urlscan.io logo urlscan.io
SecurityTrails logo

firstcituzens.com Open in urlscan Pro
104.21.80.51  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://firstcituzens.com/
Effective URL: https://firstcituzens.com/
Submission Tags: @ecarlesi threat phishing citizensbank Search All
Submission: On April 08 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 58 HTTP transactions. The main IP is 104.21.80.51, located in and belongs to CLOUDFLARENET, US. The main domain is firstcituzens.com.
TLS certificate: Issued by GTS CA 1P5 on April 8th 2024. Valid for: 3 months.
This is the only time firstcituzens.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: First Citizens Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
14 104.21.80.51 13335 (CLOUDFLAR...)
7 104.126.37.154 20940 (AKAMAI-ASN1)
1 192.0.54.4 62659 (Q2HOLDINGS)
10 104.19.178.52 13335 (CLOUDFLAR...)
4 23.35.236.237 16625 (AKAMAI-AS)
2 142.250.185.104 15169 (GOOGLE)
1 72.246.168.139 16625 (AKAMAI-AS)
2 108.128.197.68 16509 (AMAZON-02)
1 172.64.155.119 13335 (CLOUDFLAR...)
1 184.27.96.174 16625 (AKAMAI-AS)
1 52.48.219.169 16509 (AMAZON-02)
1 1 52.17.26.1 16509 (AMAZON-02)
1 172.64.161.18 13335 (CLOUDFLAR...)
1 18.185.54.69 16509 (AMAZON-02)
3 104.17.22.84 13335 (CLOUDFLAR...)
1 104.17.3.95 13335 (CLOUDFLAR...)
58 16
14    104.21.80.51 (None, )

ASN13335 (CLOUDFLARENET, US)
firstcituzens.com
7    104.126.37.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-154.deploy.static.akamaitechnologies.com
www.firstcitizens.com
1    192.0.54.4 (United States)

ASN62659 (Q2HOLDINGS, US)
cds-sdkcfg.onlineaccess1.com
10    104.19.178.52 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    23.35.236.237 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-237.deploy.static.akamaitechnologies.com
assets.adobedtm.com
2    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
1    72.246.168.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-139.deploy.static.akamaitechnologies.com
s.go-mpulse.net
2    108.128.197.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-197-68.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    184.27.96.174 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-27-96-174.deploy.static.akamaitechnologies.com
c.go-mpulse.net
1    52.48.219.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-219-169.eu-west-1.compute.amazonaws.com
firstcitizens.demdex.net
1    52.17.26.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-26-1.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    172.64.161.18 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
siteimproveanalytics.com
1    18.185.54.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-54-69.eu-central-1.compute.amazonaws.com
2884.global.siteimproveanalytics.io
3    104.17.22.84 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.sitescdn.net
1    104.17.3.95 (None, )

ASN13335 (CLOUDFLARENET, US)
answers.yext-pixel.com
Apex Domain
Subdomains		 Transfer
14 firstcituzens.com
firstcituzens.com
851 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 474
180 KB
7 firstcitizens.com
www.firstcitizens.com — Cisco Umbrella Rank: 228937
186 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 555
154 KB
3 sitescdn.net
assets.sitescdn.net — Cisco Umbrella Rank: 15856
151 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 316
firstcitizens.demdex.net — Cisco Umbrella Rank: 369853
2 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1982
c.go-mpulse.net — Cisco Umbrella Rank: 845
51 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
199 KB
1 yext-pixel.com
answers.yext-pixel.com — Cisco Umbrella Rank: 55701
321 B
1 siteimproveanalytics.io
2884.global.siteimproveanalytics.io — Cisco Umbrella Rank: 342117
149 B
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 6903
10 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 2143
517 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 927
308 B
1 onlineaccess1.com
cds-sdkcfg.onlineaccess1.com — Cisco Umbrella Rank: 29663
164 KB
58 14
Domain Requested by
14 firstcituzens.com firstcituzens.com
cds-sdkcfg.onlineaccess1.com
10 cdn.cookielaw.org firstcituzens.com
cds-sdkcfg.onlineaccess1.com
cdn.cookielaw.org
7 www.firstcitizens.com firstcituzens.com
www.firstcitizens.com
4 assets.adobedtm.com firstcituzens.com
assets.adobedtm.com
3 assets.sitescdn.net firstcituzens.com
2 dpm.demdex.net cds-sdkcfg.onlineaccess1.com
firstcituzens.com
2 www.googletagmanager.com firstcituzens.com
www.googletagmanager.com
1 answers.yext-pixel.com assets.sitescdn.net
1 2884.global.siteimproveanalytics.io firstcituzens.com
1 siteimproveanalytics.com firstcituzens.com
1 cm.everesttech.net 1 redirects
1 firstcitizens.demdex.net assets.adobedtm.com
1 c.go-mpulse.net s.go-mpulse.net
1 geolocation.onetrust.com cds-sdkcfg.onlineaccess1.com
1 s.go-mpulse.net firstcituzens.com
1 cds-sdkcfg.onlineaccess1.com firstcituzens.com
58 16
Subject Issuer Validity Valid
firstcituzens.com
GTS CA 1P5		 2024-04-08 -
2024-07-07		 3 months crt.sh
www.firstcitizens.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-21 -
2025-03-20		 a year crt.sh
onlineaccess1.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
siteimproveanalytics.com
GTS CA 1P5		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.global.r1.siteimproveanalytics.io
Amazon RSA 2048 M03		 2023-10-26 -
2024-11-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-11 -
2024-07-10		 a year crt.sh
answers.yext-pixel.com
E1		 2024-04-08 -
2024-07-07		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://firstcituzens.com/
Frame ID: 134E1F150034DEFE01B62CC2A9AEEA28
Requests: 56 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/9ANZN-RCJ9F-QUFW5-JGQHZ-K8YTT
Frame ID: 3D4095FDB86BABFABCBA912A18C340FA
Requests: 2 HTTP requests in this frame

Frame: https://firstcitizens.demdex.net/dest5.html?d_nsid=0
Frame ID: 70518173BAF8D4C667EC2EBF284D99EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Personal Banking, Credit Cards, Loans | First Citizens Bank

Page URL History Show full URLs

  1. http://firstcituzens.com/ HTTP 307
    https://firstcituzens.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

