Countries

11488 kB
Transfer

12040 kB
Size

0
Cookies

107 HTTP transactions
0 data transactions