c1tz2n.com Open in urlscan Pro
69.49.247.76 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://c1tz2n.com/
Submission Tags: #phishing @ecarlesi Search All
Submission: On August 21 via api (August 21st 2022, 8:14:08 am UTC) from FI — Scanned from FI

Summary HTTP 114 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 114 HTTP transactions. The main IP is 69.49.247.76, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is c1tz2n.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 20th 2022. Valid for: 3 months.

This is the only time c1tz2n.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
34	69.49.247.76 69.49.247.76	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
24	2a02:26f0:e30... 2a02:26f0:e300:188::17c7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:e30... 2a02:26f0:e300:184::1f37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2a02:26f0:470... 2a02:26f0:4700:2b1::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	185.32.241.65 185.32.241.65	30286 (THM) (THM)
11	52.4.227.205 52.4.227.205	14618 (AMAZON-AES) (AMAZON-AES)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	192.225.158.3 192.225.158.3	30286 (THM) (THM)
114	13

34 69.49.247.76 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 69-49-247-76.webhostbox.net

c1tz2n.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:26f0:e300:188::17c7 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

www3.citizensbankonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:e300:184::1f37 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

www.citizensbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:4700:2b1::11a6 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.32.241.65 (United States)

ASN30286 (THM, US)

content.citizensbankonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.4.227.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-227-205.compute-1.amazonaws.com

report.citizen.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net

8s1rqgxh5teklumvd75gwfs5qdniw6oylmofhnj2645a976ec0449a37sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	citizensbankonline.com www3.citizensbankonline.com — Cisco Umbrella Rank: 113240 content.citizensbankonline.com — Cisco Umbrella Rank: 72395	252 KB
34	c1tz2n.com c1tz2n.com	2 MB
11	glassboxdigital.io report.citizen.glassboxdigital.io — Cisco Umbrella Rank: 59996	13 KB
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2996 8s1rqgxh5teklumvd75gwfs5qdniw6oylmofhnj2645a976ec0449a37sac.d.aa.online-metrix.net	17 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	12 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	53 KB
1	go-mpulse.net c.go-mpulse.net — Cisco Umbrella Rank: 554	256 B
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 438	30 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2236	15 KB
1	citizensbank.com www.citizensbank.com — Cisco Umbrella Rank: 66221	1 KB
0	Failed function sub() { [native code] }. Failed
114	11

	Domain	Requested by
34	c1tz2n.com	c1tz2n.com
24	www3.citizensbankonline.com	c1tz2n.com www3.citizensbankonline.com
15	content.citizensbankonline.com	c1tz2n.com content.citizensbankonline.com
11	report.citizen.glassboxdigital.io	c1tz2n.com
4	h.online-metrix.net	1 redirects c1tz2n.com
2	cdnjs.cloudflare.com	c1tz2n.com
2	code.jquery.com	c1tz2n.com
1	8s1rqgxh5teklumvd75gwfs5qdniw6oylmofhnj2645a976ec0449a37sac.d.aa.online-metrix.net
1	c.go-mpulse.net	c1tz2n.com
1	ajax.aspnetcdn.com	c1tz2n.com
1	stackpath.bootstrapcdn.com	c1tz2n.com
1	www.citizensbank.com	c1tz2n.com
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	c1tz2n.com
114	13

This site contains links to these domains. Also see Links.

Domain
www.citizensbank.com
jobs.citizensbank.com
www3.citizensbankonline.com
student.citizensbank.com
investor.citizensbank.com

Subject Issuer	Validity	Valid
c1tz2n.com cPanel, Inc. Certification Authority	`2022-08-20` - `2022-11-18`	3 months	crt.sh
citizensbankonline.com Entrust Certification Authority - L1M	`2022-04-13` - `2023-04-13`	a year	crt.sh
www.citizensbank.com Entrust Certification Authority - L1M	`2022-07-01` - `2023-07-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
content.citizensbankonline.com Entrust Certification Authority - L1M	`2022-04-21` - `2023-04-21`	a year	crt.sh
citizen.glassboxdigital.io Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.d.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-02-23` - `2023-03-27`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://c1tz2n.com/
Frame ID: CD81D6175D4847B1C0BA893B35137EDB
Requests: 36 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_1.html
Frame ID: 2FE9C010AF3F6BDD63C4845406D3F8BD
Requests: 3 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Frame ID: 3BFD68F47BE0AE2B369AC72824600BE2
Requests: 45 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_9.html
Frame ID: 00F0BC5EB36D7A3DACA55F1A11BD9121
Requests: 1 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_4.html
Frame ID: 5FC52124F75360627FB4654079C6A341
Requests: 4 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_7.html
Frame ID: 2A964DBF0A4C4F431C1343C8978BC8E7
Requests: 1 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_8.html
Frame ID: 24CC9DF20D516DF26AD41DAE73AD25A0
Requests: 1 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_5.html
Frame ID: 7CEE7D2BBEED3019C7461294C09D9014
Requests: 7 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_3.html
Frame ID: 9BBB4CD8BAAF80F417FFBC29BDF718C4
Requests: 1 HTTP requests in this frame

Frame: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_6.html
Frame ID: 36B7A46AF5C2A8A226B9CF92E37987F4
Requests: 7 HTTP requests in this frame

Frame: https://content.citizensbankonline.com/fp/HP?session_id=2f8a930e36dfe08948ecc42d265180e1&org_id=8s1rqgxh&nonce=645a976ec0449a37&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 6BE93C5E0DE352974E70CDD607CFA7C3
Requests: 3 HTTP requests in this frame

Frame: https://content.citizensbankonline.com/fp/ls_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37
Frame ID: C206A996BE338DCBFC485155CA57DF72
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37
Frame ID: 99633672DFE90CD4764F4EB06E37B0ED
Requests: 2 HTTP requests in this frame

Frame: https://content.citizensbankonline.com/fp/top_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37
Frame ID: 64DC85B62CB627AA9A09485855B260DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Login | Citizens

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

114
Requests

83 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

2586 kB
Transfer

3320 kB
Size

7
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: http://www.citizensbank.com/

Search URL Search Domain Scan URL

URL: https://jobs.citizensbank.com/?utm_source=OT&utm_medium=Consumer_Marketing&utm_campaign=RM_CustomerMkt_OLB&utm_term=&utm_content=Other
Title: Search our open positions

Search URL Search Domain Scan URL

URL: https://www3.citizensbankonline.com/efs/ui/tli/index.html
Title: Trouble logging in?

