luznacorp.co Open in urlscan Pro
2606:4700:30::681f:47e3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://luznacorp.co/wiring_money_to_citizens_bank.php
Submission: On January 28 via manual (January 28th 2019, 1:39:49 am UTC) from US

Summary HTTP 41 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 22 domains to perform 41 HTTP transactions. The main IP is 2606:4700:30::681f:47e3, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is luznacorp.co.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 14th 2019. Valid for: a year.

This is the only time luznacorp.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Banking (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:30:... 2606:4700:30::681f:47e3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	45.56.86.170 45.56.86.170	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a02:26f0:6c0... 2a02:26f0:6c00:18b::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	69.89.129.19 69.89.129.19	22976 (FIRST-CIT...) (FIRST-CITIZENS-01 - First Citizens Bank)
1	2a00:1450:400... 2a00:1450:4001:825::2016	15169 (GOOGLE) (GOOGLE - Google LLC)
1	192.99.3.130 192.99.3.130	16276 (OVH) (OVH)
2	74.200.58.61 74.200.58.61	14010 (JACKHENRY) (JACKHENRY - Jack Henry & Associates)
1 2	50.87.150.85 50.87.150.85	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
1	2a02:26f0:6c0... 2a02:26f0:6c00:194::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19f::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.218.36.97 52.218.36.97	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
5	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.38.53.224 23.38.53.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY - Fastly)
2	2620:109:c002... 2620:109:c002::6cae:a0a	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
41	23

3 2606:4700:30::681f:47e3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

luznacorp.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.56.86.170 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: server.theblog.ca

www.theblog.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:18b::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

is5-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.89.129.19 (Raleigh, United States)

ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US)
PTR: dnssectest.first-citizens-bank.bank

www.firstcitizens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2016 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.3.130 (Montréal, Canada)

ASN16276 (OVH, FR)
PTR: ns559289.ip-192-99-3.net

online-banking.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.200.58.61 (Tomball, United States)

ASN14010 (JACKHENRY - Jack Henry & Associates, Inc., US)

www.citizensedmond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.87.150.85 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: rankfirstpro.com

pengeportalen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pengeportalen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:194::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19f::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.36.97 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

transferwise-blog.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.44 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.38.53.224 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-224.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:109:c002::6cae:a0a (United States)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	addthis.com s7.addthis.com api-public.addthis.com	186 KB
3	typekit.net use.typekit.net
3	mzstatic.com is5-ssl.mzstatic.com is4-ssl.mzstatic.com is2-ssl.mzstatic.com	98 KB
3	cloudflare.com cdnjs.cloudflare.com	6 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	47 KB
3	luznacorp.co luznacorp.co	26 KB
2	linkedin.com www.linkedin.com	1 KB
2	pinterest.com widgets.pinterest.com	1 KB
2	facebook.com graph.facebook.com	885 B
2	google-analytics.com www.google-analytics.com	18 KB
2	pengeportalen.com 1 redirects pengeportalen.com www.pengeportalen.com	178 KB
2	citizensedmond.com www.citizensedmond.com	71 KB
2	firstcitizens.com www.firstcitizens.com	78 KB
1	addthisedge.com m.addthisedge.com	776 B
1	gstatic.com encrypted-tbn0.gstatic.com	6 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	amazonaws.com transferwise-blog.s3.amazonaws.com	163 KB
1	online-banking.org online-banking.org	11 KB
1	ytimg.com i.ytimg.com	77 KB
1	theblog.ca www.theblog.ca	40 KB
1	googleapis.com ajax.googleapis.com	30 KB
0	Failed function sub() { [native code] }. Failed
41	22

	Domain	Requested by
3	use.typekit.net	luznacorp.co
3	cdnjs.cloudflare.com	luznacorp.co
3	maxcdn.bootstrapcdn.com	luznacorp.co
3	luznacorp.co	luznacorp.co
2	api-public.addthis.com	s7.addthis.com
2	www.linkedin.com	s7.addthis.com
2	widgets.pinterest.com	s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	www.google-analytics.com	www.googletagmanager.com luznacorp.co
2	s7.addthis.com	luznacorp.co s7.addthis.com
2	www.citizensedmond.com	luznacorp.co
2	www.firstcitizens.com	luznacorp.co
1	m.addthisedge.com	s7.addthis.com
1	encrypted-tbn0.gstatic.com	luznacorp.co
1	www.googletagmanager.com	luznacorp.co
1	transferwise-blog.s3.amazonaws.com	luznacorp.co
1	is2-ssl.mzstatic.com	luznacorp.co
1	is4-ssl.mzstatic.com	luznacorp.co
1	www.pengeportalen.com	luznacorp.co
1	pengeportalen.com	1 redirects
1	online-banking.org	luznacorp.co
1	i.ytimg.com	luznacorp.co
1	is5-ssl.mzstatic.com	luznacorp.co
1	www.theblog.ca	luznacorp.co
1	ajax.googleapis.com	luznacorp.co
0	Failed	luznacorp.co
41	26

This site contains links to these domains. Also see Links.

