www.citizens242477bnm.dd-dns.de Open in urlscan Pro
185.185.40.108 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.citizens242477bnm.dd-dns.de/
Submission: On August 25 via manual (August 25th 2022, 3:22:49 pm UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 7 domains to perform 54 HTTP transactions. The main IP is 185.185.40.108, located in Amsterdam, Netherlands and belongs to HOSTUS-GLOBAL-AS HostUS, HK. The main domain is www.citizens242477bnm.dd-dns.de.
TLS certificate: Issued by R3 on August 24th 2022. Valid for: 3 months.

This is the only time www.citizens242477bnm.dd-dns.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	185.185.40.108 185.185.40.108	7489 (HOSTUS-GL...) (HOSTUS-GLOBAL-AS HostUS)
28	2a02:26f0:6c0... 2a02:26f0:6c00:29c::17c7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:dc:... 2a02:26f0:dc:29d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
7	178.249.101.98 178.249.101.98	11054 (LIVEPERSON) (LIVEPERSON)
1 2	193.108.153.12 193.108.153.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
54	12

2 185.185.40.108 (Amsterdam, Netherlands)

ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK)

www.citizens242477bnm.dd-dns.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:26f0:6c00:29c::17c7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www3.citizensbankonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179911.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:29d::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.249.101.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.12 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-12.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	citizensbankonline.com www3.citizensbankonline.com — Cisco Umbrella Rank: 113240	309 KB
10	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 2964 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3411	412 KB
6	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3049 va.idp.liveperson.net — Cisco Umbrella Rank: 10514 va.v.liveperson.net — Cisco Umbrella Rank: 3427	119 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1676 eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1673 fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net	1 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1188 c.go-mpulse.net — Cisco Umbrella Rank: 554	51 KB
2	dd-dns.de www.citizens242477bnm.dd-dns.de	10 KB
1	akstat.io 02179911.akstat.io — Cisco Umbrella Rank: 64647	214 B
54	7

	Domain	Requested by
28	www3.citizensbankonline.com	www.citizens242477bnm.dd-dns.de www3.citizensbankonline.com
7	lpcdn.lpsnmedia.net	lptag.liveperson.net
3	accdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
2	va.v.liveperson.net	lptag.liveperson.net
2	va.idp.liveperson.net	lptag.liveperson.net va.idp.liveperson.net
2	lptag.liveperson.net	www.citizens242477bnm.dd-dns.de
2	www.citizens242477bnm.dd-dns.de	www.citizens242477bnm.dd-dns.de
1	fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	02179911.akstat.io	s.go-mpulse.net
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	www.citizens242477bnm.dd-dns.de
54	14

This site contains links to these domains. Also see Links.

Domain
jobs.citizensbank.com
www3.citizensbankonline.com
www.citizensbank.com

Subject Issuer	Validity	Valid
citizens242477bnm.dd-dns.de R3	`2022-08-24` - `2022-11-22`	3 months	crt.sh
citizensbankonline.com Entrust Certification Authority - L1M	`2022-04-13` - `2023-04-13`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-03-22` - `2023-03-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.citizens242477bnm.dd-dns.de/
Frame ID: 691CC2D47E859405C991E35A2EFC3167
Requests: 46 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Frame ID: C6743DB0663E0658C3A28CDE12ED287E
Requests: 4 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de&site=89632304&env=prod&isCrossDomain=true
Frame ID: D9480997AB22B7A32A21C056E823FF49
Requests: 2 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1661440966306&loc=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de
Frame ID: 8FA674710E2C0FEDEDB1CD84D28510A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Login | Citizens

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

91 %
HTTPS

42 %
IPv6

7
Domains

14
Subdomains

12
IPs

4
Countries

902 kB
Transfer

2601 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://jobs.citizensbank.com/?utm_source=OT&utm_medium=Consumer_Marketing&utm_campaign=RM_CustomerMkt_OLB&utm_term=&utm_content=Other
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www3.citizensbankonline.com/efs/ui/tli/index.html
Title: Trouble logging in?