Search URL Search Domain Scan URL

URL: https://www3.citizensbankonline.com/efs/servlet/efs/login-faqs.jsp
Title: View All Help Topics

Search URL Search Domain Scan URL

URL: https://www3.citizensbankonline.com/efs/ui/enrollment/index.html
Title: Enroll Now

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/checking/
Title: Checking

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/savings-and-cds/savings.aspx
Title: Savings

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/savings-and-cds/money-markets.aspx
Title: Money Markets

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/savings-and-cds/cds.aspx
Title: Certificates of Deposit (CDs) Â®

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/ira/
Title: IRAs

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/checking-and-savings/programs-and-services.aspx
Title: Programs & Services

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/checking-and-savings/benefits-and-features.aspx
Title: Benefits & Features

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/checking/debit-cards/standard.aspx
Title: Debit Card

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/overdraft-protection/
Title: Overdraft Choices Â®

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/mortgages/
Title: Mortgages

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/home-equity/loans.aspx
Title: Home Equity Loans

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/home-equity/lines.aspx
Title: Home Equity Lines of Credit

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/loans/determine-my-rate.aspx
Title: Determine My Rate

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/student-loans/default.aspx
Title: Student Loan Options

Search URL Search Domain Scan URL

URL: https://student.citizensbank.com/app/#/login
Title: Refinancing Student Loans

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/student-loans/process/default.aspx
Title: The Student Loan Process

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/student-loans/process/undergraduate.aspx
Title: Undergraduate Students & Parents

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/student-loans/process/graduate.aspx
Title: Graduate Students

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/student-loans/tools.aspx
Title: Tools & Information

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/checking/one-deposit-checking-account.aspx
Title: Banking for Students

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/student-services/access-my-student-loan/default.aspx
Title: Access My Student Loan

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/credit-cards/overview.aspx
Title: Credit Cards

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/cards-and-rewards/credit-cards/creditcardagreements/agreements.aspx
Title: Card Agreements

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/security/
Title: Security Features

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/personal-loans/overview.aspx
Title: Overview

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/personal-loans/faqs.aspx
Title: FAQs

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/checking/order-checks.aspx
Title: Order Checks

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/online-and-mobile-banking/default.aspx
Title: Online & Mobile Banking

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/customer-service/
Title: Customer Service

Search URL Search Domain Scan URL

URL: http://investor.citizensbank.com/about-us/our-company.aspx
Title: About Citizens

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/community/
Title: In the Community

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/about_our_ads.aspx
Title: About Our Ads

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/investing/
Title: Investing

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/small-business/
Title: Small Business

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/commercial-banking/
Title: Commercial

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/pf/onlinebanking/terms.aspx
Title: Online Terms and Conditions

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/assets/pdf/E-SignDisclosure.pdf
Title: E-Sign Disclosure

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/checking-and-savings/account-documents.aspx
Title: Account Documents

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/tools/leaving.aspx?url=http://www.fdic.gov
Title: Member FDIC

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/security/equal-housing-lender.aspx
Title: Equal Housing Lender

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/tools/SiteMap.aspx
Title: Site Map

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/tools/leaving.aspx?url=http://www.facebook.com/citizensbank

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/tools/leaving.aspx?url=http://twitter.com/citizensbank

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/tools/leaving.aspx?url=http://linkedin.com/company/citizens-bank

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/tools/leaving.aspx?url=http://youtube.com/citizensbank

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://h.online-metrix.net/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&k=2

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
c1tz2n.com/ 64 KB
65 KB 627ms
185ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: d7534d43fa9e57cd62b0967c8a33395cf16c37c79f3048219925f28a658f6033

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 66039
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sun, 21 Aug 2022 01:16:44 GMT
Server: Apache

GET
H/1.1 200
OK index_1.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 2FE9 244 B
486 B 181ms
181ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_1.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 362f4fe71926dcffacb8384f490f8ab47d7fc619f35c3d077f7d1e5cb5785524

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 244
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H2 200 jquery-ui-1.10.3.custom.min.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 19 KB
3 KB 553ms
104ms Stylesheet
text/css 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3118
x-olb-req-received: t=1661011743154471
last-modified: Sat, 20 Aug 2022 16:10:35 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "4a56-5e6a22eac403f"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 08:08:04 GMT
cache-control: max-age=86042
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=749

GET
H2 200 normalize.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 10 KB
3 KB 561ms
112ms Stylesheet
text/css 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2300
x-olb-req-received: t=1661011743176430
last-modified: Sat, 20 Aug 2022 16:11:26 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "26c2-5e6a22eac403f"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 08:08:03 GMT
cache-control: max-age=86041
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=542

GET
H2 200 main.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 61 KB
11 KB 569ms
121ms Stylesheet
text/css 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

66a13cad6c244da4061da65fd2fbf027bf1bb49e21c42f5e7c943a9379f1e7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 10382
x-olb-req-received: t=1661011743213633
last-modified: Sat, 20 Aug 2022 16:10:24 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "f405-5e6a22eac8673"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 08:08:03 GMT
cache-control: max-age=86041
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=2184

GET
H2 200 flows.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 8 KB
2 KB 596ms
148ms Stylesheet
text/css 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

cf82e79b8bb096812095ae48ed7f1371108afc393eb3599df944bec83130200c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1975
x-olb-req-received: t=1661011743250141
last-modified: Sat, 20 Aug 2022 16:10:46 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "21ce-5e6a22eacb2cf"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 08:08:03 GMT
cache-control: max-age=86041
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=444

GET
H2 200 ad-containers.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 7 KB
2 KB 598ms
150ms Stylesheet
text/css 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1227
x-olb-req-received: t=1661011743257914
last-modified: Sat, 20 Aug 2022 16:18:36 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "1dd4-5e6a22eac76d3"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 08:04:40 GMT
cache-control: max-age=85838
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=382

GET
H/1.1 200
OK style.css
c1tz2n.com/CreditCards/Investing/Retirement/Corporate/ 414 B
654 B 199ms
181ms Stylesheet
text/css 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CreditCards/Investing/Retirement/Corporate/style.css
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:00 GMT
Last-Modified: Tue, 16 Nov 2021 19:01:14 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 414

GET
H2 200 citizensns.min.2590.css
www3.citizensbankonline.com/efs/hhf/css/ 6 KB
2 KB 597ms
150ms Stylesheet
text/css 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/hhf/css/citizensns.min.2590.css

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

e142dc379b824a0970bae4bcba1d1d16359be51a146ca066d7389e6a5157d8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1579
x-olb-req-received: t=1661011836871592
last-modified: Sat, 20 Aug 2022 16:10:39 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "177f-5e6a46c12e1c2"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 08:08:03 GMT
cache-control: max-age=86041
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=405

GET
H2 200 CTZ_Green-01.png
www3.citizensbankonline.com/efs/hhf/img/ 5 KB
5 KB 88ms
86ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011749892174
last-modified: Sat, 20 Aug 2022 04:12:25 GMT
etag: "149d-5e6a46c1308d1"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546904
x-olb-req-duration: D=154
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5277
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:09:06 GMT

GET
H2 200 feedback.png
www.citizensbank.com/assets/CB_media/images/ 824 B
1 KB 538ms
91ms Image
image/png 2a02:26f0:e300:184::1f37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citizensbank.com/assets/CB_media/images/feedback.png

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:184::1f37 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET, ARR/3.0

Resource Hash

713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
last-modified: Wed, 22 Jan 2020 18:38:44 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET, ARR/3.0
etag: "052b72c53d1d51:0"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
x-robots-tag: none
content-length: 824

GET
H/1.1 200
OK A9397-AA2WQ-WQN9E-BBVTK-Y8BXE.js Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 2FE9 205 KB
205 KB 337ms
185ms Script
application/javascript 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE.js
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 209939

GET
H2 200 equal-housing.gif
www3.citizensbankonline.com/efs/hhf/img/ 1 KB
1 KB 102ms
100ms Image
image/gif 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/equal-housing.gif

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743459733
last-modified: Sat, 20 Aug 2022 04:12:25 GMT
etag: "46e-5e6a46c130cb9"
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=546907
x-olb-req-duration: D=148
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1134
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:09:09 GMT

GET
H2 200 footer-follow-facebook.png
www3.citizensbankonline.com/efs/hhf/img/ 395 B
708 B 124ms
122ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/footer-follow-facebook.png