58
Requests

84 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

16
IPs

4
Countries

1948 kB
Transfer

6624 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://firstcituzens.com/ HTTP 307
    https://firstcituzens.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://cm.everesttech.net/cm/dd?d_uuid=27481294458626560811169592227780704846 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZhRNFQAAAExJ2AO5

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
firstcituzens.com/
Redirect Chain
  • http://firstcituzens.com/
  • https://firstcituzens.com/
375 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
000eb70ddbc3b020a895d0ea3979f201fff4d35d047ab0e521aba4670fec1aa1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8714d95dca3bbb31-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 08 Apr 2024 20:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRpXMr0fMDvFmpckrJkgLR8ZuT3PK115fXjSa5CHOcBxbzjvqtFwIBrRC5Zkl%2BaB3LnuX1Yu5IxoRPHxRgbtbMe6sSbIWSz%2FVzMTM2ujWc8o2AkaN%2BJOE%2FpgblYo0ggK0zb3mA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

Location
https://firstcituzens.com/
Non-Authoritative-Reason
HttpsUpgrades
clientlib-aem.css
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/ 		490 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.css
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e15842c622fea89cc034324fe2dd70eb7fc1c399689cab7b42770d1518a5994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher2useast1
date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
publish
x-fcb-trace-id
0.96257e68.1712606484.460534a3
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712606484357_1753097622_1174746275_43_12372_9_63_255";dur=1
content-length
49251
last-modified
Thu, 07 Mar 2024 23:27:57 GMT
server
Apache
etag
"7a68d-6131a6ce09940-gzip"
access-control-max-age
1000
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
text/css;charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Access-Control-Request-Method, Access-Control-Request-Headers, __token__,d6gq0uiuiy-a,d6gq0uiuiy-b,d6gq0uiuiy-c,d6gq0uiuiy-d,d6gq0uiuiy-f,d6gq0uiuiy-z,x-okta-user-agent-extended
common.js
cds-sdkcfg.onlineaccess1.com/ 		296 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds-sdkcfg.onlineaccess1.com/common.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b3dc502e2eab807bc0de51f25e60184ca906563a6a0e274c55e6bed5471b69
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 08 Apr 2024 20:01:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
x-ion-hop
prod
cache-control
no-cache, no-store, must-revalidate
cf-ray
8714d95ebe2bbabb-MXP
alt-svc
h3=":443"; ma=86400
expires
0
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Pg1MHDpg+UGdovxhidM4Kg==
age
5385
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6839
x-ms-lease-status
unlocked
last-modified
Mon, 08 Apr 2024 02:14:26 GMT
server
cloudflare
etag
0x8DC57719D9DB136
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b2a5b94a-601e-0006-46cf-890a3c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8714d95e9f0e4c4e-MXP
clientlib-aem.28917d52aaafd548a3cd121ad735ded0.css
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/ 		490 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.28917d52aaafd548a3cd121ad735ded0.css
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e15842c622fea89cc034324fe2dd70eb7fc1c399689cab7b42770d1518a5994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher2useast1
date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
publish
x-fcb-trace-id
0.96257e68.1712606484.460534a2
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712606484294_1753097622_1174746274_860_13062_9_0_255";dur=1
content-length
49251
last-modified
Thu, 07 Mar 2024 23:27:57 GMT
server
Apache
etag
"7a68d-6131a6ce09940-gzip"
access-control-max-age
1000
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
text/css;charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Access-Control-Request-Method, Access-Control-Request-Headers, __token__,d6gq0uiuiy-a,d6gq0uiuiy-b,d6gq0uiuiy-c,d6gq0uiuiy-d,d6gq0uiuiy-f,d6gq0uiuiy-z,x-okta-user-agent-extended
launch-3bb7433af2ae.min.js
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/ 		609 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1181787fb01292547915fdb4b4a38f6c54785393c47fa84891a49bd6758c021d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
last-modified
Wed, 03 Apr 2024 20:23:14 GMT
server
AkamaiNetStorage
etag
"952666920b2a9c057d8ef529574911c2:1712175794.156082"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://firstcituzens.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
141726
expires
Mon, 08 Apr 2024 21:01:24 GMT
image.20230612.png
firstcituzens.com/content/dam/firstcitizens/images/logos/fcb-logo-horiz-web-2020@2x.png.transform/image-scaled-2x-to-1x/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firstcituzens.com/content/dam/firstcitizens/images/logos/fcb-logo-horiz-web-2020@2x.png.transform/image-scaled-2x-to-1x/image.20230612.png
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6de4c56745448a1a68eeac5122b9cbe5358c8a1c5b244e0a386f668ec5d4ce0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 16:51:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6602fcf7-18fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sdzLczcZxahuJcankia134NZhxOKmxULXkepzfdRnTGStVGK%2B9zxQh08cKHrMKh8tO7dJYDY%2FrXCRhjE%2BaKQgKNCmgIS55dqS3L7eWGOfQ553anb2v4k%2B%2FU4q%2FIab7fU8beTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8714d95e5b19bb31-MXP
alt-svc
h3=":443"; ma=86400
content-length
6397
image.20240314.jpeg
firstcituzens.com/content/dam/firstcitizens/images/home-hero/retail-03-2024@2x.jpg.transform/image-scaled-2x-to-1x/ 		313 KB
313 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firstcituzens.com/content/dam/firstcitizens/images/home-hero/retail-03-2024@2x.jpg.transform/image-scaled-2x-to-1x/image.20240314.jpeg
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8629d61aec5ba60b256794110912d81d86dc449045de244af2f5b6c3c91cf4e1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 17:06:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66030088-4e225"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2guhfqlAre5%2BJWP4yrq6%2F7Fb7Nz3rqs%2F6fOin67GDVEBTtxUex18IDc1ihG%2FTmdE0To9aT1I%2BEPgeVUt3MmSsn0Yv0fDxto%2FzJmaD%2FkxoBpq%2FhZWanBvz8QuFBncKHNfEs1hnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8714d95e6b36bb31-MXP
alt-svc
h3=":443"; ma=86400
content-length
320037
clientlib-aem.1b1affea9e3579417fbe161e97f46976.js
firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/ 		339 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.1b1affea9e3579417fbe161e97f46976.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006bdf2a6a7f378d9d44bc42cb282df4d7b432d1971528e80396f87e2ec2bd82