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/
Title: Cancel

Search URL Search Domain Scan URL

URL: https://www3.citizensbankonline.com/efs/ui/enrollment/index.html
Title: Enroll Now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p6bhcx15z HTTP 302
https://eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 47

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p6bhcx15z HTTP 302
https://fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net/eum/results.txt

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.citizens242477bnm.dd-dns.de/ 32 KB
10 KB 63ms
15ms Document
text/html 185.185.40.108
HOSTUS-GLOBAL-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citizens242477bnm.dd-dns.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.40.108 Amsterdam, Netherlands, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK),
Reverse DNS
Software: nginx /
Resource Hash: 4d30da3c42fae4c60b2f34381e834f70bbf133efb03c07f5490bdeb60fa9bfa3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 9680
Content-Type: text/html
Date: Thu, 25 Aug 2022 15:22:42 GMT
ETag: "7f58-5e6fb7d5054d4-gzip"
Last-Modified: Wed, 24 Aug 2022 12:04:57 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 404 Bootstrap.js
www3.citizensbankonline.com//nexus.ensighten.com/citizensbank/olbprod/ 0
0 1732ms
1189ms Script
text/html 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.citizensbankonline.com//nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
Requested by: Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 pm_fp.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/ 23 KB
6 KB 643ms
101ms Script
application/x-javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/pm_fp.js

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

c6fbe2de716de3100ada73ac3cd1f0c52d3bcd0957ae1623c2abd1c94e91e21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5739
x-olb-req-received: t=1661071358979380
last-modified: Sun, 21 Aug 2022 08:46:15 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "5cbf-5e6a22eac403f"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:05:35 GMT
cache-control: max-age=13372
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=973

GET
H2 200 jquery-ui-1.10.3.custom.min.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 19 KB
3 KB 603ms
61ms Stylesheet
text/css 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3118
x-olb-req-received: t=1661071350492777
last-modified: Sun, 21 Aug 2022 08:44:05 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "4a56-5e6a22eac403f"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 18:56:52 GMT
cache-control: max-age=12849
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=700

GET
H2 200 normalize.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 10 KB
3 KB 681ms
139ms Stylesheet
text/css 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=61
content-length: 2300
x-olb-req-received: t=1661071350302673
last-modified: Sun, 21 Aug 2022 10:17:36 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "26c2-5e6a22eacc26f"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:05:45 GMT
cache-control: max-age=13382
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=536

GET
H2 200 main.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 61 KB
11 KB 616ms
74ms Stylesheet
text/css 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

66a13cad6c244da4061da65fd2fbf027bf1bb49e21c42f5e7c943a9379f1e7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 10382
x-olb-req-received: t=1661071350706232
last-modified: Sun, 21 Aug 2022 10:35:36 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "f405-5e6a22eacc26f"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:10:21 GMT
cache-control: max-age=13658
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=2230

GET
H2 200 flows.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 8 KB
2 KB 681ms
139ms Stylesheet
text/css 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=50
content-length: 1975
x-olb-req-received: t=1661071350354100
last-modified: Sun, 21 Aug 2022 08:43:19 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "21ce-5e6a22eac3487"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 18:56:52 GMT
cache-control: max-age=12849
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=541

GET
H2 200 ad-containers.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 7 KB
2 KB 682ms
140ms Stylesheet
text/css 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=44
content-length: 1227
x-olb-req-received: t=1661071349081271
last-modified: Sun, 21 Aug 2022 10:35:52 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "1dd4-5e6a22eacb2cf"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: text/css
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:12:16 GMT
cache-control: max-age=13773
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=434

GET
H2 200 modernizr-2.6.2.min.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 15 KB
6 KB 682ms
141ms Script
application/x-javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=26
content-length: 5535
x-olb-req-received: t=1661071365640737
last-modified: Sun, 21 Aug 2022 09:54:22 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "3c36-5e6a22eac4bf7"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:40:11 GMT
cache-control: max-age=15448
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=774