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743460006
last-modified: Sat, 20 Aug 2022 04:13:01 GMT
etag: "18b-5e6a46e30bd95"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546921
x-olb-req-duration: D=111
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 395
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:09:23 GMT

GET
H2 200 footer-follow-twitter.png
www3.citizensbankonline.com/efs/hhf/img/ 3 KB
4 KB 144ms
142ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/footer-follow-twitter.png

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743502367
last-modified: Sat, 20 Aug 2022 04:12:25 GMT
etag: "cdf-5e6a46c130cb9"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546896
x-olb-req-duration: D=134
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3295
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:58 GMT

GET
H2 200 footer-follow-linkedin.png
www3.citizensbankonline.com/efs/hhf/img/ 3 KB
3 KB 158ms
157ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/footer-follow-linkedin.png

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743503052
last-modified: Sat, 20 Aug 2022 04:13:01 GMT
etag: "ca7-5e6a46e30bd95"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546870
x-olb-req-duration: D=127
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3239
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:32 GMT

GET
H2 200 footer-follow-youtube.png
www3.citizensbankonline.com/efs/hhf/img/ 3 KB
4 KB 172ms
171ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/footer-follow-youtube.png

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743517564
last-modified: Sat, 20 Aug 2022 04:12:25 GMT
etag: "cce-5e6a46c130cb9"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546906
x-olb-req-duration: D=127
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3278
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:09:08 GMT

GET
H2 200 elh.gif
www3.citizensbankonline.com/efs/hhf/img/ 1 KB
2 KB 187ms
186ms Image
image/gif 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/elh.gif

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743595397
last-modified: Sat, 20 Aug 2022 04:13:01 GMT
etag: "599-5e6a46e30b9ad"
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=546875
x-olb-req-duration: D=121
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1433
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:37 GMT

GET
H2 200 fdicFooter.gif
www3.citizensbankonline.com/efs/hhf/img/ 2 KB
2 KB 208ms
207ms Image
image/gif 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/fdicFooter.gif

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743544424
last-modified: Sat, 20 Aug 2022 04:13:01 GMT
etag: "8c5-5e6a46e30b9ad"
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=546922
x-olb-req-duration: D=108
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2245
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:09:24 GMT

GET
H/1.1 200
OK sec-3-8.css
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ 2 KB
2 KB 196ms
181ms Stylesheet
text/css 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/sec-3-8.css
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1641

GET
H/1.1 200
OK loading.gif
c1tz2n.com/CreditCards/Investing/Retirement/Corporate/ 38 KB
38 KB 377ms
181ms Image
image/gif 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1tz2n.com/CreditCards/Investing/Retirement/Corporate/loading.gif
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 11 Aug 2018 17:03:52 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 38636

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 174ms
52ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1661069642.dop210.sk1.t,1661069642.cds069.sk1.hn,1661069642.cds222.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 174ms
51ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://c1tz2n.com/
Origin: https://c1tz2n.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1661069642.dop001.sk1.t,1661069642.cds013.sk1.hn,1661069642.cds230.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 156ms
55ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://c1tz2n.com/
Origin: https://c1tz2n.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1951202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP2UYJjP3rwG5b7JLvy%2Floi0Kt3fVU5JVSh5H1RqCHRD0%2Bd8yX%2B3om%2FtRPB%2BXxV4mbrmX11d%2F3Zy46GJqUXKLM5SntPEyTHiYspDUOSDUUtUWksszmX5nnX8AOflTtAkd%2BUX4zI9WRAX5XR2WS6JBzVC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73e1e9b10a74f15e-ARN
expires: Fri, 11 Aug 2023 08:14:02 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 170ms
58ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://c1tz2n.com/
Origin: https://c1tz2n.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565
age: 360
cdn-cachedat: 06/01/2022 16:41:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 87914c87337194b92a43d44e3f4a529d
cf-ray: 73e1e9b11a85f15e-ARN
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
30 KB 212ms
50ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F7A8) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14071137
x-cache: HIT
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 156ms
56ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11776128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4517
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-4e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7l2NrezUHA0%2BYsMib95PoU8n1qOwdxj3IrgBNNxY%2Fr6VHejsOK%2F0fCUPIyg48CvO%2FoZSUABkx%2F2WNrIjpo1jmJfxdQJWnroLoxWrgp9OPMzIf%2FQme81FyqxXIPsxFszKPaLq698druex046x0wW36nl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73e1e9b10ba9993c-ARN
expires: Fri, 11 Aug 2023 08:14:02 GMT

GET
H/1.1 200
OK actions.js Show response
c1tz2n.com/CreditCards/Investing/Retirement/Corporate/ 1 KB
2 KB 364ms
184ms Script
application/javascript 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CreditCards/Investing/Retirement/Corporate/actions.js
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 8bcecbd1eeb6e999bc9583d1e35c12a74d044dba44ee22e185e138f05ca05414

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Tue, 16 Nov 2021 18:48:10 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1291

GET
H/1.1 400
Bad Request config.json Show response
c.go-mpulse.net/api/ Frame 2FE9 59 B
256 B 261ms
91ms XHR
application/json 2a02:26f0:4700:2b1::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=A9397-AA2WQ-WQN9E-BBVTK-Y8BXE.js&d=c1tz2n.com&t=5536899&v=1.720.0&if=&sl=0&si=5331977d-140f-4936-8d05-5e852bccac11-rgyhjd&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:4700:2b1::11a6 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5c6053df3509f8109509b18f349a313c4ea45e9dfde8bbd82b1a3718e99dc6db

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 21 Aug 2022 08:14:02 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 59
Content-Type: application/json

GET
H/1.1 200
OK index_2.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 2 KB
2 KB 185ms
185ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: c97e17fbc4a1420dd6328eed0072163f16c96b76f09c1f8da8b55cd4b7ecb05c

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 2275
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:01 GMT
Keep-Alive: timeout=5, max=98
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H/1.1 200
OK index_9.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 00F0 7 KB
7 KB 183ms
183ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_9.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 1ba892e6c4d359ea88c591787db7bed25de2e3a8ec6161ea28b6f13c68785498

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 7058
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:01 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H/1.1 200
OK index_4.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 5FC5 22 KB
22 KB 700ms
699ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_4.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: d0663c8ff1f65e090dec80bb83d95485692037adf7c2330983906744f366b7e1

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 22307
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:02 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H/1.1 200
OK index_7.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 2A96 39 KB
39 KB 188ms
187ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_7.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 4b9ef84e8d1ddeab158c0ee1572c31402485b419765e739acd981fde0cc1a902

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 39705
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:01 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H/1.1 200
OK index_8.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 24CC 11 KB
11 KB 188ms
187ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_8.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 336792a9a3d8f9eca64a522bec879e756512dba26226e07fec0ae5ba41ead241

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 11032
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:01 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H2 200 icon-secure.png
www3.citizensbankonline.com/efs/efs/grafx/ 292 B
605 B 145ms
145ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743148696
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "124-5e6a235cbd9f7"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546890
x-olb-req-duration: D=99
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 292
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:52 GMT

GET
H2 200 flows-tooltip.png
www3.citizensbankonline.com/efs/efs/grafx/ 364 B
678 B 159ms
158ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743176756
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "16c-5e6a235cbab17"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546860
x-olb-req-duration: D=107
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 364
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:22 GMT