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Mar 2024 23:27:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65ea4d7d-54d48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iRRm%2FvDUGIPvyTXB%2BJxVPzS0Mz9Gv5UqltMlMeG6Un54OcllltdQFiHvqx9q%2BVHoho9A1P4nSLObHR79ZU%2BqH0VS07ICpgw%2BtbFQyZUZcGS9vf2TwEdCNJfsBi6NhPF%2BtklaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8714d95e9b7cbb31-MXP
alt-svc
h3=":443"; ma=86400
clientlib-dependencies.a9dcac4698709ca8e1cbc88363cf0793.js
firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-dependencies.a9dcac4698709ca8e1cbc88363cf0793.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3fdf8e723931b1d002a556813d3a80fde72f2ccdc755b0b253f619bb872f65

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 25 Nov 2019 21:24:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ddc4682-27d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnN%2BhjeNfKiYtk43j5%2BAlg%2F4HrEG90Ny%2BcpVo1KajriwflAaE3fosSYmcuAJORn%2FWkaTttD9XRWQuM0dR%2BN3IwykJ4y0kbd8ejuL1%2FxEQcgsXjKsL14B8c%2BbJGUkii1FHcqdQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8714d95ecbebbb31-MXP
alt-svc
h3=":443"; ma=86400
73b90cc8-385b-4f54-8f21-461a790b4365.json
cdn.cookielaw.org/consent/73b90cc8-385b-4f54-8f21-461a790b4365/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/73b90cc8-385b-4f54-8f21-461a790b4365/73b90cc8-385b-4f54-8f21-461a790b4365.json
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d316f9451452308bc22b3b356df5b8203795d15ed1073f8813a213d616894d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
vlQYqKzc5pkn2YT1F6GyuQ==
content-length
1577
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jan 2024 19:55:52 GMT
server
cloudflare
etag
0x8DC16CD24D9B395
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6c434531-301e-000b-1ced-89c2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8714d960cc405a43-MXP
expires
Tue, 09 Apr 2024 20:01:24 GMT
gtm.js
www.googletagmanager.com/ 		373 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KFXGXXM
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2d0494e84a22060cccc4c7da250a1e9198f7edaa21739f6be834375a27a5e71e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106233
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Apr 2024 20:01:24 GMT
9ANZN-RCJ9F-QUFW5-JGQHZ-K8YTT
s.go-mpulse.net/boomerang/ Frame 3D40 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/9ANZN-RCJ9F-QUFW5-JGQHZ-K8YTT
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Wed, 03 Jan 2024 04:53:11 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
icons.svg
firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/ 		1 MB
238 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/icons.svg
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45010136df22f8680ee679b59f2d97a1b7a94809b6e1c7e1ddf0f82eca883a60

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 07 Apr 2024 17:18:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6612d57c-1061c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qt%2BLZQZl6QSBqaUuiLqj%2F8LwyrnQXjtDcgDMAJ1bX22LVb6Qd4hyZlD0ILZ4ypx5Gzm%2BufJBsSabD9ncX1VCHo4XKzFFz7T8XTRa1EuIIDFCzBU8EnkvhlS0uLSaqFC7a0ifZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8714d960af38bb31-MXP
alt-svc
h3=":443"; ma=86400
ruxitagent_A2SVfqru_10205201116183137.js
www.firstcitizens.com/https://js-cdn.dynatrace.com/jstag/165658ccba3/ 		0
0
wave-pattern-blue.svg
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/ 		135 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/wave-pattern-blue.svg
Requested by
Host: www.firstcitizens.com
URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.28917d52aaafd548a3cd121ad735ded0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
112646b6a3606cf96c0fd6e9247351325cb07fdb8801ec5069c9e6213d44945c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.28917d52aaafd548a3cd121ad735ded0.css
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher2useast1
date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
publish
x-fcb-trace-id
0.96257e68.1712606484.460538bd
server-timing
cdn-cache; desc=HIT, edge; dur=110, origin; dur=0, ak_p; desc="1712606484648_1753097622_1174747325_13103_12655_9_0_146";dur=1
content-length
43609
last-modified
Thu, 06 Aug 2020 21:17:45 GMT
server
Apache
etag
"21ae6-5ac3c04f91040-gzip"
access-control-max-age
1000
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Access-Control-Request-Method, Access-Control-Request-Headers, __token__,d6gq0uiuiy-a,d6gq0uiuiy-b,d6gq0uiuiy-c,d6gq0uiuiy-d,d6gq0uiuiy-f,d6gq0uiuiy-z,x-okta-user-agent-extended
wave-pattern-green.svg
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/ 		135 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/wave-pattern-green.svg
Requested by
Host: www.firstcitizens.com
URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.28917d52aaafd548a3cd121ad735ded0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
033cce384207ee8edc8fbdb8805032c9c646af75159925eb7b3a6cacb9e19810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.28917d52aaafd548a3cd121ad735ded0.css
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher2useast1
date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
publish
x-fcb-trace-id
0.96257e68.1712606484.460538be
server-timing
cdn-cache; desc=HIT, edge; dur=330, origin; dur=0, ak_p; desc="1712606484648_1753097622_1174747326_35028_12631_18_0_146";dur=1
content-length
43610
last-modified
Thu, 06 Aug 2020 21:17:45 GMT
server
Apache
etag
"21ae6-5ac3c04f91040-gzip"
access-control-max-age
1000
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Access-Control-Request-Method, Access-Control-Request-Headers, __token__,d6gq0uiuiy-a,d6gq0uiuiy-b,d6gq0uiuiy-c,d6gq0uiuiy-d,d6gq0uiuiy-f,d6gq0uiuiy-z,x-okta-user-agent-extended
HarmoniaSansStd-Regular.woff2
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ 		0
0
HarmoniaSansStd-Bold.woff2
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ 		0
0
HarmoniaSansStd-SemiBd.woff2
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ 		0
0
image.20200806.jpeg
firstcituzens.com/content/dam/firstcitizens/images/feature-highlight/feature-highlight-background--home@2x.jpg.transform/image-scaled-2x-to-1x/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firstcituzens.com/content/dam/firstcitizens/images/feature-highlight/feature-highlight-background--home@2x.jpg.transform/image-scaled-2x-to-1x/image.20200806.jpeg
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec63eb90ab8df068057937fef6f8d00756faf6f74e121764a7d84572134601ae