Domain
www.theblog.ca
is5-ssl.mzstatic.com
www.firstcitizens.com
i.ytimg.com
online-banking.org
www.citizensedmond.com
pengeportalen.com
is4-ssl.mzstatic.com
is2-ssl.mzstatic.com
transferwise-blog.s3.amazonaws.com
onesourcebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-01-14` - `2020-01-14`	a year	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
itunes.apple.com DigiCert SHA2 Extended Validation Server CA	`2018-10-05` - `2019-08-30`	a year	crt.sh
www.firstcitizens.com DigiCert SHA2 Extended Validation Server CA	`2018-02-16` - `2020-02-17`	2 years	crt.sh
edgestatic.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
online-banking.org Let's Encrypt Authority X3	`2018-10-10` - `2019-01-08`	3 months	crt.sh
www.citizensedmond.com GeoTrust TLS RSA CA G1	`2018-11-20` - `2020-12-19`	2 years	crt.sh
pengeportalen.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-07` - `2020-02-07`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-05-06` - `2019-08-05`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2018-07-20` - `2020-01-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-01-11` - `2019-06-26`	5 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2018-05-30` - `2020-09-01`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://luznacorp.co/wiring_money_to_citizens_bank.php
Frame ID: 13897CADBB199FB18ADAD7172B0754FE
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i

AddThis (Widgets) Expand

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

41
Requests

93 %
HTTPS

55 %
IPv6

22
Domains

26
Subdomains

23
IPs

5
Countries

1070 kB
Transfer

1791 kB
Size

6
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://www.theblog.ca/wp-content/uploads/2007/04/citizensfriend1.jpg

Search URL Search Domain Scan URL

URL: http://www.theblog.ca/citizens-bank-pay-friend
Title: Source

Search URL Search Domain Scan URL

URL: https://is5-ssl.mzstatic.com/image/thumb/Purple118/v4/64/f7/cc/64f7cc0c-48db-39d6-4d3f-f5d99c40c68f/mzl.lutgenji.png/643x0w.jpg

Search URL Search Domain Scan URL

URL: https://www.firstcitizens.com/content/images/digital/BOBAdvantage_AccountMgt_NoDemo.png

Search URL Search Domain Scan URL

URL: https://i.ytimg.com/vi/_MX71Kbq8Gg/maxresdefault.jpg

Search URL Search Domain Scan URL

URL: https://online-banking.org/wp-content/uploads/citzens-check.jpg

Search URL Search Domain Scan URL

URL: https://www.citizensedmond.com/images/screen696x6961.jpeg

Search URL Search Domain Scan URL

URL: http://pengeportalen.com/wp-content/uploads/2014/11/Citizens-Bank-Online-Banking-Login.jpg

Search URL Search Domain Scan URL

URL: https://is4-ssl.mzstatic.com/image/thumb/Purple118/v4/40/a5/a2/40a5a27f-20e3-8424-810d-cdf9c54ce250/pr_source.png/300x0w.png

Search URL Search Domain Scan URL

URL: https://is2-ssl.mzstatic.com/image/thumb/Purple118/v4/a8/ad/04/a8ad047e-a2c9-fa95-db6d-5f5950c22bed/pr_source.png/300x0w.jpg

Search URL Search Domain Scan URL

URL: https://www.citizensedmond.com/images/screen696x6963.jpeg

Search URL Search Domain Scan URL

URL: https://www.firstcitizens.com/content/images/digital/Digital_Banking_Consumer_ManageAccounts_NoDemo.png

Search URL Search Domain Scan URL

URL: https://transferwise-blog.s3.amazonaws.com/1-international-transfer-total-cost.jpg

Search URL Search Domain Scan URL

URL: http://onesourcebook.com/wiring.php?title=wiring%20money%20to%20citizens%20bank
Title: CREATE MY ACCOUNT NOW

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://pengeportalen.com/wp-content/uploads/2014/11/Citizens-Bank-Online-Banking-Login.jpg HTTP 302
https://www.pengeportalen.com/wp-content/uploads/2014/11/Citizens-Bank-Online-Banking-Login.jpg

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wiring_money_to_citizens_bank.php Show response
luznacorp.co/ 36 KB
7 KB 804ms
786ms Document
text/html 2606:4700:30::681f:47e3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:47e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.5.9-1ubuntu4.26
Resource Hash: 2fff36388451de8576e600c63767eab5819062e3c2234d602984bec6b87e2168

Request headers

:method: GET
:authority: luznacorp.co
:scheme: https
:path: /wiring_money_to_citizens_bank.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 28 Jan 2019 01:39:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d5d603c213db460e5baa804fe1b2499d11548639570; expires=Tue, 28-Jan-20 01:39:30 GMT; path=/; domain=.luznacorp.co; HttpOnly; Secure
x-powered-by: PHP/5.5.9-1ubuntu4.26
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://luznacorp.co/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 49ffbee57da5befd-FRA
content-encoding: br

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 69ms
20ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin: *
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 03 Jan 2019 09:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2130619
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 30244
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2020 09:49:12 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 69ms
21ms Script
text/javascript 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin: *
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 star-rating.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-star-rating/4.0.2/css/ 2 KB
997 B 13ms
12ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-star-rating/4.0.2/css/star-rating.min.css

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a271de7c8eef67f8e11ea368955a830307a90fd3fabf862f35a25449dc40a9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-security-policy-report-only: default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=49ffbeea7b30c26f
status: 200
last-modified: Thu, 17 May 2018 09:16:19 GMT
server: cloudflare
etag: W/"5afd4863-8d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
expires: Sat, 18 Jan 2020 01:39:31 GMT
cache-control: public, max-age=30672000
cf-ray: 49ffbeea7b30c26f-FRA
served-in-seconds: 0.000