GET
H2 200 arrow-button-white.png
www3.citizensbankonline.com/efs/efs/grafx/ 1017 B
1 KB 173ms
172ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743209553
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "3f9-5e6a235ca4f6f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546972
x-olb-req-duration: D=118
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1017
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:10:14 GMT

GET
H2 200 arrow-down-blue.png
www3.citizensbankonline.com/efs/efs/grafx/ 1 KB
1 KB 186ms
185ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743209462
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "41e-5e6a235ca4f6f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546874
x-olb-req-duration: D=111
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1054
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:36 GMT

GET
H2 200 arrow-right-orange.png
www3.citizensbankonline.com/efs/efs/grafx/ 165 B
478 B 199ms
199ms Image
image/png 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:02 GMT
x-olb-req-received: t=1661011743227991
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "a5-5e6a235ca5357"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=546895
x-olb-req-duration: D=109
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 165
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:57 GMT

GET
H2 200 citiolb_icons.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 18 KB
18 KB 339ms
106ms Font
application/octet-stream 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://c1tz2n.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:03 GMT
x-olb-req-received: t=1661011749210976
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "485c-5e6a22eac7abb"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=546887
x-olb-req-duration: D=157
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 18524
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:50 GMT

GET
H2 200 citizen_roman.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 31 KB
32 KB 452ms
219ms Font
application/octet-stream 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://c1tz2n.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:03 GMT
x-olb-req-received: t=1661011749229320
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "7ce0-5e6a22eac8673"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=546937
x-olb-req-duration: D=136
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 31968
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:09:40 GMT

GET
H2 200 citizen_book.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 31 KB
31 KB 406ms
173ms Font
application/octet-stream 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://c1tz2n.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:03 GMT
x-olb-req-received: t=1661011749241242
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "7c78-5e6a22eac386f"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=546964
x-olb-req-duration: D=168
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 31864
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:10:07 GMT

GET
H2 200 citizen_bold.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 29 KB
29 KB 540ms
307ms Font
application/octet-stream 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_bold.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://c1tz2n.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:03 GMT
x-olb-req-received: t=1661011743548730
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "7278-5e6a22eac3487"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=546870
x-olb-req-duration: D=191
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 29304
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:33 GMT

GET
H2 200 citizen_extrabold.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 27 KB
28 KB 507ms
274ms Font
application/octet-stream 2a02:26f0:e300:188::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:188::17c7 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://c1tz2n.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:14:03 GMT
x-olb-req-received: t=1661011743336765
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "6ccc-5e6a22eac828b"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=546860
x-olb-req-duration: D=138
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 27852
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sat, 27 Aug 2022 16:08:23 GMT

GET
H/1.1 200
OK clear-9.png Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
239 B 187ms
186ms Script
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-9.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 0

GET
H/1.1 200
OK clear.png Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
239 B 185ms
184ms Script
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 0

GET
H/1.1 200
OK clear-1.png Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
239 B 183ms
182ms Script
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-1.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 0

GET
H/1.1 200
OK clear-8.png
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 81 B
321 B 185ms
185ms Image
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-8.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:02 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 81

GET
H/1.1 200
OK clear-3.png Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
239 B 185ms
185ms Script
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-3.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 0

GET
H/1.1 200
OK clear-2.png Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
239 B 187ms
187ms Script
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-2.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 0

GET
H/1.1 200
OK clear1.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA.png
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
239 B 190ms
187ms Image
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear1.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:02 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 0

GET
H/1.1 200
OK clear-6.png Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
239 B 184ms
183ms Script
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-6.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 0

GET
H/1.1 200
OK detector-dom.min.js Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 364 KB
365 KB 187ms
186ms Script
application/javascript 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 539fb8c821a40281df9376733a982048cbee054507dc38c35b9a5df712f6abc5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 373097

GET
H/1.1 200
OK clear3.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
214 B 182ms
181ms Script
text/plain 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear3.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:01 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 0

GET
H/1.1 200
OK clear3-1.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 0
214 B 365ms
181ms Script
text/plain 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear3-1.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:02 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 0

GET
H/1.1 200
OK clear-5.png
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 81 B
321 B 376ms
187ms Image
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-5.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:02 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 81

GET
H/1.1 200
OK check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 315 KB
315 KB 184ms
183ms Script
text/plain 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 977f14a19c4adcacee64ac94d0295bedc9b7288e443f26decddaed1df3797dec

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:02 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 322199

GET
H/1.1 200
OK check.js Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 5FC5 207 KB
207 KB 232ms
181ms Script
application/javascript 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_4.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 418f872675d0c35965e96a8ac4ef404e6f754654df46e79e7bed87a974f8d3de

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:02 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 212184

GET
H/1.1 200
OK ARF;CIS3SID=23B115A663EB5F27C9D778D75B29E2E0 Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 5FC5 0
214 B 240ms
185ms Script
text/plain 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ARF;CIS3SID=23B115A663EB5F27C9D778D75B29E2E0
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_4.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:02 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 0

GET
H/1.1 200
OK clear-4.png
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 3BFD 81 B
321 B 187ms
186ms Image
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-4.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:02 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:54 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 81

GET
H/1.1 200
OK index_5.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 7CEE 89 KB
89 KB 184ms
184ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_5.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 90c2ea61e0f86375a4e623b0853e823e8806901fcbf84f05cf2d41ac859c0ec6

Request headers

Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 91164
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:03 GMT
Keep-Alive: timeout=5, max=95
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H/1.1 200
OK index_3.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 9BBB 97 B
337 B 182ms
182ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_3.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 3de2c358acd98dd93f54af55a7d89ae64cca5757d76fb95ae74db8bd63389bdd

Request headers

Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 97
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:03 GMT
Keep-Alive: timeout=5, max=93
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H/1.1 200
OK index_6.html Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 36B7 89 KB
89 KB 187ms
187ms Document
text/html 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_6.html
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 36df5adf7d1de5dfd791eb47c8ce77e0df536a1f77416602d025b06e697832bb

Request headers

Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 90783
Content-Type: text/html
Date: Sun, 21 Aug 2022 08:14:03 GMT
Keep-Alive: timeout=5, max=94
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache

GET
H/1.1 200
OK clear-7.png Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 7CEE 0
239 B 183ms
183ms Script
image/png 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-7.png
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_5.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:03 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 0

GET
H/1.1 204
204 ARF;CIS3SID=43309D518357CDA12C59B3098C33F819 Show response
content.citizensbankonline.com/fp/ Frame 5FC5 0
407 B 318ms
70ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/ARF;CIS3SID=43309D518357CDA12C59B3098C33F819?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&pageid=99998&sera_parametere=UEQIAgEAVwcHBgIFCFNWVFINDQBcUVIEAgBQBl1ZVlICDVdZXw5QBlBVUBJKEg5eWERAFUoSBSFGB3YRDiUWBQZeRgRVUlsADURHEQolFgB0BBBWfRIEVQtfR0BKRABzEwN3RA5zEAEKDQdVDgdXBgQFBQAPBFdcUwMGBghZVlJVDFQAWg8OVFsFAQAOUFcOAgITD1ZZVQBeBgABWFgEAVNXBVUNDldWVBZeRwRRSw5XAQJRXVUBV1pSVgZbVQYAD1YDUwwPVQNbAVICDQMHB1MFVAIPBARDAlkJBQlSBQEQXVxcFAYQFQoNDQ0AWAsRXl8IR1sKdQ0RX1lRHwNFCgcEAUdbWEVYNFlaUFYWQBFVVggVXU1pBgJcWFZYAlgRU0AIVwk%3D&count=0&max=0