GET
H2 200 plugins.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 199 KB
38 KB 668ms
127ms Script
application/x-javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 38875
x-olb-req-received: t=1661071350316871
last-modified: Sun, 21 Aug 2022 08:47:50 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "31d24-5e6a22eac922b"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:05:38 GMT
cache-control: max-age=13375
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=8318

GET
H2 200 main.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 19 KB
4 KB 690ms
149ms Script
application/x-javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=15
content-length: 3967
x-olb-req-received: t=1661071350586423
last-modified: Sun, 21 Aug 2022 10:47:24 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "4c03-5e6a22eacce27"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:05:35 GMT
cache-control: max-age=13372
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=758

GET
H2 200 placeholders.min.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 4 KB
2 KB 689ms
148ms Script
application/x-javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=21
content-length: 1394
x-olb-req-received: t=1661071349221432
last-modified: Sun, 21 Aug 2022 10:36:21 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "10aa-5e6a22eacce27"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 18:56:52 GMT
cache-control: max-age=12849
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=399

GET
H2 200 citizens-logo-sm.png
www3.citizensbankonline.com//efs/efs/grafx/ 3 KB
3 KB 17ms
17ms Image
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com//efs/efs/grafx/citizens-logo-sm.png

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61ab87df5a701ac0749d98660ebbdca021127991d12c2f79cdd723f8a96ecd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
x-olb-req-received: t=1661077381106082
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "ae9-5e6a235cad827"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=241302
x-olb-req-duration: D=121
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2793
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 10:24:25 GMT

GET
H2 200 citizens-logo-sm.png
www3.citizensbankonline.com/efs/efs/grafx/ 3 KB
3 KB 46ms
46ms Image
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/citizens-logo-sm.png

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61ab87df5a701ac0749d98660ebbdca021127991d12c2f79cdd723f8a96ecd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
x-olb-req-received: t=1661077381106082
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "ae9-5e6a235cad827"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=241302
x-olb-req-duration: D=121
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2793
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 10:24:25 GMT

GET
H2 200 citizens-logo-sm.png Show response
www3.citizensbankonline.com//efs/efs/grafx/ 3 KB
3 KB 17ms
17ms Script
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com//efs/efs/grafx/citizens-logo-sm.png

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba02f5969cb4d8ebdf3cc73fe8acd5ebd8ebeeb8dae4e08073b299fd58b80974

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
x-olb-req-received: t=1661077381106082
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "ae9-5e6a235cad827"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=241302
x-olb-req-duration: D=121
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2793
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 10:24:25 GMT

GET
H2 200 wuEjoFLFQ Show response
www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/ 188 KB
73 KB 14ms
14ms Script
application/javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

40eb55feb6485a08a812a15e9c464bc5ab3b111849e3d49a41d683343ee583cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 13:25:50 GMT
etag: "b1fbafbb19e6a354988fb6e7e8072e707b4f52bef9b86c4d172f28d5c8a14c62"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
content-length: 72953
lb-action: None
expires: Sat, 24 Sep 2022 04:31:53 GMT, 0

GET
H/1.1 404
Not Found sec-3-6.css
www.citizens242477bnm.dd-dns.de/_sec/cp_challenge/ 0
0 14ms
14ms Stylesheet
text/html 185.185.40.108
HOSTUS-GLOBAL-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citizens242477bnm.dd-dns.de/_sec/cp_challenge/sec-3-6.css
Requested by: Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.185.40.108 Amsterdam, Netherlands, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 15:22:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 12:01:43 GMT
Server: nginx
ETag: W/"5b0-5e6fb71c6a46b"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 sec-cpt-3-6.js Show response
www3.citizensbankonline.com/_sec/cp_challenge/ 10 KB
4 KB 12ms
12ms Script
application/javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/_sec/cp_challenge/sec-cpt-3-6.js