GET
H2 200 star-rating.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-star-rating/4.0.2/js/ 12 KB
4 KB 16ms
14ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-star-rating/4.0.2/js/star-rating.min.js

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec61b3f63564535835252ea3de4b9ceba3e349327f545607d7e45132fb1c3052

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:16:19 GMT
server: cloudflare
etag: W/"5afd4863-2fd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 18 Jan 2020 01:39:31 GMT
cache-control: public, max-age=30672000
cf-ray: 49ffbeea7b31c26f-FRA
served-in-seconds: 0.001

GET
H2 200 style.css
luznacorp.co/wp-content/themes/wiring/ 3 KB
943 B 197ms
195ms Stylesheet
text/css 2606:4700:30::681f:47e3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://luznacorp.co/wp-content/themes/wiring/style.css
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:47e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70f90e69c2241ecd99710157a12419f22b80a02fdb58a3e2cbeb3e817cd4ed5c

Request headers

:path: /wp-content/themes/wiring/style.css
pragma: no-cache
cookie: __cfduid=d5d603c213db460e5baa804fe1b2499d11548639570
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: luznacorp.co
referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
:scheme: https
:method: GET
Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 19 Nov 2018 02:46:24 GMT
server: cloudflare
etag: W/"c71-57afb85d10000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 49ffbeea7f14befd-FRA
expires: Mon, 28 Jan 2019 05:39:31 GMT

GET
H/1.1 200
OK citizensfriend1.jpg
www.theblog.ca/wp-content/uploads/2007/04/ 40 KB
40 KB 437ms
195ms Image
image/jpeg 45.56.86.170
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.theblog.ca/wp-content/uploads/2007/04/citizensfriend1.jpg
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: HTTP/1.1
Server: 45.56.86.170 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: server.theblog.ca
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: 3260edeac26457c5e4b79bb7ff4d543c4a97f7d293c9b0e134ac6beb6fc3147a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 27 Jan 2019 20:31:13 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 26 Nov 2011 05:54:13 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Age: 18498
grace
X-Cache: HIT
X-Varnish: 136145 165258
Cache-Control: max-age=2592000
X-Cache-Hits: 6
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 40451
Expires: Tue, 26 Feb 2019 20:31:13 GMT

GET
H2 200 643x0w.jpg
is5-ssl.mzstatic.com/image/thumb/Purple118/v4/64/f7/cc/64f7cc0c-48db-39d6-4d3f-f5d99c40c68f/mzl.lutgenji.png/ 26 KB
26 KB 208ms
135ms Image
image/jpeg 2a02:26f0:6c00:18b::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is5-ssl.mzstatic.com/image/thumb/Purple118/v4/64/f7/cc/64f7cc0c-48db-39d6-4d3f-f5d99c40c68f/mzl.lutgenji.png/643x0w.jpg
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18b::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 08ef19d049c7433db99e186ba534fa9590d55fd96201f494c3e8c009f5c535de

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: VOD626NBYGDKLNYVX722XYEPRI
date: Mon, 28 Jan 2019 01:39:31 GMT
x-cache: TCP_MISS from a2-16-187-44.deploy.akamaitechnologies.com (AkamaiGHost/9.5.0.2-23811872) (-)
status: 200
last-modified: Tue, 14 Nov 2017 15:12:33 GMT
content-length: 26443
cache-control: no-transform, max-age=16399051
apple-tk: false
x-cache-remote: TCP_MISS from a2-22-50-247.deploy.akamaitechnologies.com (AkamaiGHost/9.5.4-24580776) (-)
apple-seq: 0
etag: "\"heHhsoMwXtpySD+1hdtXew==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: ab87ed79-a1c1-86a5-b715-bff5abe08f8a

GET
H/1.1 200
OK BOBAdvantage_AccountMgt_NoDemo.png
www.firstcitizens.com/content/images/digital/ 36 KB
36 KB 1009ms
129ms Image
image/png 69.89.129.19
First Citizens Bank

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstcitizens.com/content/images/digital/BOBAdvantage_AccountMgt_NoDemo.png
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.89.129.19 Raleigh, United States, ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US),
Reverse DNS: dnssectest.first-citizens-bank.bank
Software: Apache /
Resource Hash: b1b6a5a294fbf7d28921e39204ae67228cf71b345359d8ba4c3a6866e3acdc92

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 28 Jan 2019 01:39:32 GMT
Last-Modified: Mon, 24 Oct 2016 13:01:47 GMT
Server: Apache
ETag: "20184-8fca-53f9bfe91c4c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=200
Content-Length: 36810
X-dynaTrace: PT=366348216;PA=-746318418;SP=DOT COM - PRD;PS=2013945258

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/_MX71Kbq8Gg/ 76 KB
77 KB 115ms
85ms Image
image/jpeg 2a00:1450:4001:825::2016
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_MX71Kbq8Gg/maxresdefault.jpg

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

26e7601b24e08acbd1d5f44fdea0160e3b2186fbfd92a6e88bc13621325245f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1465309412"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: https://imasdk.googleapis.com
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 78070
x-xss-protection: 1; mode=block
expires: Mon, 28 Jan 2019 03:39:31 GMT

GET
H/1.1 200
OK citzens-check.jpg
online-banking.org/wp-content/uploads/ 11 KB
11 KB 607ms
368ms Image
image/jpeg 192.99.3.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-banking.org/wp-content/uploads/citzens-check.jpg
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.99.3.130 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559289.ip-192-99-3.net
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 42bcf02686a3d26ee13f9938cd76eb077bb19b6779294b3ecc3f230577e5084c