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:04 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content.citizensbankonline.com/fp/ Frame 7CEE 0
388 B 509ms
369ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&jf=31342e6c7b603d316332636430636e6a3130653630616061616137303f6462613b333a63386466

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_5.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK detector-dom.min.js Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 7CEE 364 KB
365 KB 187ms
187ms Script
application/javascript 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 539fb8c821a40281df9376733a982048cbee054507dc38c35b9a5df712f6abc5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:03 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 373097

GET
H/1.1 200
OK detector-dom.min.js Show response
c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/ Frame 36B7 364 KB
365 KB 183ms
183ms Script
application/javascript 69.49.247.76
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.49.247.76 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 69-49-247-76.webhostbox.net
Software: Apache /
Resource Hash: 539fb8c821a40281df9376733a982048cbee054507dc38c35b9a5df712f6abc5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:03 GMT
Last-Modified: Sat, 20 Aug 2022 19:03:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 373097

GET
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 3BFD 737 B
1 KB 440ms
142ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b%3A0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pv=2&f_cls_s=true
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:05 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 428

GET
H/1.1 200
OK HP Show response
content.citizensbankonline.com/fp/ Frame 6BE9 19 KB
6 KB 141ms
141ms Document
text/html 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/HP?session_id=2f8a930e36dfe08948ecc42d265180e1&org_id=8s1rqgxh&nonce=645a976ec0449a37&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

57c3e0c629b95a85a9eed69c7d030153235a8c9a8d212ff2c75be3853d3b1968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: fi-FI
Content-Length: 5795
Content-Type: text/html;charset=UTF-8
Date: Sun, 21 Aug 2022 08:14:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
content.citizensbankonline.com/fp/ Frame 3BFD 81 B
526 B 210ms
70ms XHR
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/clear.png

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 8s1rqgxh/645a976ec0449a372f8a930e36dfe08948ecc42d265180e1
Referer: https://c1tz2n.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:05 GMT
Last-Modified: Sun, 21 Aug 2022 08:14:05 GMT
Server: Apache
Etag: 251089bb4ce844569b795adefa1606e6
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://c1tz2n.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Fri, 20 Aug 2027 08:14:05 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame 3BFD
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&k=2

0
387 B

70ms
70ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 21 Aug 2022 08:14:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA Show response
content.citizensbankonline.com/fp/ Frame C206 89 KB
13 KB 141ms
72ms Document
text/html 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/ls_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

340532914bc7424b230341090e899b8bba73b2cc73b54d9d60c8599b8d622977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 21 Aug 2022 08:14:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content.citizensbankonline.com/fp/ Frame 3BFD 0
387 B 71ms
71ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&jb=31342e6c7b633d316332636430636e6a3130653630616061616137303f6462613b333a63386466

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA Show response
h.online-metrix.net/fp/ Frame 9963 102 KB
15 KB 221ms
73ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

1d3d9a57508a4503a3cd39778091f81193d955f7689d7c124807e69830e6867c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 21 Aug 2022 08:14:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
content.citizensbankonline.com/fp/ Frame 3BFD 0
387 B 70ms
70ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&jd=37342e2662646e3d31246a64683d31313639373364626439353137653b36376263353d346a6033396061343063382e62667c6e3f323a3134303833

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 3BFD 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA Show response
content.citizensbankonline.com/fp/ Frame 64DC 88 KB
13 KB 76ms
76ms Document
text/html 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/top_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b381bc826f606a93873f57b0b983637569215c477e55add7afd2ab096d2596a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1tz2n.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 21 Aug 2022 08:14:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
content.citizensbankonline.com/fp/ Frame 3BFD 0
219 B 75ms
75ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&ja=333a3d302e24633d32247a3f30266e35313e30327a3130303224616635313630327a3932383226737a7b3d3278302e6c707a3d332e313430322e313238302c313432382c393030302e333632302c393a30382c333430322c3330303024302c30246f7c3d693a38326360636663373f6c646e64643b656338363331343f3036623b633f612e6f6e3d36247361643d3a3c2664683f6a747670712733412d32462530446b317c78326e2c616f6f25324e4b686d63696b6e654161616f75667473253044406f65674c6f636c732732465b7c756c656c764c6d616c7125324e5665686b616465446d616e71273244696e6c6d7857322c6a746f6c2466723d6074747071273b412d30462530446333747a3a662e6b6f6f27324426726e3d332e70683d353a6e3230636136606166606531393b623f333a35616730663162646a326434246a603d6b326632363562643938693c326a63643b393a343b3361313935613733366e362e68736f3f55696c646f7f7b253a303332266873603f43687a6f6d65273038313836266a716d753f5769666c6f7f7324687360753f416872676d65266c6a6b3d3c246e646f3f3824747a6c35457c63273046576e696c6f7766266d61766a7a3d3c3230336633633062656b38326d366161353430323a32616c313535363239666c3635383a33343364366d69613a346661393661646064373a333133333b3e612e723d706e77676b6e5f6e64617b6827374564616e716521786c75676b6c5777616c646f75715f6f656461695f786c637b6570253747666164736521726e7d67616c5f61666d62675f616b7a6f6a617627354766636e736529706c75656b665f797769636976696f65253d4d66696c716721726c7765696e5773686f61697f617e6725354764616e736529786c7d676b6c5f7065636e706c6979657227374d66696e736523726c77676966577664635d726c6379677025354d66616c71672970647767696c5d64677661647e722d354764616e736723706c7d67696e5d717e67577469657567722735456e696c7b6523726c77676b6c5f6a6976612537476e6164716526656e5f613d776d6a6764576760474e253032312e382532302a4d786566454c25303245512532383a2e38253032436a726d6f697565295765604544253a32474c514e253030455b2d3238312c322530302a4d706566474c2530324d532d3030474e514c2732304d5b253a30332c30273232416872676d69756f2b5f656a4969745567624969742d3a305f6560454c434e454e455f616e7374636c6b656c5d61727063797125334a2d3238455a565f606c676c645f65696e6d637a2d334a273230475a545d636f646772576277646667725d6a616c6e5f666c6d637c253b402532324758565f666467617c5f606e656c64273142253a304558565d6e7269655f646772746a25334a2d3238455a565f7168636665725774657876777a65576e6f642731422732304d50545774677a747772675d636f657072657171616f665d62707661253142253a384550545d76657a747770655f6b6f6d7070677b73616d6e5f7065746125334a2d3238455a565f76657a7675726d5f66696e766d7257636e69716d74706f70616b253b422730304758565d73524f42253340273a304747535f676e656f656e7c57696664677a5f77696c7625334a2532304d475b5f6e606f5f70676e666572576569786d63722531422730304f4d535f73766366646970645f6667726b76617c61766d732731422732324d45535774657876777a6557646c6f6376253142253a384f4d535d76657a747770655f6e6c6f61765d646966676172273142273230474d535774677a747772675d686164665f666e6d69742d31422530324f47535f7c6d787c7570675f6a616e645f66646f61745d6e616e6d63722531402530304f4d5b5f7e657076657a5f63707261715f6f6268676b742d314225303257474247445763676c6d705f60756464657257666c6f63762d334a273230554742454c5f6b676d787267717367645d7665787c7572655d637b746b2733422730305545424f445f6b6f6f727267737167645f7c65787477706d5f6d7663253140253030574d4a47445f616d6d7272677173656c5f74657a767d726d5d65746133253142253a38574d42454e5f616f6f7272657b7365645d766d787c7772655d71337663253b4a253a30554742454c5d616f6d7872657371676c5f7c6778747770655d73337c6b5f7b726560253142273030574d42474c5d666d627d655f72676c646772657a576966666d27334025303257454a474c5f66677874605d74657a76757065253b4a253a30554742454c5d6672617f5f627564646d727b2733422730305545424f445f646f71675f616f6c7665787c253342273038574d40474c5d6f756e7469576c726977333426656c5d6a3d336e66356464643c373c3264646136303565363a6a65386535366430353736363138346434303731267f656c763f4b6e76656c2d3a30416e612c2675676e703d496674656c273038497a6b732530324f72656e4f44253a30476c676b6e672463636c3d31&jb=33373d2664733d4d6d78696e6c612d3a463d2e3227323228556b6e6467777325303246542d303031322c302733422d3a305f696c3434273340273230703634292730384178726c655567624969742d3a463d33352c3334253032284b40544d4c27304b253a326c696967253030476d6b6b67292730304168706d6d652d3246313236263026373131302c313231253a38536966637069273244373337263336