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 16:51:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6602fd1f-cc55"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4TGgK3wAMujdDxOXngi49UMQudk2ycj3VyBXl3EAQU2EnDXWr8MMFHOSlZrJ%2B0PuhHa5xQOW%2BtWUU6zOpsVAmqxwORFzuIbPpnOebWUAxizL5HOkTb28u4tyuYQZ3WtDRID4CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8714d960df83bb31-MXP
alt-svc
h3=":443"; ma=86400
content-length
52309
id
dpm.demdex.net/ 		372 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&d_nsid=0&ts=1712606484613
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.128.197.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-197-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c298139ba3f2661c8656886bc0e718cc5e543018b189af7c28c78ac6b50ca176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-2-v059-0572bbc5c.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 08 Apr 2024 20:01:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
Gez9KpFOTo0=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://firstcituzens.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
313
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://firstcituzens.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12687
expires
Mon, 08 Apr 2024 21:01:24 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://firstcituzens.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Mon, 08 Apr 2024 21:01:24 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept
application/json
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8714d961993d0e12-MXP
access-control-allow-headers
Content-Type
HarmoniaSansStd-SemiBd.woff
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ 		0
0
config.json
c.go-mpulse.net/api/ Frame 3D40 		51 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=9ANZN-RCJ9F-QUFW5-JGQHZ-K8YTT&d=firstcituzens.com&t=5708688&v=1.632.0&if=&sl=0&si=wy3r2wvpix-sbn3md&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=596362
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/9ANZN-RCJ9F-QUFW5-JGQHZ-K8YTT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.27.96.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-27-96-174.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22ef828b2da941c88afc7cef78ba0a67a38b268eea42eed52ed2989744e63e16

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 08 Apr 2024 20:01:24 GMT
cache-control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
51
content-type
application/json
HarmoniaSansStd-Bold.woff
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ 		0
0
HarmoniaSansStd-Regular.woff
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ 		0
0
js
www.googletagmanager.com/gtag/ 		278 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZLJSNLKT9D&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFXGXXM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dd49ebd4a7e50ad3e88c74a7764523a2962c69b68cbb46f0e41f68741268ffa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96672
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 Apr 2024 20:01:24 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202401.1.0/ 		429 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
g8NxcYp0IaoBIOhpMNVD1w==
age
85623
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106568
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 09:27:22 GMT
server
cloudflare
etag
0x8DC3E88CB118B87
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
42c1a745-c01e-0052-1f1f-71456b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8714d9620d164c4e-MXP
dest5.html
firstcitizens.demdex.net/ Frame 7051 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://firstcitizens.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/launch-3bb7433af2ae.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.219.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-219-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://firstcituzens.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
it-IT,it;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 08 Apr 2024 20:01:24 GMT
dcs
dcs-prod-irl1-1-v059-0cf6c6176.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Tue, 2 Apr 2024 12:55:51 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
VmUvEBPwRiY=
ibs:dpid=411&dpuuid=ZhRNFQAAAExJ2AO5
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=27481294458626560811169592227780704846
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZhRNFQAAAExJ2AO5
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZhRNFQAAAExJ2AO5
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Server
108.128.197.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-197-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://firstcituzens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v059-015f4c72e.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 08 Apr 2024 20:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
PmMfzptMRTQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZhRNFQAAAExJ2AO5
Date
Mon, 08 Apr 2024 20:01:25 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
token.json
firstcituzens.com/libs/granite/csrf/ 		279 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstcituzens.com/libs/granite/csrf/token.json
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2423d6075a9a13687ea7be8a3570ae16469759dfdfc9814f889faa83126fd4a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRJjQetVh9Dqja4ki7AUhpHjmaDEK5YC%2FaVkO04gEFQpX5tZ4lLhLHvlT8dvwV5F9tR6RCMbnLrrac5XJ1%2BDDiZ7izFRWx8uobqOJwIsfmHgsJXctO4CfUnWAxOPtR9vQYFXyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
8714d96259e1bb31-MXP
alt-svc
h3=":443"; ma=86400
image.20240307.png
firstcituzens.com/content/dam/firstcitizens/images/logos/fcb-logo-brandmark-web.png.transform/image-scaled-2x-to-1x/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firstcituzens.com/content/dam/firstcitizens/images/logos/fcb-logo-brandmark-web.png.transform/image-scaled-2x-to-1x/image.20240307.png
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71497648c319899c9c293e55b39670cc2c1c9cd5b96540fb21741c42115ef772