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 28 Jan 2019 01:39:31 GMT
Last-Modified: Fri, 18 Nov 2016 18:15:37 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "2bed-541974af52440"
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11245

GET
H/1.1 200
OK screen696x6961.jpeg
www.citizensedmond.com/images/ 42 KB
42 KB 913ms
128ms Image
image/jpeg 74.200.58.61
Jack Henry & Asso...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citizensedmond.com/images/screen696x6961.jpeg

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.200.58.61 Tomball, United States, ASN14010 (JACKHENRY - Jack Henry & Associates, Inc., US),

Reverse DNS

Software

Resource Hash

54df5b9f124f9cc54dc355f780788da9cef2374f689b0bdf82925d98e091c068

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 28 Jan 2019 01:39:32 GMT
Last-Modified: Mon, 29 Aug 2016 14:37:58 GMT
ETag: "16bdcdef22d21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Strict-Transport-Security: max-age=15552000
Accept-Ranges: bytes
Content-Length: 42608
X-XSS-Protection: 1; mode=block

GET
H2

200

Citizens-Bank-Online-Banking-Login.jpg
www.pengeportalen.com/wp-content/uploads/2014/11/
Redirect Chain

http://pengeportalen.com/wp-content/uploads/2014/11/Citizens-Bank-Online-Banking-Login.jpg
https://www.pengeportalen.com/wp-content/uploads/2014/11/Citizens-Bank-Online-Banking-Login.jpg

177 KB
178 KB

1293ms
373ms

Image
image/jpeg

50.87.150.85
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pengeportalen.com/wp-content/uploads/2014/11/Citizens-Bank-Online-Banking-Login.jpg
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.87.150.85 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS: rankfirstpro.com
Software: nginx/1.14.1 /
Resource Hash: 2a528631ee6636bb7231334d1e4549ad7f898c1d4431e3b3d7f183e6dce4b75b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 28 Jan 2019 01:39:33 GMT
last-modified: Sun, 23 Nov 2014 00:15:00 GMT
server: nginx/1.14.1
accept-ranges: bytes
content-length: 181578
content-type: image/jpeg

Redirect headers

Location: https://www.pengeportalen.com/wp-content/uploads/2014/11/Citizens-Bank-Online-Banking-Login.jpg
Date: Mon, 28 Jan 2019 01:39:32 GMT
Server: nginx/1.14.1
Connection: keep-alive
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1

GET 05e66220c2bd516cfa4871481d00afcaf99ef48ad3d9afa2e7a0bd6c3e591b65
/ 0
0

GET
H2 200 300x0w.png
is4-ssl.mzstatic.com/image/thumb/Purple118/v4/40/a5/a2/40a5a27f-20e3-8424-810d-cdf9c54ce250/pr_source.png/ 48 KB
48 KB 267ms
191ms Image
image/png 2a02:26f0:6c00:194::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is4-ssl.mzstatic.com/image/thumb/Purple118/v4/40/a5/a2/40a5a27f-20e3-8424-810d-cdf9c54ce250/pr_source.png/300x0w.png
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:194::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 3b92b810f16080825e0280a17de7af03fc6d6b65bdb4a7b7fa51328c122d8c73

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: OTSHQXFZH2AZX5NPEWUXLTW66Q
date: Mon, 28 Jan 2019 01:39:31 GMT
x-cache: TCP_MISS from a2-16-187-7.deploy.akamaitechnologies.com (AkamaiGHost/9.5.0.2-23811872) (-)
status: 200
last-modified: Tue, 14 Nov 2017 15:12:33 GMT
content-length: 48801
cache-control: no-transform, max-age=15759548
apple-tk: false
x-cache-remote: TCP_MISS from a2-21-77-103.deploy.akamaitechnologies.com (AkamaiGHost/9.5.0.2-23811872) (-)
apple-seq: 0
etag: "\"+GcF7YDtC5+nrqZNbVq6Yw==\""
apple-originating-system: AIImageService
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 74e4785c-b93e-819b-f5af-25a975cedef4

GET
H2 200 300x0w.jpg
is2-ssl.mzstatic.com/image/thumb/Purple118/v4/a8/ad/04/a8ad047e-a2c9-fa95-db6d-5f5950c22bed/pr_source.png/ 23 KB
23 KB 293ms
198ms Image
image/jpeg 2a02:26f0:6c00:19f::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is2-ssl.mzstatic.com/image/thumb/Purple118/v4/a8/ad/04/a8ad047e-a2c9-fa95-db6d-5f5950c22bed/pr_source.png/300x0w.jpg
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19f::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 74585feff7909040d493ac94fd96b8cae9c4c5c6b40581cb4096cb977a6e3191

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: KKYNEBR5JKGPWL5JHZCTBLL6M4
date: Mon, 28 Jan 2019 01:39:31 GMT
x-cache: TCP_MISS from a2-16-187-7.deploy.akamaitechnologies.com (AkamaiGHost/9.5.0.2-23811872) (-)
status: 200
last-modified: Tue, 14 Nov 2017 15:12:32 GMT
content-length: 23377
cache-control: no-transform, max-age=17094896
apple-tk: false
x-cache-remote: TCP_MISS from a2-21-77-103.deploy.akamaitechnologies.com (AkamaiGHost/9.5.0.2-23811872) (-)
apple-seq: 0
etag: "\"Az8AxO/F11l1OcW5UJsTuQ==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 52b0d206-3d4a-8cfb-2fa9-3e4530ad7e67