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

05b1cf5bf5ccce6868ffd66fb866bbaa3083ee1960776ed96fc7ad73edc15f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 22:46:44 GMT
etag: "4724a5413e7eeb6a7ea3e708b5ec5140344e1b2beaefe78ca56625b328570ee0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21130
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=15768000
content-length: 3547
lb-action: None
expires: Thu, 25 Aug 2022 21:14:53 GMT

GET
H2 200 common.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 5 KB
2 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/common.js

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

e8c5013c999bee8dd455c1ac01133c69dd9aa06b34a7397bdff291c5ecbdc84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:43 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1356
x-olb-req-received: t=1661071350312887
last-modified: Sun, 21 Aug 2022 08:46:52 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "12f5-5e6a22eac4427"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:10:21 GMT
cache-control: max-age=13658
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=337

GET
H2 200 citizen_roman.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 31 KB
32 KB 42ms
22ms Font
application/octet-stream 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://www.citizens242477bnm.dd-dns.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071489662077
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "7ce0-5e6a22eac8673"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=235350
x-olb-req-duration: D=165
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 31968
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:45:14 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 90 KB
29 KB 20ms
20ms Script
application/x-javascript 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.citizens242477bnm.dd-dns.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
content-encoding: br
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 29409
x-olb-req-received: t=1661071567584171
last-modified: Sun, 21 Aug 2022 08:47:02 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
etag: "169d6-5e6a22eac4427"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 25 Aug 2022 19:05:36 GMT
cache-control: max-age=13372
accept-ranges: bytes
lb-action: None, None
x-olb-req-duration: D=4702

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 150ms
22ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=89632304

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 A9397-AA2WQ-WQN9E-BBVTK-Y8BXE Show response
s.go-mpulse.net/boomerang/ Frame C674 205 KB
50 KB 32ms
8ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Requested by: Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
content-encoding: br
last-modified: Sat, 13 Aug 2022 08:24:22 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 citizens-logo-sm.png
www3.citizensbankonline.com//efs/efs/grafx/ 3 KB
3 KB 17ms
17ms Image
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com//efs/efs/grafx/citizens-logo-sm.png

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61ab87df5a701ac0749d98660ebbdca021127991d12c2f79cdd723f8a96ecd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661077381106082
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "ae9-5e6a235cad827"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=241301
x-olb-req-duration: D=121
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2793
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 10:24:25 GMT

POST wuEjoFLFQ
www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/ 0
0

GET
H2 200 icon-secure.png
www3.citizensbankonline.com/efs/efs/grafx/ 292 B
603 B 36ms
36ms Image
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071360103412
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "124-5e6a235cc1227"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=235199
x-olb-req-duration: D=164
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 292
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:42:43 GMT

GET
H2 200 flows-tooltip.png
www3.citizensbankonline.com/efs/efs/grafx/ 364 B
677 B 41ms
40ms Image
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071376156202
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "16c-5e6a235cbab17"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=235179
x-olb-req-duration: D=165
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 364
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:42:23 GMT

GET
H2 200 arrow-button-white.png
www3.citizensbankonline.com/efs/efs/grafx/ 1017 B
1 KB 54ms
54ms Image
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071381313898
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "3f9-5e6a235ca4d20"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=235332
x-olb-req-duration: D=115
server-timing: cdn-cache; desc=HIT, edge; dur=4
content-length: 1017
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:44:56 GMT

GET
H2 200 arrow-down-blue.png
www3.citizensbankonline.com/efs/efs/grafx/ 1 KB
1 KB 66ms
66ms Image
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071381524387
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "41e-5e6a235ca4f6f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=235138
x-olb-req-duration: D=137
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 1054
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:41:42 GMT

GET
H2 200 arrow-right-orange.png
www3.citizensbankonline.com/efs/efs/grafx/ 165 B
477 B 69ms
69ms Image
image/png 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071359982128
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "a5-5e6a235ca5108"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=235278
x-olb-req-duration: D=117
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 165
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:44:02 GMT