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 16:51:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6602fd13-5f6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BrZYHsSwSwnXW9d04Uzi3grCOZPBJ4Bhpbxmo2SbNKc0X6Kvb9%2FPtGJcNwD5RHd1lesxZgov5SUJj7UA%2BwbeL2MqHVkoq0whI4M%2By95M6D3Ggb5etOiNNbZLbFggiGRUYrixQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8714d96269f7bb31-MXP
alt-svc
h3=":443"; ma=86400
content-length
1526
siteanalyze_2884.js
siteimproveanalytics.com/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteimproveanalytics.com/js/siteanalyze_2884.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.161.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284706c10cdfe3ae1b1ec4056e93860101ff1b8ea6fc4b859c376c4f30d4e75d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BP3B3E1NTYJ6870W
age
2884
alt-svc
h3=":443"; ma=86400
content-length
9232
x-amz-id-2
dTinX+so1U2q8cryYd86iMSRGu7/oiJXGvf8pWAJ3VfSi2onRZ3eawSOfSS79VWoIoW8V+z4F4E=
last-modified
Wed, 14 Feb 2024 17:14:54 GMT
server
cloudflare
etag
"d379c68baf7d37d6dcb19daa90b67c91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nM3wzt5GDQwEOGSYmWwv7V3bLCtjx48eeVdy1qiWz3OpGJxfI%2BHwcRG17oaa5rhnVoolLp7kGrAmSlDI0%2FN1Bd9fYiMytZUw0Bu7nACCj2qlEEny7%2BikUBIRwuDmrEWMKfapbHSXSew73Ow%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, no-transform
accept-ranges
bytes
cf-ray
8714d962ebea4d67-FRA
resources.default.json
firstcituzens.com/personal/_jcr_content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/ 		279 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firstcituzens.com/personal/_jcr_content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/resources.default.json
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2423d6075a9a13687ea7be8a3570ae16469759dfdfc9814f889faa83126fd4a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vvjh8tC7lbzxBDJnfPd0KQfA1Rk3caAcqVDpfmpPYVLAnaE6pgqTcnlfreb55zJy%2F6Vbe83g2d0NnZsQCH7TYxq3Nmsmf%2FtszpOmahR5%2FbGkPDrTdaSRTQuZH6fyhbSzHhj7NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
8714d9627a11bb31-MXP
alt-svc
h3=":443"; ma=86400
product-data.json
firstcituzens.com/content/dam/firstcitizens/csvs/product-data/ 		279 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firstcituzens.com/content/dam/firstcitizens/csvs/product-data/product-data.json?r=1712606484874
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2423d6075a9a13687ea7be8a3570ae16469759dfdfc9814f889faa83126fd4a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6TzlM%2ByY8CFlrEVg%2Bm8d3s8M2RDA8LP5PkV0mQ2bbPcJTxEJ1sUod2%2BQ9eHFVejS8kAxRqvFvVWiMXxHyCqqid%2BZGqFMGY8AyUkB63FsVK5ZgRDYa%2Fmv9njRHZnMxKVTYzLvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
8714d9627a15bb31-MXP
alt-svc
h3=":443"; ma=86400
image.20200806.png
firstcituzens.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-spending@2x.png.transform/image-scaled-2x-to-1x/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firstcituzens.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/feature-highlight-device-spending@2x.png.transform/image-scaled-2x-to-1x/image.20200806.png
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea5b931aacc25ce8ff796c79111caf1f6a2538a532a029ac9e24c9b4c38dc48