GET
H/1.1 200
OK screen696x6963.jpeg
www.citizensedmond.com/images/ 29 KB
29 KB 883ms
132ms Image
image/jpeg 74.200.58.61
Jack Henry & Asso...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citizensedmond.com/images/screen696x6963.jpeg

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.200.58.61 Tomball, United States, ASN14010 (JACKHENRY - Jack Henry & Associates, Inc., US),

Reverse DNS

Software

Resource Hash

eed3ae31c253f05262c99705f40c8eeb0aa2955d8f92cc35998e561367d53cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 28 Jan 2019 01:39:32 GMT
Last-Modified: Mon, 29 Aug 2016 14:38:48 GMT
ETag: "68d56dd32d21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Strict-Transport-Security: max-age=15552000
Accept-Ranges: bytes
Content-Length: 29263
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Digital_Banking_Consumer_ManageAccounts_NoDemo.png
www.firstcitizens.com/content/images/digital/ 41 KB
42 KB 885ms
131ms Image
image/png 69.89.129.19
First Citizens Bank

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firstcitizens.com/content/images/digital/Digital_Banking_Consumer_ManageAccounts_NoDemo.png
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.89.129.19 Raleigh, United States, ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US),
Reverse DNS: dnssectest.first-citizens-bank.bank
Software: Apache /
Resource Hash: 0c2fcbcfcc825cc517d8976af98d147bdf3b9397ec316253198ff811fdbcbb08

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 28 Jan 2019 01:39:32 GMT
Last-Modified: Tue, 27 Nov 2018 00:57:05 GMT
Server: Apache
ETag: "200af-a486-57b9aed999a40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=200
Content-Length: 42118
X-dynaTrace: PT=366348215;PA=-746318418;SP=DOT COM - PRD;PS=2013945258

GET
H/1.1 200
OK 1-international-transfer-total-cost.jpg
transferwise-blog.s3.amazonaws.com/ 163 KB
163 KB 227ms
100ms Image
application/octet-stream 52.218.36.97
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transferwise-blog.s3.amazonaws.com/1-international-transfer-total-cost.jpg
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.36.97 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c4b97dfb441def270ea51f27afc963cc8c7b18d64450ed03629b70be17c61fc

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 28 Jan 2019 01:39:32 GMT
Last-Modified: Mon, 18 Jun 2018 11:27:50 GMT
Server: AmazonS3
x-amz-request-id: AAFCF69AD9192822
ETag: "d3b2979a454ca7a7e09be58845c6de7d"
Content-Type: application/octet-stream
Content-Length: 166887
Accept-Ranges: bytes
x-amz-version-id: gxWO0Pz_dSK9lA6qpZ2tjMkvyGiYcdB8
x-amz-id-2: Eg47ZcqP8ZfZj8r6480hix4T/4vseZfR3JeyiQcMApALdmSZSV4CEXg35WmzblQ+YEHhmqDBN4U=

GET
H2 200 secure-icon.png
luznacorp.co/wp-content/themes/wiring/images/source/ 18 KB
18 KB 170ms
169ms Image
image/png 2606:4700:30::681f:47e3
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luznacorp.co/wp-content/themes/wiring/images/source/secure-icon.png
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:47e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 590f387b0eb98f9507c0697fc62872b8f4047201e2daa1c4dd3169fdc5614d43

Request headers

:path: /wp-content/themes/wiring/images/source/secure-icon.png
pragma: no-cache
cookie: __cfduid=d5d603c213db460e5baa804fe1b2499d11548639570
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: luznacorp.co
referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
:scheme: https
:method: GET
Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 31 Dec 2017 21:25:39 GMT
server: cloudflare
etag: "4614-561a981d2dac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 49ffbeeb0f40befd-FRA
content-length: 17940
expires: Mon, 28 Jan 2019 05:39:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
33 KB 33ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130175441-2

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

75fd47a458f95ee98e6fcf1f488e301d54b69843ef2ac47a1ce535c620551ad7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 33252
x-xss-protection: 1; mode=block
expires: Mon, 28 Jan 2019 01:39:31 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
112 KB 89ms
34ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/300/addthis_widget.js
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c51bc8a70066881987f3cb651824cb0b0b3581f73040dfbb79b309599793c4e9

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: gzip
surrogate-key: client_dist
last-modified: Wed, 16 Jan 2019 16:29:17 GMT
etag: "5c3f5bdd-573fa"
vary: Accept-Encoding
x-distribution: 99
cache-tag: client_dist
status: 200
cache-control: public, max-age=600
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-type: application/javascript

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 5 KB
6 KB 54ms
16ms Image
image/png 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRnnAt6FhWWN3EJoigCtZRTxBYmZ_vdLKnTExv0mBaPkhGzXSjqiQ

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

caf48eec7eddede7247abdb61da3bb152f1be17a6a762167c667dd3da24210f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 03 Jun 2018 07:04:36 GMT
server: sffe
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 5542
x-xss-protection: 1; mode=block
expires: Tue, 28 Jan 2020 01:39:31 GMT

GET
H2 200 loading.gif
cdnjs.cloudflare.com/ajax/libs/bootstrap-star-rating/4.0.2/img/ 847 B
943 B 21ms
20ms Image
image/gif 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-star-rating/4.0.2/img/loading.gif