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
8s1rqgxh5teklumvd75gwfs5qdniw6oylmofhnj2645a976ec0449a37sac.d.aa.online-metrix.net/fp/ Frame 3BFD 81 B
438 B 967ms
206ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8s1rqgxh5teklumvd75gwfs5qdniw6oylmofhnj2645a976ec0449a37sac.d.aa.online-metrix.net/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 158873ac-6b10-4520-8f67-a2e37d1265c2
https://c1tz2n.com/ Frame 3BFD 0
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/158873ac-6b10-4520-8f67-a2e37d1265c2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 0
Content-Type: application/javascript

GET
BLOB 200
OK ee78ac1a-8ebc-4305-ae6b-4779a43a5131
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/ee78ac1a-8ebc-4305-ae6b-4779a43a5131
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK ff54074f-d72c-4d96-ae89-189ee8bc30bb
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/ff54074f-d72c-4d96-ae89-189ee8bc30bb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK e64916c9-2ad1-4f50-b5c8-3afd4e141a8d
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/e64916c9-2ad1-4f50-b5c8-3afd4e141a8d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 02d72651-32bf-459e-91f9-da5c55a27c43
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/02d72651-32bf-459e-91f9-da5c55a27c43
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 6afe2b78-3936-4e80-bc25-2552599f0a37
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/6afe2b78-3936-4e80-bc25-2552599f0a37
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK c93092a8-0703-45b1-bf2a-3110362aa977
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/c93092a8-0703-45b1-bf2a-3110362aa977
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 55baa086-2497-4119-9c18-9ab52275991b
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/55baa086-2497-4119-9c18-9ab52275991b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 1e8db8f1-cb28-4b7f-baac-c5a30497f0e1
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/1e8db8f1-cb28-4b7f-baac-c5a30497f0e1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK f98814e0-4aaf-4922-bf89-ec92dcdf80ba
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/f98814e0-4aaf-4922-bf89-ec92dcdf80ba
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 2ccf8cae-083a-47c5-a1fd-1d55d2caf5df
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/2ccf8cae-083a-47c5-a1fd-1d55d2caf5df
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 66cdc8d2-6eb1-40aa-9f04-d761499cedf2
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/66cdc8d2-6eb1-40aa-9f04-d761499cedf2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK bb598d0b-840b-4a6a-bd9c-32fa19cf892e
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/bb598d0b-840b-4a6a-bd9c-32fa19cf892e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 63ef5b7c-c6fd-42ab-9a98-ece00f45d2f9
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/63ef5b7c-c6fd-42ab-9a98-ece00f45d2f9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 3a7e6837-70c7-4eaf-9938-74781fc7ee6e
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/3a7e6837-70c7-4eaf-9938-74781fc7ee6e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 498db6bc-0cf5-49ac-8dce-031c3af9155f
https://c1tz2n.com/ Frame 3BFD 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/498db6bc-0cf5-49ac-8dce-031c3af9155f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK b0255b4e-8d03-4025-a6b9-6933e2729df5
https://c1tz2n.com/ Frame 3BFD 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c1tz2n.com/b0255b4e-8d03-4025-a6b9-6933e2729df5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8517f981bc8c188925812af4106b859af9db9d1cc63934c489016c2876ccedbc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1357
Content-Type: application/javascript

GET
H/1.1 200
OK check.js Show response
content.citizensbankonline.com/fp/ Frame 6BE9 207 KB
29 KB 77ms
77ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/check.js?&pageid=99998&session_id=2f8a930e36dfe08948ecc42d265180e1&org_id=8s1rqgxh&nonce=645a976ec0449a37

Requested by

Host: content.citizensbankonline.com
URL: https://content.citizensbankonline.com/fp/HP?session_id=2f8a930e36dfe08948ecc42d265180e1&org_id=8s1rqgxh&nonce=645a976ec0449a37&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1a5961cc1c09efea97b21e9f2b410c361c8e17c65b9ea8b7706b09916ead9acb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://content.citizensbankonline.com/fp/HP?session_id=2f8a930e36dfe08948ecc42d265180e1&org_id=8s1rqgxh&nonce=645a976ec0449a37&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 645a976ec0449a37
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=96
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 36B7 737 B
1 KB 142ms
142ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b%3A0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pv=2&f_cls_s=true
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:05 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 428

GET
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 36B7 737 B
1 KB 280ms
142ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b%3A0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pv=2&f_cls_s=true
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:06 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 428

GET
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 7CEE 737 B
1 KB 401ms
142ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b%3A0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pv=2&f_cls_s=true
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:06 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 428

GET
H/1.1 204
No Content clear.png Show response
content.citizensbankonline.com/fp/ Frame C206 0
387 B 71ms
70ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&jf=31342e6c7b603d633130376732356c6b3438373636306639636766376933303664646d613f6361

Requested by

Host: content.citizensbankonline.com
URL: https://content.citizensbankonline.com/fp/ls_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://content.citizensbankonline.com/fp/ls_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA
content.citizensbankonline.com/fp/ Frame 3BFD 0
400 B 71ms
70ms Image
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.citizensbankonline.com/fp/clear1.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&jf=36333e267b6b645f706c643f74647a574b304c334e764e64525472703d546c562471616457666174673f31343631383e393e343724736b645d7679706d3d776560386d636c716126716b645d6b6571353338353b31303333323430373a613836363a6b653b6630323233303430383a69383e343a6165316432313031383730333630383038363837646131323463306e383e3837313636373a3438343c65333531363861383534666132303764383b3d356c3032606563353b3735613863326261346b343c323364323b343b6166696a633a3063323763333a3a39653d34653733316a346b6333396661316430663f6b63393961303037613a3535373133373867346e656c6426736b665f716967353b303c3532303232373a353862696133393a313f61303632643b32313331623838336b343236653b66316038326b6136333b3b3a62303b30396660386038616b6d643a633536326630303031303863663561663b66313465373237663239653b31623c366332303531323163643c36303733346a396d676163323a623165613d69333c343731373064673434616e26736964703530