GET
H2 200 citiolb_icons.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 18 KB
18 KB 28ms
28ms Font
application/octet-stream 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://www.citizens242477bnm.dd-dns.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071381781706
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "485c-5e6a22eac7abb"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=235121
x-olb-req-duration: D=169
server-timing: cdn-cache; desc=HIT, edge; dur=11
content-length: 18524
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:41:25 GMT

GET
H2 200 citizen_extrabold.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 27 KB
28 KB 44ms
43ms Font
application/octet-stream 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://www.citizens242477bnm.dd-dns.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071381090338
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "6ccc-5e6a22eac828b"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=235167
x-olb-req-duration: D=165
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 27852
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:42:11 GMT

GET
H2 200 citizen_book.woff
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/ 31 KB
31 KB 36ms
36ms Font
application/octet-stream 2a02:26f0:6c00:29c::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29c::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css
Origin: https://www.citizens242477bnm.dd-dns.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
x-olb-req-received: t=1661071381611011
last-modified: Sat, 20 Aug 2022 01:32:05 GMT
etag: "7c78-5e6a22eac386f"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=235293
x-olb-req-duration: D=162
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 31864
strict-transport-security: max-age=15768000
accept-ranges: bytes
lb-action: None
expires: Sun, 28 Aug 2022 08:44:17 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame C674 804 B
1 KB 131ms
45ms XHR
application/json 2a02:26f0:dc:29d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=A9397-AA2WQ-WQN9E-BBVTK-Y8BXE&d=www.citizens242477bnm.dd-dns.de&t=5538137&v=1.720.0&if=&sl=0&si=e8f88c76-eac0-4bdc-be07-cc460f9e541d-rh6g1v&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=354307
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:29d::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e9b0dc5444f928e5907fd150f1582136cbeba521e619fa1c43a4346ec7a1347f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Aug 2022 15:22:44 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 804
Content-Type: application/json

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/ 286 KB
102 KB 27ms
27ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: www.citizens242477bnm.dd-dns.de
URL: https://www.citizens242477bnm.dd-dns.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

cc74e62602bc17bc76701d9dd60ded069967f2d5be2cb264da1cdbd5556a4009

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/ 7 KB
3 KB 179ms
43ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

8a1cceddce9450beca0ca70232dc3568845ee0a3f688225f76450aa8f4a83205

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 25 Aug 2022 15:23:45 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 39 KB
15 KB 282ms
40ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ui-framework.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:13 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Aug 2023 15:22:45 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 88 KB
30 KB 282ms
41ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/UMSClientAPI.min.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:01 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Aug 2023 15:22:45 GMT

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 92 KB
31 KB 295ms
54ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/lpChatV3.min.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:14 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Aug 2023 15:22:45 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 8 KB
3 KB 348ms
107ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/surveylogicinstance.min.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:02 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Aug 2023 15:22:45 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/ 949 KB
296 KB 307ms
66ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.0.17-release_5509/desktopEmbedded.js?version=10.20.0.17-release_5509

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

3600d4b55268d653164c62182d2980e1a4a744567dfea98ec0b695ecf7d93793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:08:14 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Aug 2023 15:22:45 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/ 5 KB
2 KB 155ms
24ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

74e961c048250ced0c8a2baa30255a7f0687bc65e81fb4f0eb3318b686faadf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 25 Aug 2022 15:23:45 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/ Frame D948 39 KB
16 KB 68ms
27ms Document
text/html 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de&site=89632304&env=prod&isCrossDomain=true

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.citizens242477bnm.dd-dns.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Thu, 25 Aug 2022 15:22:45 GMT
expires: Fri, 25 Aug 2023 15:22:45 GMT
last-modified: Mon, 08 Aug 2022 03:16:03 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/ 37 KB
15 KB 144ms
106ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de&site=89632304&force=1&env=prod&isCrossDomain=true

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Aug 2023 15:22:45 GMT

POST wuEjoFLFQ
www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/ 0
0

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/ Frame D948 650 B
1 KB 60ms
60ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb64269x15324

Requested by

Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de&site=89632304&env=prod&isCrossDomain=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

ce22b1c052dbdd929e977fc49105dc384961716c6d1a5d9f81a527b2579cfea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 37
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 25 Aug 2022 15:23:45 GMT