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb2c87444ef9f0ad7ff70d880ab21728e26380949753c630fa1831fe62b8026

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/bootstrap-star-rating/4.0.2/css/star-rating.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
content-length: 847
last-modified: Thu, 17 May 2018 09:16:19 GMT
server: cloudflare
etag: "5afd4863-34f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Sat, 18 Jan 2020 01:39:31 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 49ffbeebbc91c26f-FRA
served-in-seconds: 0.003

GET
H2 404 l
use.typekit.net/af/58a17e/000000000000000000017823/27/ 0
0 192ms
128ms Font
text/plain 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/af/58a17e/000000000000000000017823/27/l?subset_id=2&fvd=n4&v=3

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://luznacorp.co/wp-content/themes/wiring/style.css
Origin: https://luznacorp.co

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
server: nginx
access-control-allow-origin: *
date: Mon, 28 Jan 2019 01:39:31 GMT
content-type: text/plain;charset=utf-8
status: 404
cache-control: no-cache
x-cascade: pass
timing-allow-origin: *
content-length: 9

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 73ms
23ms Font
font/woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://luznacorp.co

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 18056

GET
H2 200 _ate.track.config_resp Show response
m.addthisedge.com/live/boost/ra-56e88f5e47817826/ 1 KB
776 B 65ms
41ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthisedge.com/live/boost/ra-56e88f5e47817826/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 7dc95e1402a78a129b570c5d4f9b6852bec36bb17b16b87de80f522a2f502fa6

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: gzip
surrogate-key: ra-56e88f5e47817826
server: Jetty(9.4.8.v20180619)
etag: 1022320691--gzip
vary: Accept-Encoding
cache-tag: ra-56e88f5e47817826
status: 200
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 530

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130175441-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 1508
date: Mon, 28 Jan 2019 01:14:23 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Mon, 28 Jan 2019 03:14:23 GMT

GET
H2 200 layers.180e84e0fe8648c104a3.js Show response
s7.addthis.com/static/ 261 KB
74 KB 18ms
18ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/static/layers.180e84e0fe8648c104a3.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e8f0b2fe84ed504ca925d6ba1194b59d16ad6ddb2ab1967f5c07fe89a84a2ae8

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:31 GMT
content-encoding: gzip
last-modified: Wed, 16 Jan 2019 16:29:17 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
199 B 14ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1114827744&t=pageview&_s=1&dl=https%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&ul=en-us&de=UTF-8&dt=Wiring%20Money%20To%20Citizens%20Bank%20-%20Daily%20Electronical%20Wiring%20Diagram%20%E2%80%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=423269275&gjid=68883391&cid=546805507.1548639572&tid=UA-130175441-2&_gid=315105963.1548639572&_r=1&gtm=2ou1d1&z=51179039

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Jan 2019 01:39:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 d
use.typekit.net/af/58a17e/000000000000000000017823/27/ 0
0 128ms
127ms Font
text/plain 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/af/58a17e/000000000000000000017823/27/d?subset_id=2&fvd=n4&v=3

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://luznacorp.co/wp-content/themes/wiring/style.css
Origin: https://luznacorp.co

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
server: nginx
access-control-allow-origin: *
date: Mon, 28 Jan 2019 01:39:32 GMT
content-type: text/plain;charset=utf-8
status: 404
cache-control: no-cache
x-cascade: pass
timing-allow-origin: *
content-length: 9

GET
H2 404 a
use.typekit.net/af/58a17e/000000000000000000017823/27/ 0
0 128ms
127ms Font
text/plain 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/af/58a17e/000000000000000000017823/27/a?subset_id=2&fvd=n4&v=3

Requested by

Host: luznacorp.co
URL: https://luznacorp.co/wiring_money_to_citizens_bank.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://luznacorp.co/wp-content/themes/wiring/style.css
Origin: https://luznacorp.co

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
server: nginx
access-control-allow-origin: *
date: Mon, 28 Jan 2019 01:39:32 GMT
content-type: text/plain;charset=utf-8
status: 404
cache-control: no-cache
x-cascade: pass
timing-allow-origin: *
content-length: 9

GET
H2 200 / Show response
graph.facebook.com/ 163 B
559 B 68ms
33ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&callback=_ate.cbs.rcb_2nx0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cddb37be2fb383a6dbd457fb878d6f464d80d6c46fa3c8c30144b9c2ba38ee94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: 1HR0posvxmJLA6dSGLF1OI/xv4CfLXHjHnITp1eIMEEMji+xO4tmvj9gqnQ0xG617LvxZynCrtZKo7GzfbcY3Q==
x-fb-trace-id: D/hrrLVIrQ+
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
access-control-allow-origin: *
etag: "e1a17d79d0252ef5f0bd088f35867be04db65b3e"
strict-transport-security: max-age=15552000; preload
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, no-cache, no-store, must-revalidate
date: Mon, 28 Jan 2019 01:39:32 GMT
x-fb-rev: 4715512
facebook-api-version: v2.8
content-length: 163
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK count.json Show response
widgets.pinterest.com/v1/urls/ 101 B
549 B 50ms
10ms Script
application/javascript 151.101.0.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&callback=window._ate.cbs.rcb_c5qa0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

9ca30e0adc00c234d9dc2d91dedfaa7f79ea198108aaba9b913fed4c5cad7457

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-pinterest-host: widgets.pinterest.com
Date: Mon, 28 Jan 2019 01:39:32 GMT
x-content-type-options: nosniff
x-compress-hint: on
Age: 0
Transfer-Encoding: chunked
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-pinterest-rid: 091760799694
expires: Mon, 28 Jan 2019 01:54:32 GMT