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:24 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 16:47:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6602fc2b-1044d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itP8QnOo0y5642jBxTy8T42KHcPAELx6%2FxPHMQ%2Bik4yg%2B1Z%2B0%2FMKwisUyTT1LGJ2PV30SGtgtYt5eURv2gfArno%2B1lT23xyxV8VoCc9Euxtcvxy69SD0frwL72BMGGZsBV8hDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8714d962ba61bb31-MXP
alt-svc
h3=":443"; ma=86400
content-length
66637
en.json
cdn.cookielaw.org/consent/73b90cc8-385b-4f54-8f21-461a790b4365/182ed918-d59d-448c-88e5-6ebb4a46d59d/ 		96 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/73b90cc8-385b-4f54-8f21-461a790b4365/182ed918-d59d-448c-88e5-6ebb4a46d59d/en.json
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28cc4e50f14f9a26421a460918fa55e4b6445ec0a4a37c19af8bdcd9e0eead8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
qEBg0VHLMgLzYsIj3rLOrQ==
content-length
22605
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jan 2024 19:56:00 GMT
server
cloudflare
etag
0x8DC16CD2996AFB1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
074ae853-201e-0007-67ee-8955e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8714d962dfde5a43-MXP
expires
Tue, 09 Apr 2024 20:01:24 GMT
fa9a899d-e06a-4a37-8ab3-686016a4ad01
https://firstcituzens.com/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://firstcituzens.com/fa9a899d-e06a-4a37-8ab3-686016a4ad01
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
2479
Content-Type
text/javascript
otFlat.json
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otFlat.json
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cY5y5oOgkrkmN13/L7bZ7g==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 09:27:16 GMT
server
cloudflare
etag
0x8DC3E88C74EAA0F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1d9c1d9c-c01e-00a6-29ed-898e9d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8714d96399255a43-MXP
otPcPanel.json
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/ 		64 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/otPcPanel.json
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97844014791e7702e498af1b54139d615fc5a34f9b47cca8dd9d3cce6f645bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
kET5hfPjkeG5s5kxNOyJ/Q==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12859
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 09:27:18 GMT
server
cloudflare
etag
0x8DC3E88C8BB2347
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ca5ed215-701e-001a-7aed-89585c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8714d963a9295a43-MXP
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 09:27:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
31282b9d-101e-009a-80ed-89a75a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8714d963a92e5a43-MXP
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
image.aspx
2884.global.siteimproveanalytics.io/ 		34 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2884.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Ffirstcituzens.com%2F&title=Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%20%7C%20First%20Citizens%20Bank&res=800x600&accountid=2884&rt=1010&prev=4e9c9ab1-d3f3-5494-7af2-7b8f7cf4397e&luid=0be5335e-22f6-d282-c965-67e44ad57888&rnd=79316
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.54.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-54-69.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
date
Mon, 08 Apr 2024 20:01:25 GMT
cache-control
max-age=0
content-length
34
expires
Mon, 08 Apr 2024 20:01:25 UTC
RC689b89c547044024b2c4b37403da7575-source.min.js
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/3ac2c0f0f7c7/ 		1 KB
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/3ac2c0f0f7c7/RC689b89c547044024b2c4b37403da7575-source.min.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-dependencies.a9dcac4698709ca8e1cbc88363cf0793.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d91761231bc7eacac1d54b920416160bcf9b59e248b7ae76679c1084a886d38c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:25 GMT
content-encoding
gzip
last-modified
Wed, 03 Apr 2024 20:23:15 GMT
server
AkamaiNetStorage
etag
"8e673f85041429f1caa13b1aae2ce9eb:1712175795.787839"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://firstcituzens.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
535
expires
Mon, 08 Apr 2024 21:01:25 GMT
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cds-sdkcfg.onlineaccess1.com
URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Mon, 08 Apr 2024 16:40:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8e5db797-701e-000a-2bed-899d34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8714d964db3e5a43-MXP
FCB_logo@2x.png
cdn.cookielaw.org/logos/f2096693-a456-4da9-848a-172aabc3a3c0/f278ae2e-c3a0-4a08-afad-83339245eb46/5bc09852-ca6d-4b38-9e2d-b81b10ff8cae/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/f2096693-a456-4da9-848a-172aabc3a3c0/f278ae2e-c3a0-4a08-afad-83339245eb46/5bc09852-ca6d-4b38-9e2d-b81b10ff8cae/FCB_logo@2x.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ddceb8b21381a5d53e5d415e3e0f0a3f7700fbed16966cb04e9e66eae80ebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
B7zZ6Qf3UBM788LBSPntGA==
age
85574
content-length
21714
x-ms-lease-status
unlocked
last-modified
Thu, 27 Apr 2023 13:14:36 GMT
server
cloudflare
etag
0x8DB472159AF7B86
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
0538f169-401e-005c-25ad-216cdb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8714d964d9734c4e-MXP
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Apr 2024 20:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
81467
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 19:42:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
29b883fd-b01e-0015-0b8c-872e30000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8714d964d9744c4e-MXP
favicon.ico%3Fv=2
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/ 		0
627 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/favicon.ico%3Fv=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher1useast1
date
Mon, 08 Apr 2024 20:01:25 GMT
x-content-type-options
nosniff
server
Apache
x-vhost
publish
access-control-max-age
1000
access-control-allow-methods
GET, OPTIONS, HEAD
x-fcb-trace-id
0.96257e68.1712606485.46054114
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
server-timing
cdn-cache; desc=MISS, edge; dur=118, origin; dur=19, ak_p; desc="1712606485278_1753097622_1174749460_13759_13833_13_0_219";dur=1
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Access-Control-Request-Method, Access-Control-Request-Headers, __token__,d6gq0uiuiy-a,d6gq0uiuiy-b,d6gq0uiuiy-c,d6gq0uiuiy-d,d6gq0uiuiy-f,d6gq0uiuiy-z,x-okta-user-agent-extended
content-length
0
favicon-32x32.png%3Fv=2
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/ 		0
627 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/favicon-32x32.png%3Fv=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher1useast1
date
Mon, 08 Apr 2024 20:01:25 GMT
x-content-type-options
nosniff
server
Apache
x-vhost
publish
access-control-max-age
1000
access-control-allow-methods
GET, OPTIONS, HEAD
x-fcb-trace-id
0.96257e68.1712606485.46054382
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
server-timing
cdn-cache; desc=MISS, edge; dur=117, origin; dur=19, ak_p; desc="1712606485455_1753097622_1174750082_13589_12694_12_0_219";dur=1
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Access-Control-Request-Method, Access-Control-Request-Headers, __token__,d6gq0uiuiy-a,d6gq0uiuiy-b,d6gq0uiuiy-c,d6gq0uiuiy-d,d6gq0uiuiy-f,d6gq0uiuiy-z,x-okta-user-agent-extended
content-length
0
favicon-16x16.png%3Fv=2
www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/ 		0
627 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/favicon-16x16.png%3Fv=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher2useast1
date
Mon, 08 Apr 2024 20:01:25 GMT
x-content-type-options
nosniff
server
Apache
x-vhost
publish
access-control-max-age
1000
access-control-allow-methods
GET, OPTIONS, HEAD
x-fcb-trace-id
0.96257e68.1712606485.460545d0
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
server-timing
cdn-cache; desc=MISS, edge; dur=125, origin; dur=35, ak_p; desc="1712606485632_1753097622_1174750672_16183_13271_12_0_219";dur=1
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Access-Control-Request-Method, Access-Control-Request-Headers, __token__,d6gq0uiuiy-a,d6gq0uiuiy-b,d6gq0uiuiy-c,d6gq0uiuiy-d,d6gq0uiuiy-f,d6gq0uiuiy-z,x-okta-user-agent-extended
content-length
0
answers.css
assets.sitescdn.net/answers-search-bar/v1.5/ 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.sitescdn.net/answers-search-bar/v1.5/answers.css
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.1b1affea9e3579417fbe161e97f46976.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.22.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403ec99441cacff48156ea95969e9eb61fa80cdc67019f65b5f51fa903ad752f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:26 GMT
x-amz-version-id
rUuq0gWpQ8vPDr1wXRf3oDuthJTK9mz1
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Feb 2024 15:52:06 GMT
server
cloudflare
x-amz-request-id
TRBSSMQ9DE0ZWXZY
age
34981
etag
W/"59c959159bd9c9dee3f1e9490d9940fc"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
cf-ray
8714d96f39440e29-MXP
alt-svc
h3=":443"; ma=86400
x-amz-id-2
7fIsigb0raadHVgU8me8ynYbbF6tC3fWpUzDwFgud14IvBT2ADfCZIua8fvdkxoHTcohquRovr0=
answerstemplates.compiled.min.js
assets.sitescdn.net/answers-search-bar/v1.5/ 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sitescdn.net/answers-search-bar/v1.5/answerstemplates.compiled.min.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.1b1affea9e3579417fbe161e97f46976.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.22.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec42dc868fd8626e9d5eeb98d4d888dba09f4a102fe399654abe79fd735e206