POST
H2 204 /
02179911.akstat.io/ 0
214 B 76ms
21ms Ping
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179911.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/A9397-AA2WQ-WQN9E-BBVTK-Y8BXE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.citizens242477bnm.dd-dns.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 15:22:45 GMT
content-type: image/gif
access-control-allow-origin: https://www.citizens242477bnm.dd-dns.de
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Thu, 25 Aug 2022 15:22:45 GMT

GET
H/1.1

200
OK

results.txt Show response
eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net/eum/ Frame C674
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p6bhcx15z
https://eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

194ms
7ms

XHR
text/plain

193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 15:22:45 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Thu, 25 Aug 2022 15:22:45 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net/eum/ Frame C674
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p6bhcx15z
https://fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

94ms
6ms

XHR
text/plain

2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 15:22:45 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net/eum/results.txt
Date: Thu, 25 Aug 2022 15:22:45 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

POST wuEjoFLFQ
www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/ 0
0

GET
H2 200 postmessage.min.html Show response
va.idp.liveperson.net/postmessage/ Frame 8FA6 11 KB
5 KB 388ms
93ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1661440966306&loc=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.idp.liveperson.net
Software: ws /
Resource Hash: c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183

Request headers

Referer: https://www.citizens242477bnm.dd-dns.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Thu, 25 Aug 2022 15:22:46 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws

POST
H2 200 authorize Show response
va.idp.liveperson.net/api/account/89632304/anonymous/ Frame 8FA6 678 B
1 KB 231ms
231ms XHR
application/json 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/api/account/89632304/anonymous/authorize?__d=58681

Requested by

Host: va.idp.liveperson.net
URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1661440966306&loc=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

f85f36283eb03e1d2806c24967f117faa126c25fea621e191fa6866147c5085c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

LP-DOMAIN-REFERER: https://www.citizens242477bnm.dd-dns.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: */*
Referer: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1661440966306&loc=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de
X-Requested-With: XMLHttpRequest
LP-URL: https://www.citizens242477bnm.dd-dns.de/

Response headers

date: Thu, 25 Aug 2022 15:22:46 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
content-type: application/json
access-control-allow-origin: https://va.idp.liveperson.net
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
content-length: 678

GET
H2 200 89632304 Show response
va.v.liveperson.net/api/js/ 236 B
1 KB 524ms
181ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/89632304?&cb=lpCb31276x47577&t=sp&ts=1661440966300&pid=9055906388&tid=4274836362&pt=Online%20Login%20%7C%20Citizens&u=https%3A%2F%2Fwww.citizens242477bnm.dd-dns.de%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%2236142cf5-81ff-48a9-942c-f581ff48a909%22%2C%22account%22%3A%2289632304%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 3aa953f8e61d2c8fa02cadc03cf6503dd15d8d56485b5cb6a46ff4ddb51fa7be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:47 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 89632304 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 93ms
92ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/89632304?sid=Y_OGpgWxR4GQ1GDjMp_Xkg&cb=lpCb82877x86033&t=pl&ts=1661440967039&pid=9055906388&tid=4274836362&vid=QzYzUyNmQ4ZTA1NGJmNGYz
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: df623b8c628ea3922f8fe326028e8a3e7024f3dab3886b292f93f667bd6e92d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.citizens242477bnm.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:22:47 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ