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=E6E756E0D1443818E5D4529CF4B4875A
h.online-metrix.net/fp/ Frame 9963 0
400 B 72ms
72ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=E6E756E0D1443818E5D4529CF4B4875A?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&jf=36333e267b6b645f706c643f74647a57543a3757484b526b4d6c53655e6758522471616457666174673f31343631383e393e343724736b645d7679706d3d776560386d636c716126716b645d6b6571353338353b31303333323430373a613836363a6b653b6630323233303430383a69383e343a61653164323130313837303336303830383635316361646030346a6e653a633537303a65356038306b3937333a326961386731323a34623761623f6d32393231633537313a6436666e35353864666d353b3437656463316436313a383930363632643762366163323b616639603669653d3236313a3265646335313e646b33323a353736336463306a33346537603f376e3426736b665f716967353b303c353230323330326130363d6261383a303f653b3332346460613632316b6e623a376635323a36323762373f34393567313d313e363164313a663066626b6a343d3267323661323a3232323830326661336c323d3238376631336032376a30646e303637336765606438376964356360363b366e3a3330663036346233313b376c32323a656732606630383826736964703531

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=5941A45EA15194B14B9F32D78AD00D37 Show response
content.citizensbankonline.com/fp/ Frame 6BE9 35 B
557 B 72ms
71ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/ARF;CIS3SID=5941A45EA15194B14B9F32D78AD00D37?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&pageid=99998&sera_parametere=UEQIAgEAVwcHBgIFCFNWVFINDQBcUVIEAgBQBl1ZVlICDVdZXw5QBlBVUBJKEg5eWERAFUoSBSFGB3YRDiUWBQZeRgRVUlsADURHEQolFgB0BBBWfRIEVQtfR0BKRABzEwN3RA5zEAEKDQdVDgdXBgQFBQAPBFdcUwMGBghZVlJVDFQAWg8OVFsFAQAOUFcOAgITD1ZZVQBeBgABWFgEAVNXBVUNDldWVBZeRwRRS1QAAlFTCFQBXQcFDFINUlAEUgIFVFwFUFRaUgJXDgRXDlIDVgJbVVJDAlkJBQlSBQEQXVxcFAYQFQoNDQ0AWAsRXl8IR1sKdQ0RX1lRHwNFCgcEAUdbWEVYNFlaUFYWQBFVVggVXU1pBgJcWFZYAlgRU0AIVwk%3D&count=0&max=0

Requested by

Host: content.citizensbankonline.com
URL: https://content.citizensbankonline.com/fp/check.js?&pageid=99998&session_id=2f8a930e36dfe08948ecc42d265180e1&org_id=8s1rqgxh&nonce=645a976ec0449a37

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ad8c361fdcc970010d724d92f58c2e9fb893eff5f0a7cd3291aaec66ed8c6be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://content.citizensbankonline.com/fp/HP?session_id=2f8a930e36dfe08948ecc42d265180e1&org_id=8s1rqgxh&nonce=645a976ec0449a37&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=94
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
content.citizensbankonline.com/fp/ Frame 3BFD 0
387 B 70ms
70ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/clear.png?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&jac=1&je=30323c262e7565693f3339362e333c26313b342c33343426726f3d796d73266263767b74352737422730326e65766d64253a32273141332e323225324b253232717669747d7125323027334325323a6b686972656b6e6525303025374c266175666a3563693562396734653438316b6b616b366430613563333b32393b36333434603d633b3337393460346638646c3c383e303231386465366430336e636438363731266d7a333d603531323462393a393b383b66343536313163633c3536313a346d333a6465633460663b34313f6d

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 08:14:06 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 3BFD 737 B
1 KB 142ms
142ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b:0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pid=d27b9410-5711-4182-8d4e-72b1e5024673&sn=1&cfg&pv=2&aid=
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326

Request headers

Referer: https://c1tz2n.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 21 Aug 2022 08:14:06 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 428

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 36B7 737 B
1 KB 142ms
142ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b:0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pid=1172a33e-ca8c-4899-9564-bb6ee3ba1c2e&sn=1&cfg&pv=2&aid=
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326

Request headers

Referer: https://c1tz2n.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 21 Aug 2022 08:14:07 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 428

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 36B7 737 B
1 KB 147ms
147ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b:0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pid=1172a33e-ca8c-4899-9564-bb6ee3ba1c2e&sn=2&cfg&pv=2&aid=
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326

Request headers

Referer: https://c1tz2n.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 21 Aug 2022 08:14:07 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 428

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 36B7 145 B
915 B 142ms
142ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b:0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pid=1172a33e-ca8c-4899-9564-bb6ee3ba1c2e&sn=3&cfg=27baeec&pv=2&aid=
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: 72b68bb96e04b51a353c4f666985082469ff622fc05d32f805532d4edbb6c3c9

Request headers

Referer: https://c1tz2n.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 21 Aug 2022 08:14:07 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 138

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 7CEE 737 B
1 KB 148ms
147ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b:0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pid=9501e1be-f40f-4dc2-85a9-fdbd5e394354&sn=1&cfg&pv=2&aid=
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326

Request headers

Referer: https://c1tz2n.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 21 Aug 2022 08:14:07 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 428

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 7CEE 145 B
915 B 148ms
147ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b:0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pid=9501e1be-f40f-4dc2-85a9-fdbd5e394354&sn=2&cfg=27baeec&pv=2&aid=
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: 72b68bb96e04b51a353c4f666985082469ff622fc05d32f805532d4edbb6c3c9

Request headers

Referer: https://c1tz2n.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 21 Aug 2022 08:14:07 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 138

GET
H/1.1 204
204 clear3.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA Show response
content.citizensbankonline.com/fp/ Frame 3BFD 0
218 B 70ms
70ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.citizensbankonline.com/fp/clear3.png;CIS3SID=64036E5751E4033E7EFD788B0D6930CA?org_id=8s1rqgxh&session_id=2f8a930e36dfe08948ecc42d265180e1&nonce=645a976ec0449a37&je=333730267a663d267066743f36333b3b3325313732302e353b32302d393530302e373130392f313532322c3739303a25313d30322e353b30312f313538302c33313a312d393730302e373937302d393d30382c373b33332d33373030243539333b2f393538322c363231392f313538382c3d3936362d333532322c363834302d33373830243732373b2f31373030243f303f302f333532302e3031313a2d31353232

Requested by

Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/check.js;CIS3SID=64036E5751E4033E7EFD788B0D6930CA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c1tz2n.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 08:14:07 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ Frame 3BFD 145 B
915 B 148ms
147ms XHR
application/json 52.4.227.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.04B137&_cls_s=60f7bb85-5c0f-4b23-ace7-e085577ad60b:0&_cls_v=dc523c36-7c8f-4983-9166-28cd6a1d78c5&pid=d27b9410-5711-4182-8d4e-72b1e5024673&sn=2&cfg=27baeec&pv=2&aid=
Requested by: Host: c1tz2n.com
URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.227.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-227-205.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: 72b68bb96e04b51a353c4f666985082469ff622fc05d32f805532d4edbb6c3c9

Request headers

Referer: https://c1tz2n.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 21 Aug 2022 08:14:07 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://c1tz2n.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 138