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:26 GMT
x-amz-version-id
3FZ2zCYnpSGC_xQOR46F9ZJ8KYNLPGkE
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Feb 2024 15:52:06 GMT
server
cloudflare
x-amz-request-id
332E29J35BQGGE33
age
17533
etag
W/"6494457f8032c98775ff157bf2a1970d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=43200
cf-ray
8714d96f39470e29-MXP
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KhJiOEjubuCuEiI+o8iOwdTYF4jQm8ABFjIS/l9OwvXUWl0GMLd6SC+dmdvY/KXrbeZJ7QBXiQQ=
answers.min.js
assets.sitescdn.net/answers-search-bar/v1.5/ 		434 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sitescdn.net/answers-search-bar/v1.5/answers.min.js
Requested by
Host: firstcituzens.com
URL: https://firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem.1b1affea9e3579417fbe161e97f46976.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.22.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7ebc77bef7d40eb22899b7f5b44aa491a242afdb695d38ec8dd0f587d2f3ee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:26 GMT
x-amz-version-id
n.2XKrd6Gk28VFv7OLP0_EsWxXQfqGwA
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Feb 2024 15:52:06 GMT
server
cloudflare
x-amz-request-id
AJ47TF0HWCQ60C2E
age
17533
etag
W/"bf075e02e336607110569d16fe8f9a5b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=43200
cf-ray
8714d96f39490e29-MXP
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GC9lwfNjfbM1yZTol6V1/1eTTH1cQKttQy/P2poQnpPLhJHwgCrVWNgzdSYeWEp/9yMtFP65eX0=
3065825
answers.yext-pixel.com/realtimeanalytics/data/answers/ 		0
321 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://answers.yext-pixel.com/realtimeanalytics/data/answers/3065825
Requested by
Host: assets.sitescdn.net
URL: https://assets.sitescdn.net/answers-search-bar/v1.5/answers.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.3.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 Apr 2024 20:01:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8714d970ff9a525b-MXP
content-length
0
sys-search@2x.png
firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/ 		960 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firstcituzens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/images/sys-search@2x.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec4955cf8409babc80d8be144ee14fb795dec328c2775178ea9997781429e0c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:27 GMT
cf-cache-status
MISS
last-modified
Sun, 07 Apr 2024 17:14:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6612d45b-3c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrNhXxGWH715zFfdcZO06cPbha0X81sh%2FbawFtSUYiQ%2BMv3MuIvFpjehXNx0v3BsEVPqJjBXh%2BzHaj7Pc4o3bM6AWu7NSbmL3XwkACseMBkOgCNj5TIwO2ehVyNcGUFH%2Bq9Hyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8714d9701adabb31-MXP
alt-svc
h3=":443"; ma=86400
content-length
960
image.20220310.png
firstcituzens.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/bill-pay-device@2x.png.transform/image-scaled-2x-to-1x/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firstcituzens.com/content/dam/firstcitizens/images/feature-highlight/personal-digital-banking/bill-pay-device@2x.png.transform/image-scaled-2x-to-1x/image.20220310.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7abbdda092b84bdce193b855e6c1c9e23e4aaa91206f7a43d6ca59f03659156e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://firstcituzens.com/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:01:28 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 16:50:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6602fcbe-b33f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kGg8zgYXfcvBdxERwygttM4Vf%2BUO3rvJBUE0xBPElZZdC10HK6YC72pZLKHMldgKPVQZJUfQg6MhNZJXSlpTTSCuOMzBW1mbNB00zOUvb8ue2ASO0h9nbuqZLwk1ZZ3RXbaERQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8714d97b781cbb31-MXP
alt-svc
h3=":443"; ma=86400
content-length
45887

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.firstcitizens.com
URL
https://www.firstcitizens.com/https://js-cdn.dynatrace.com/jstag/165658ccba3/ruxitagent_A2SVfqru_10205201116183137.js
Domain
www.firstcitizens.com
URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff2
Domain
www.firstcitizens.com
URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff2
Domain
www.firstcitizens.com
URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff2
Domain
www.firstcitizens.com
URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff
Domain
www.firstcitizens.com
URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff
Domain
www.firstcitizens.com
URL
https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: First Citizens Bank (Banking)

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| q2_collect object| OneTrustStub function| OptanonWrapper object| dataLayer string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| dT_ object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| trackEvent function| resetProgressOnComplete function| trackProgress function| checkProgress object| videos object| _wq function| getEventDetail function| getPayloadDetail function| getComponentRoot function| getComponentName function| getComponentDescription function| getComponentDetails function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| BOOMR_mq object| google_tag_manager object| google_tag_data string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| analyticsUtils function| Dropkick function| iFrameResize function| initializeYextSearchFields function| applyFocusVisiblePolyfill object| Granite function| redirectToSelectedOption undefined| sanitizeText function| onYouTubeIframeAPIReady object| gaGlobal object| _sz number| BOOMR_configt object| Optanon object| OneTrust number| BOOMR_onload object| digitalData object| TemplateBundle object| ANSWERS function| setImmediate function| clearImmediate function| swal function| sweetAlert

16 Cookies

Domain/Path Name / Value
.onlineaccess1.com/ Name: __cfruid
Value: 8b87df1d6bf88868c70469bff4a0ec73205e3158-1712606484
.firstcituzens.com/ Name: dtCookie
Value: -7$14OR3B93U21SGCNUGPHSD12VNTHOI58L
.firstcituzens.com/ Name: rxVisitor
Value: 1712606484592VEBL8AN6H36NCOGD4P066M3214LPJ8AH
.firstcituzens.com/ Name: rxvt
Value: 1712608284593|1712606484593
.firstcituzens.com/ Name: dtPC
Value: -7$206484589_519h1vCDOMIDABVBGPFMPMIMCQCUPDFOOKKPBF-0e0
.firstcituzens.com/ Name: RT
Value: "z=1&dm=firstcituzens.com&si=wy3r2wvpix&ss=lurdoktf&sl=0&tt=0"
.demdex.net/ Name: demdex
Value: 27481294458626560811169592227780704846
.firstcituzens.com/ Name: AMCVS_E6D235355CF7C1DE0A495EEC%40AdobeOrg
Value: 1
firstcituzens.com/ Name: OTCheck
Value: 1
firstcituzens.com/ Name: site-section
Value: personal
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZhRNFQAAAExJ2AO5
.firstcituzens.com/ Name: nmstat
Value: 4e9c9ab1-d3f3-5494-7af2-7b8f7cf4397e
.dpm.demdex.net/ Name: dpm
Value: 27481294458626560811169592227780704846
.firstcituzens.com/ Name: AMCV_E6D235355CF7C1DE0A495EEC%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19822%7CMCMID%7C33666519505516002691774603899228094098%7CMCAAMLH-1713211284%7C6%7CMCAAMB-1713211284%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1712613684s%7CNONE%7CMCSYNCSOP%7C411-19829%7CvVersion%7C5.5.0
.sitescdn.net/ Name: __cf_bm
Value: e1xcvkmeyw24BoURJE1SrOzG50F1pRETIm3A5fCd4EY-1712606486-1.0.1.1-vmXGIJXVTitS9nDYoyOUQu8tF7uYWwJE1Gsc.8uWi58Z_MmSgtnkv_rtUV84q54YDQwwlh5RDLnQkUO38MCp3w
.answers.yext-pixel.com/ Name: __cf_bm
Value: G9jYAgQxgebFjP_pxg7dTchKHN0hUsJ4MBC2EHTSLDw-1712606487-1.0.1.1-qzDYXW5AR8kp1zODz4pmxJcEjTszFxsfx8dKRzZZcJm8IcC4DuVAUb.dO1HTebNnjodHOu.Kg7hBYynnJ8HVScIqVr4ReXVpx85dqBkXHYg