GET
H2 200 share Show response
www.linkedin.com/countserv/count/ 125 B
1 KB 282ms
98ms Script
text/javascript 2620:109:c002::6cae:a0a
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&callback=atajsshctcbjEyMg

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:109:c002::6cae:a0a , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

554cae6fa661d50ec2a9988c1de72ee440b63afa95a7a0bec84f41b44e7b1833

Security Headers

Name	Value
Content-Security-Policy	default-src ; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://.linkedin.com dms.licdn.com; img-src data: blob: ; font-src data: ; style-src 'unsafe-inline' 'self' static-src.linkedin.com .licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com .ads.linkedin.com .licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: ; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-li-pop: prod-edc2
x-li-uuid: a4CAmnzffRUgrMd0gSsAAA==
pragma: no-cache
server: Apache-Coyote/1.1
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
x-li-fabric: prod-lva1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
286 B 173ms
150ms Script
application/json 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&callback=_ate.cbs.rcb_6eiz0
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0452949ed8f04b56fdc983be13d92f831f824c99cf6fb1037847a0dd271bbf58

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:33 GMT
content-encoding: gzip
surrogate-key: luznacorp.co/wiring_money_to_citizens_bank.php
last-modified: Mon, 28 Jan 2019 01:39:33 GMT
vary: Accept-Encoding
x-varnish: 4189230731
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
accept-ranges: bytes
content-type: application/json
content-length: 53

GET
H2 200 / Show response
graph.facebook.com/ 163 B
326 B 68ms
34ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&callback=_ate.cbs.rcb_3qkq0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9b5010fa89f392dbc8ef2abc77dfd6e7c2467ca24fdaecf9fab0d882635d7f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: +IWp1v3fnVsUwJv4UsvLmuq9L3Nx88z2CqMXg8norv63z4uW9ko5tvejgV3OSCvmcTKDg/zWdN7yVM6AkZ6Vcw==
x-fb-trace-id: C61VkHKvIpc
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
access-control-allow-origin: *
etag: "362fb69630ebab4c7f40a24f366a717f362a663d"
strict-transport-security: max-age=15552000; preload
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, no-cache, no-store, must-revalidate
date: Mon, 28 Jan 2019 01:39:32 GMT
x-fb-rev: 4715512
facebook-api-version: v2.8
content-length: 163
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK count.json Show response
widgets.pinterest.com/v1/urls/ 100 B
548 B 50ms
11ms Script
application/javascript 151.101.0.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&callback=window._ate.cbs.rcb_hj690

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

c6899ea5bc25a6be58a7dcac4cd5ac0740cd21ead4bd823a941039fbfca657de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-pinterest-host: widgets.pinterest.com
Date: Mon, 28 Jan 2019 01:39:32 GMT
x-content-type-options: nosniff
x-compress-hint: on
Age: 0
Transfer-Encoding: chunked
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-pinterest-rid: 821648466112
expires: Mon, 28 Jan 2019 01:54:32 GMT

GET
H2 200 share Show response
www.linkedin.com/countserv/count/ 124 B
190 B 282ms
98ms Script
text/javascript 2620:109:c002::6cae:a0a
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/countserv/count/share?url=http%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&callback=atajsshctcbakvFJ

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:109:c002::6cae:a0a , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

799af1d210a9888eb448761cb56bab4ee9f0731d1b2d47ce8db86c9f3c05678d

Security Headers

Name	Value
Content-Security-Policy	default-src ; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://.linkedin.com dms.licdn.com; img-src data: blob: ; font-src data: ; style-src 'unsafe-inline' 'self' static-src.linkedin.com .licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com .ads.linkedin.com .licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: ; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-li-pop: prod-edc2
x-li-uuid: lm2kmnzffRWgQCdTgSsAAA==
pragma: no-cache
server: Apache-Coyote/1.1
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
x-li-fabric: prod-lva1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
287 B 162ms
140ms Script
application/json 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fluznacorp.co%2Fwiring_money_to_citizens_bank.php&callback=_ate.cbs.rcb_8fa10
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55ff18e1b71f1a3c1fc227e4a20d1b12751324d8f62dd1bf6cf29732ce251233

Request headers

Referer: https://luznacorp.co/wiring_money_to_citizens_bank.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 28 Jan 2019 01:39:33 GMT
content-encoding: gzip
surrogate-key: luznacorp.co/wiring_money_to_citizens_bank.php
last-modified: Mon, 28 Jan 2019 01:39:33 GMT
vary: Accept-Encoding
x-varnish: 4189230698
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
accept-ranges: bytes
content-type: application/json
content-length: 53

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: x-raw-image:///05e66220c2bd516cfa4871481d00afcaf99ef48ad3d9afa2e7a0bd6c3e591b65

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Banking (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.luznacorp.co/	1970-01-18 22:10:39	Name: _gat_gtag_UA_130175441_2 Value: 1
luznacorp.co/	1970-01-18 22:10:41	Name: __atuvs Value: 5c4e5d537c8e908a000
.luznacorp.co/	1970-01-18 22:12:05	Name: _gid Value: GA1.2.315105963.1548639572
luznacorp.co/	1970-01-19 07:40:53	Name: __atuvc Value: 1%7C5
.luznacorp.co/	1970-01-19 15:41:51	Name: _ga Value: GA1.2.546805507.1548639572
.luznacorp.co/	1970-01-19 06:56:15	Name: __cfduid Value: d5d603c213db460e5baa804fe1b2499d11548639570