Domain: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ

Domain: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.citizens242477bnm.dd-dns.de/_sec/cp_challenge/sec-3-6.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www3.citizensbankonline.com//nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.citizens242477bnm.dd-dns.de/(Line 111) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.citizens242477bnm.dd-dns.de/(Line 111) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://www.citizens242477bnm.dd-dns.de/ Message: Refused to execute script from 'https://www3.citizensbankonline.com//efs/efs/grafx/citizens-logo-sm.png' because its MIME type ('image/png') is not executable.
javascript	error	URL: https://www.citizens242477bnm.dd-dns.de/ Message: Access to XMLHttpRequest at 'https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ' from origin 'https://www.citizens242477bnm.dd-dns.de' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.citizens242477bnm.dd-dns.de/ Message: Access to XMLHttpRequest at 'https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ' from origin 'https://www.citizens242477bnm.dd-dns.de' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.citizens242477bnm.dd-dns.de/ Message: Access to XMLHttpRequest at 'https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ' from origin 'https://www.citizens242477bnm.dd-dns.de' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www3.citizensbankonline.com/MfYFsy/boU4_P/Us8w/kvBbtL/fB/auimzmk0/JSlObhhbAQ/dQ/wuEjoFLFQ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179911.akstat.io
accdn.lpsnmedia.net
c.go-mpulse.net
eu5dsbgbnsmqyyyhspcq-p6bhcx-dc01c0028-clientnsv4-s.akamaihd.net
fiaazgbagcqaikqce3ydkaaaczrqpe6f-p6bhcx-62adb4b66-clienttons-s.akamaihd.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
s.go-mpulse.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
va.idp.liveperson.net
va.v.liveperson.net
www.citizens242477bnm.dd-dns.de
www3.citizensbankonline.com
www3.citizensbankonline.com
178.249.101.98
178.249.97.23
178.249.97.99
185.185.40.108
193.108.153.12
208.89.12.87
208.89.15.170
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:6c00:29c::17c7
2a02:26f0:6c00:2b9::11a6
2a02:26f0:dc:29d::11a6
05b1cf5bf5ccce6868ffd66fb866bbaa3083ee1960776ed96fc7ad73edc15f83
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
3600d4b55268d653164c62182d2980e1a4a744567dfea98ec0b695ecf7d93793
3aa953f8e61d2c8fa02cadc03cf6503dd15d8d56485b5cb6a46ff4ddb51fa7be
40eb55feb6485a08a812a15e9c464bc5ab3b111849e3d49a41d683343ee583cc
4d30da3c42fae4c60b2f34381e834f70bbf133efb03c07f5490bdeb60fa9bfa3
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
61ab87df5a701ac0749d98660ebbdca021127991d12c2f79cdd723f8a96ecd5a
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66a13cad6c244da4061da65fd2fbf027bf1bb49e21c42f5e7c943a9379f1e7c4
74e961c048250ced0c8a2baa30255a7f0687bc65e81fb4f0eb3318b686faadf8
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
8a1cceddce9450beca0ca70232dc3568845ee0a3f688225f76450aa8f4a83205
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8
99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386
a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8
ba02f5969cb4d8ebdf3cc73fe8acd5ebd8ebeeb8dae4e08073b299fd58b80974
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69
c6fbe2de716de3100ada73ac3cd1f0c52d3bcd0957ae1623c2abd1c94e91e21e
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9
cc74e62602bc17bc76701d9dd60ded069967f2d5be2cb264da1cdbd5556a4009
ce22b1c052dbdd929e977fc49105dc384961716c6d1a5d9f81a527b2579cfea2
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
df623b8c628ea3922f8fe326028e8a3e7024f3dab3886b292f93f667bd6e92d5
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c5013c999bee8dd455c1ac01133c69dd9aa06b34a7397bdff291c5ecbdc84d
e9b0dc5444f928e5907fd150f1582136cbeba521e619fa1c43a4346ec7a1347f
f85f36283eb03e1d2806c24967f117faa126c25fea621e191fa6866147c5085c
fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

www.citizens242477bnm.dd-dns.de Open in urlscan Pro 185.185.40.108 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

91 %HTTPS

42 %IPv6

7 Domains

14 Subdomains

12 IPs

4 Countries

902 kBTransfer

2601 kBSize

0 Cookies

4 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.citizens242477bnm.dd-dns.de Open in urlscan Pro
185.185.40.108 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

91 %
HTTPS

42 %
IPv6

7
Domains

14
Subdomains

12
IPs

4
Countries

902 kB
Transfer

2601 kB
Size

0
Cookies

54 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!