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD	1969-12-31 23:59:59	Name: _cls_cfgver Value: 27baeec
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD	1969-12-31 23:59:59	Name: _cls_s Value: 60f7bb85-5c0f-4b23-ace7-e085577ad60b:0
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD	1969-12-31 23:59:59	Name: _cls_v Value: dc523c36-7c8f-4983-9166-28cd6a1d78c5
.c1tz2n.com/	1970-01-20 15:00:29	Name: _cls_v Value: dc523c36-7c8f-4983-9166-28cd6a1d78c5
.c1tz2n.com/	1969-12-31 23:59:59	Name: _cls_s Value: 60f7bb85-5c0f-4b23-ace7-e085577ad60b:0
h.online-metrix.net/	1970-01-20 15:00:29	Name: thx_global_guid Value: ab57b20c2ec14b82b566957c3d9f7836
report.citizen.glassboxdigital.io/	1970-01-20 05:34:34	Name: AWSALBCORS Value: CQBMeqU/aS1S5YV6zZ7lz9CJFnPcukS4xeu8vc0/nUbktv4UveCE2V6/3LoDNBx+J+q3IJdMXO0/KEFrXh96tp8iIIkiTqHWig+4X0KqqZw0O7J278wLHSqbTGn2

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_9.html(Line 11) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www3.citizensbankonline.com') does not match the recipient window's origin ('https://c1tz2n.com').
network	error	URL: https://c.go-mpulse.net/api/config.json?key=A9397-AA2WQ-WQN9E-BBVTK-Y8BXE.js&d=c1tz2n.com&t=5536899&v=1.720.0&if=&sl=0&si=5331977d-140f-4936-8d05-5e852bccac11-rgyhjd&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html Message: Refused to execute script from 'https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-9.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html Message: Refused to execute script from 'https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html Message: Refused to execute script from 'https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-1.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html Message: Refused to execute script from 'https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-3.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html Message: Refused to execute script from 'https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-2.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html Message: Refused to execute script from 'https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-6.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_5.html Message: Refused to execute script from 'https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/clear-7.png' because its MIME type ('image/png') is not executable.
javascript	error	URL: https://c1tz2n.com/CheckingAccounts/HomeLoans/StudentLoans/VehicleLoans/index_2.html Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://c1tz2n.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
worker	warning	URL: blob:https://c1tz2n.com/ee78ac1a-8ebc-4305-ae6b-4779a43a5131(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:63333/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/1e8db8f1-cb28-4b7f-baac-c5a30497f0e1(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5931/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/e64916c9-2ad1-4f50-b5c8-3afd4e141a8d(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5901/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/66cdc8d2-6eb1-40aa-9f04-d761499cedf2(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5944/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/2ccf8cae-083a-47c5-a1fd-1d55d2caf5df(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6039/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/55baa086-2497-4119-9c18-9ab52275991b(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5950/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/f98814e0-4aaf-4922-bf89-ec92dcdf80ba(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5939/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/bb598d0b-840b-4a6a-bd9c-32fa19cf892e(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6040/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/6afe2b78-3936-4e80-bc25-2552599f0a37(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5903/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/02d72651-32bf-459e-91f9-da5c55a27c43(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5902/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/63ef5b7c-c6fd-42ab-9a98-ece00f45d2f9(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5279/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/498db6bc-0cf5-49ac-8dce-031c3af9155f(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:2112/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/ff54074f-d72c-4d96-ae89-189ee8bc30bb(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5900/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/3a7e6837-70c7-4eaf-9938-74781fc7ee6e(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:7070/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://c1tz2n.com/c93092a8-0703-45b1-bf2a-3110362aa977(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:3389/' failed: WebSocket is closed before the connection is established.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8s1rqgxh5teklumvd75gwfs5qdniw6oylmofhnj2645a976ec0449a37sac.d.aa.online-metrix.net
ajax.aspnetcdn.com
c.go-mpulse.net
c1tz2n.com
cdnjs.cloudflare.com
code.jquery.com
content.citizensbankonline.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
report.citizen.glassboxdigital.io
stackpath.bootstrapcdn.com
www.citizensbank.com
www3.citizensbankonline.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
152.199.19.160
185.32.241.65
192.225.158.3
2001:4de0:ac18::1:a:1a
2606:4700::6811:180e
2606:4700::6812:bcf
2a02:26f0:4700:2b1::11a6
2a02:26f0:e300:184::1f37
2a02:26f0:e300:188::17c7
52.4.227.205
69.49.247.76
91.235.132.130
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a5961cc1c09efea97b21e9f2b410c361c8e17c65b9ea8b7706b09916ead9acb
1ba892e6c4d359ea88c591787db7bed25de2e3a8ec6161ea28b6f13c68785498
1d3d9a57508a4503a3cd39778091f81193d955f7689d7c124807e69830e6867c
25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
336792a9a3d8f9eca64a522bec879e756512dba26226e07fec0ae5ba41ead241
340532914bc7424b230341090e899b8bba73b2cc73b54d9d60c8599b8d622977
362f4fe71926dcffacb8384f490f8ab47d7fc619f35c3d077f7d1e5cb5785524
36df5adf7d1de5dfd791eb47c8ce77e0df536a1f77416602d025b06e697832bb
3de2c358acd98dd93f54af55a7d89ae64cca5757d76fb95ae74db8bd63389bdd
418f872675d0c35965e96a8ac4ef404e6f754654df46e79e7bed87a974f8d3de
4b9ef84e8d1ddeab158c0ee1572c31402485b419765e739acd981fde0cc1a902
539fb8c821a40281df9376733a982048cbee054507dc38c35b9a5df712f6abc5
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
57c3e0c629b95a85a9eed69c7d030153235a8c9a8d212ff2c75be3853d3b1968
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
5c6053df3509f8109509b18f349a313c4ea45e9dfde8bbd82b1a3718e99dc6db
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
66a13cad6c244da4061da65fd2fbf027bf1bb49e21c42f5e7c943a9379f1e7c4
713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949
72b68bb96e04b51a353c4f666985082469ff622fc05d32f805532d4edbb6c3c9
7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
8517f981bc8c188925812af4106b859af9db9d1cc63934c489016c2876ccedbc
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8bcecbd1eeb6e999bc9583d1e35c12a74d044dba44ee22e185e138f05ca05414
90c2ea61e0f86375a4e623b0853e823e8806901fcbf84f05cf2d41ac859c0ec6
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
977f14a19c4adcacee64ac94d0295bedc9b7288e443f26decddaed1df3797dec
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
ad8c361fdcc970010d724d92f58c2e9fb893eff5f0a7cd3291aaec66ed8c6be6
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
b381bc826f606a93873f57b0b983637569215c477e55add7afd2ab096d2596a0
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
c97e17fbc4a1420dd6328eed0072163f16c96b76f09c1f8da8b55cd4b7ecb05c
cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9
cf82e79b8bb096812095ae48ed7f1371108afc393eb3599df944bec83130200c
d0663c8ff1f65e090dec80bb83d95485692037adf7c2330983906744f366b7e1
d7534d43fa9e57cd62b0967c8a33395cf16c37c79f3048219925f28a658f6033
dc6708ff3ac298eead5e1b8d743641b5e45247dec6bdfbf3d23c3cc7a5c07460
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
e142dc379b824a0970bae4bcba1d1d16359be51a146ca066d7389e6a5157d8db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
f2727e5ab48e59a9075b781f0b1936374c455b865144942901e77998d861a326
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

c1tz2n.com Open in urlscan Pro 69.49.247.76 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

83 %HTTPS

50 %IPv6

11 Domains

13 Subdomains

13 IPs

3 Countries

2586 kBTransfer

3320 kBSize

7 Cookies

51 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

c1tz2n.com Open in urlscan Pro
69.49.247.76 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

83 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

2586 kB
Transfer

3320 kB
Size

7
Cookies

114 HTTP transactions
0 data transactions