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


ajax.googleapis.com
api-public.addthis.com
cdnjs.cloudflare.com
encrypted-tbn0.gstatic.com
graph.facebook.com
i.ytimg.com
is2-ssl.mzstatic.com
is4-ssl.mzstatic.com
is5-ssl.mzstatic.com
luznacorp.co
m.addthisedge.com
maxcdn.bootstrapcdn.com
online-banking.org
pengeportalen.com
s7.addthis.com
transferwise-blog.s3.amazonaws.com
use.typekit.net
widgets.pinterest.com
www.citizensedmond.com
www.firstcitizens.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.pengeportalen.com
www.theblog.ca

151.101.0.84
192.99.3.130
209.197.3.15
23.210.248.44
23.38.53.224
2606:4700:30::681f:47e3
2606:4700::6813:c497
2620:109:c002::6cae:a0a
2a00:1450:4001:808::2008
2a00:1450:4001:817::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:821::200e
2a00:1450:4001:825::2016
2a02:26f0:6c00:18b::2a1
2a02:26f0:6c00:194::2a1
2a02:26f0:6c00:19f::2a1
2a03:2880:f01c:800e:face:b00c:0:2
45.56.86.170
50.87.150.85
52.218.36.97
69.89.129.19
74.200.58.61
0452949ed8f04b56fdc983be13d92f831f824c99cf6fb1037847a0dd271bbf58
08ef19d049c7433db99e186ba534fa9590d55fd96201f494c3e8c009f5c535de
0c2fcbcfcc825cc517d8976af98d147bdf3b9397ec316253198ff811fdbcbb08
26e7601b24e08acbd1d5f44fdea0160e3b2186fbfd92a6e88bc13621325245f6
2a528631ee6636bb7231334d1e4549ad7f898c1d4431e3b3d7f183e6dce4b75b
2fff36388451de8576e600c63767eab5819062e3c2234d602984bec6b87e2168
3260edeac26457c5e4b79bb7ff4d543c4a97f7d293c9b0e134ac6beb6fc3147a
3b92b810f16080825e0280a17de7af03fc6d6b65bdb4a7b7fa51328c122d8c73
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
42bcf02686a3d26ee13f9938cd76eb077bb19b6779294b3ecc3f230577e5084c
4c4b97dfb441def270ea51f27afc963cc8c7b18d64450ed03629b70be17c61fc
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54df5b9f124f9cc54dc355f780788da9cef2374f689b0bdf82925d98e091c068
554cae6fa661d50ec2a9988c1de72ee440b63afa95a7a0bec84f41b44e7b1833
55ff18e1b71f1a3c1fc227e4a20d1b12751324d8f62dd1bf6cf29732ce251233
590f387b0eb98f9507c0697fc62872b8f4047201e2daa1c4dd3169fdc5614d43
70f90e69c2241ecd99710157a12419f22b80a02fdb58a3e2cbeb3e817cd4ed5c
74585feff7909040d493ac94fd96b8cae9c4c5c6b40581cb4096cb977a6e3191
75fd47a458f95ee98e6fcf1f488e301d54b69843ef2ac47a1ce535c620551ad7
799af1d210a9888eb448761cb56bab4ee9f0731d1b2d47ce8db86c9f3c05678d
7dc95e1402a78a129b570c5d4f9b6852bec36bb17b16b87de80f522a2f502fa6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9b5010fa89f392dbc8ef2abc77dfd6e7c2467ca24fdaecf9fab0d882635d7f5f
9ca30e0adc00c234d9dc2d91dedfaa7f79ea198108aaba9b913fed4c5cad7457
a271de7c8eef67f8e11ea368955a830307a90fd3fabf862f35a25449dc40a9dd
abb2c87444ef9f0ad7ff70d880ab21728e26380949753c630fa1831fe62b8026
b1b6a5a294fbf7d28921e39204ae67228cf71b345359d8ba4c3a6866e3acdc92
c51bc8a70066881987f3cb651824cb0b0b3581f73040dfbb79b309599793c4e9
c6899ea5bc25a6be58a7dcac4cd5ac0740cd21ead4bd823a941039fbfca657de
caf48eec7eddede7247abdb61da3bb152f1be17a6a762167c667dd3da24210f8
cddb37be2fb383a6dbd457fb878d6f464d80d6c46fa3c8c30144b9c2ba38ee94
e8f0b2fe84ed504ca925d6ba1194b59d16ad6ddb2ab1967f5c07fe89a84a2ae8
ec61b3f63564535835252ea3de4b9ceba3e349327f545607d7e45132fb1c3052
eed3ae31c253f05262c99705f40c8eeb0aa2955d8f92cc35998e561367d53cd6
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

luznacorp.co Open in urlscan Pro 2606:4700:30::681f:47e3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

55 %IPv6

22 Domains

26 Subdomains

23 IPs

5 Countries

1070 kBTransfer

1791 kBSize

6 Cookies

14 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

luznacorp.co Open in urlscan Pro
2606:4700:30::681f:47e3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

55 %
IPv6

22
Domains

26
Subdomains

23
IPs

5
Countries

1070 kB
Transfer

1791 kB
Size

6
Cookies

41 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!