39 Console Messages

Source Level URL
Text
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://firstcituzens.com/(Line 4678)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.firstcitizens.com/https://js-cdn.dynatrace.com/jstag/165658ccba3/ruxitagent_A2SVfqru_10205201116183137.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://firstcituzens.com/(Line 4678)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.firstcitizens.com/https://js-cdn.dynatrace.com/jstag/165658ccba3/ruxitagent_A2SVfqru_10205201116183137.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://firstcituzens.com/
Message:
Access to font at 'https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff2' from origin 'https://firstcituzens.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://firstcituzens.com/
Message:
Access to font at 'https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff2' from origin 'https://firstcituzens.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://firstcituzens.com/
Message:
Access to font at 'https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff2' from origin 'https://firstcituzens.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation verbose URL: https://firstcituzens.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://firstcituzens.com/libs/granite/csrf/token.json
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://firstcituzens.com/
Message:
Access to font at 'https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff' from origin 'https://firstcituzens.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://commercialadvantageapps.firstcitizens.com' that is not equal to the supplied origin.
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Bold.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://firstcituzens.com/content/dam/firstcitizens/csvs/product-data/product-data.json?r=1712606484874
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://firstcituzens.com/personal/_jcr_content/root/globalLayoutContainer/globalLayoutContainer-parsys/layout_container_158999756/col1/resources.default.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
rendering warning URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://firstcituzens.com/
Message:
[.WebGL-0x3c2403b40000]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
rendering warning URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://firstcituzens.com/
Message:
Access to font at 'https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff' from origin 'https://firstcituzens.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://commercialadvantageapps.firstcitizens.com' that is not equal to the supplied origin.
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-SemiBd.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://firstcituzens.com/
Message:
Access to font at 'https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff' from origin 'https://firstcituzens.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://commercialadvantageapps.firstcitizens.com' that is not equal to the supplied origin.
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff
Message:
Failed to load resource: net::ERR_FAILED
rendering warning URL: https://cds-sdkcfg.onlineaccess1.com/common.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/favicon.ico%3Fv=2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/favicon-32x32.png%3Fv=2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/favicon/favicon-16x16.png%3Fv=2
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://firstcituzens.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2884.global.siteimproveanalytics.io
answers.yext-pixel.com
assets.adobedtm.com
assets.sitescdn.net
c.go-mpulse.net
cdn.cookielaw.org
cds-sdkcfg.onlineaccess1.com
cm.everesttech.net
dpm.demdex.net
firstcitizens.demdex.net
firstcituzens.com
geolocation.onetrust.com
s.go-mpulse.net
siteimproveanalytics.com
www.firstcitizens.com
www.googletagmanager.com
www.firstcitizens.com
104.126.37.154
104.17.22.84
104.17.3.95
104.19.178.52
104.21.80.51
108.128.197.68
142.250.185.104
172.64.155.119
172.64.161.18
18.185.54.69
184.27.96.174
192.0.54.4
23.35.236.237
52.17.26.1
52.48.219.169
72.246.168.139
000eb70ddbc3b020a895d0ea3979f201fff4d35d047ab0e521aba4670fec1aa1
006bdf2a6a7f378d9d44bc42cb282df4d7b432d1971528e80396f87e2ec2bd82
033cce384207ee8edc8fbdb8805032c9c646af75159925eb7b3a6cacb9e19810
112646b6a3606cf96c0fd6e9247351325cb07fdb8801ec5069c9e6213d44945c
1181787fb01292547915fdb4b4a38f6c54785393c47fa84891a49bd6758c021d
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
22ef828b2da941c88afc7cef78ba0a67a38b268eea42eed52ed2989744e63e16
23ddceb8b21381a5d53e5d415e3e0f0a3f7700fbed16966cb04e9e66eae80ebd
284706c10cdfe3ae1b1ec4056e93860101ff1b8ea6fc4b859c376c4f30d4e75d
28cc4e50f14f9a26421a460918fa55e4b6445ec0a4a37c19af8bdcd9e0eead8f
2d0494e84a22060cccc4c7da250a1e9198f7edaa21739f6be834375a27a5e71e
2ec42dc868fd8626e9d5eeb98d4d888dba09f4a102fe399654abe79fd735e206
39d316f9451452308bc22b3b356df5b8203795d15ed1073f8813a213d616894d
3e7ebc77bef7d40eb22899b7f5b44aa491a242afdb695d38ec8dd0f587d2f3ee
403ec99441cacff48156ea95969e9eb61fa80cdc67019f65b5f51fa903ad752f
45010136df22f8680ee679b59f2d97a1b7a94809b6e1c7e1ddf0f82eca883a60
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
71497648c319899c9c293e55b39670cc2c1c9cd5b96540fb21741c42115ef772
7abbdda092b84bdce193b855e6c1c9e23e4aaa91206f7a43d6ca59f03659156e
830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb
8629d61aec5ba60b256794110912d81d86dc449045de244af2f5b6c3c91cf4e1
8e15842c622fea89cc034324fe2dd70eb7fc1c399689cab7b42770d1518a5994
8ec4955cf8409babc80d8be144ee14fb795dec328c2775178ea9997781429e0c
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
97844014791e7702e498af1b54139d615fc5a34f9b47cca8dd9d3cce6f645bda
9ea5b931aacc25ce8ff796c79111caf1f6a2538a532a029ac9e24c9b4c38dc48
b6de4c56745448a1a68eeac5122b9cbe5358c8a1c5b244e0a386f668ec5d4ce0
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
c298139ba3f2661c8656886bc0e718cc5e543018b189af7c28c78ac6b50ca176
c9b3dc502e2eab807bc0de51f25e60184ca906563a6a0e274c55e6bed5471b69
ca3fdf8e723931b1d002a556813d3a80fde72f2ccdc755b0b253f619bb872f65
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d91761231bc7eacac1d54b920416160bcf9b59e248b7ae76679c1084a886d38c
dd49ebd4a7e50ad3e88c74a7764523a2962c69b68cbb46f0e41f68741268ffa7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ec63eb90ab8df068057937fef6f8d00756faf6f74e121764a7d84572134601ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2423d6075a9a13687ea7be8a3570ae16469759dfdfc9814f889faa83126fd4a