client.citizensbank.com Open in urlscan Pro
161.71.25.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://accessoptima.com/
Effective URL:
https://client.citizensbank.com/s/
Submission: On March 24 via manual (March 24th 2022, 6:58:13 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 47 HTTP transactions. The main IP is 161.71.25.145, located in London, United Kingdom and belongs to SALESFORCE, US. The main domain is client.citizensbank.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 31st 2022. Valid for: a year.

This is the only time client.citizensbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	69.84.85.34 69.84.85.34	46646 (BT-ASN) (BT-ASN)
1 1	23.37.62.243 23.37.62.243	16625 (AKAMAI-AS) (AKAMAI-AS)
34	161.71.25.145 161.71.25.145	14340 (SALESFORCE) (SALESFORCE)
11	161.71.10.44 161.71.10.44	14340 (SALESFORCE) (SALESFORCE)
2	13.110.68.168 13.110.68.168	14340 (SALESFORCE) (SALESFORCE)
47	4

3 69.84.85.34 (Portsmouth, United States) 3 redirects

ASN46646 (BT-ASN, US)

accessoptima.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.accessoptima.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.62.243 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-62-243.deploy.static.akamaitechnologies.com

gateway.citizenscommercialbanking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 161.71.25.145 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

client.citizensbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 161.71.10.44 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-lhr4.um2-lo3.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.68.168 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg1-c6-iad5.la3-c2-ia5.salesforceliveagent.com

d.la3-c2-ia5.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	citizensbank.com client.citizensbank.com	4 MB
11	force.com service.force.com — Cisco Umbrella Rank: 3562	37 KB
3	accessoptima.com 3 redirects accessoptima.com — Cisco Umbrella Rank: 249989 www.accessoptima.com	2 KB
2	salesforceliveagent.com d.la3-c2-ia5.salesforceliveagent.com — Cisco Umbrella Rank: 67760	4 KB
1	citizenscommercialbanking.com 1 redirects gateway.citizenscommercialbanking.com — Cisco Umbrella Rank: 261692	166 B
47	5

	Domain	Requested by
34	client.citizensbank.com	client.citizensbank.com
11	service.force.com	client.citizensbank.com service.force.com
2	d.la3-c2-ia5.salesforceliveagent.com	client.citizensbank.com
2	accessoptima.com	2 redirects
1	gateway.citizenscommercialbanking.com	1 redirects
1	www.accessoptima.com	1 redirects
47	6

This site contains links to these domains. Also see Links.

Domain
universalportal.citizensbank.com
www.itms-online.com
accessescrow.citizenscommercialbanking.com
www.globaltradeflow.com
sso.citizensbank.com
receivables.regulusgroup.com
cbforex.citizenscommercialbanking.com
www.centresuite.com
secure.paymode.com
www.fislbxcentral.com
sweepnet.citizenscommercialbanking.com
snlnet.citizenscommercialbanking.com
datatransfer.citizensbank.com
www.citizensbank.com
www.fdic.gov

Subject Issuer	Validity	Valid
Client.CitizensBank.com Entrust Certification Authority - L1K	`2022-01-31` - `2023-01-31`	a year	crt.sh
*.um2.force.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-14` - `2023-02-13`	a year	crt.sh
la3-c2-ia5.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://client.citizensbank.com/s/
Frame ID: 43E2FB0F1C65A9D235AA7369112005D6
Requests: 45 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://client.citizensbank.com/s/
Frame ID: AF24644BD62B0E09F01DD8BF0F375C36
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HomeHomeaccessOPTIMACredit CardsACHieve Access

Page URL History Show full URLs

http://accessoptima.com/ HTTP 302
https://accessoptima.com/ HTTP 301
https://www.accessoptima.com/Shibboleth.sso/Login?target=/ui HTTP 302
https://gateway.citizenscommercialbanking.com/ccp/accessoptima.jsp?SAMLRequest=fZLNUoMwFEZfhcm%2BQCktmCnMYLuwM1UZQRdunBBvS... HTTP 302
https://client.citizensbank.com/s/ Page URL

Detected technologies

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

47
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

4359 kB
Transfer

11809 kB
Size

12
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://universalportal.citizensbank.com/sso/login/accessoptima
Title: accessOPTIMA®

Search URL Search Domain Scan URL

URL: https://universalportal.citizensbank.com/sso/login/achieve
Title: ACHieve Access®

Search URL Search Domain Scan URL

URL: https://www.itms-online.com/citizenscommercialbankingaccessdeposit.aspx
Title: accessDEPOSIT®

Search URL Search Domain Scan URL

URL: https://accessescrow.citizenscommercialbanking.com/aews
Title: accessESCROW®

Search URL Search Domain Scan URL

URL: https://www.globaltradeflow.com/tradeweb/app/portal
Title: accessGLOBAL Trade Flow®

Search URL Search Domain Scan URL

URL: https://sso.citizensbank.com/LiquidityRedirect.html
Title: accessLIQUIDITY®

Search URL Search Domain Scan URL

URL: https://receivables.regulusgroup.com/Lockbox/default.htm?C873BC=qjHYSqAQRb0=
Title: accessLOCKBOX®

Search URL Search Domain Scan URL

URL: https://cbforex.citizenscommercialbanking.com/wsscore/servlet/PseudoLoginServlet
Title: CB Forex®

Search URL Search Domain Scan URL

URL: https://sso.citizensbank.com/iconnect.html
Title: Citizens AssetFinanceConnect

Search URL Search Domain Scan URL

URL: https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=%2fcentre%3fCitizens&Citizens
Title: Commercial Credit Cards

Search URL Search Domain Scan URL

URL: https://secure.paymode.com/px/login
Title: Paymode-X®

Search URL Search Domain Scan URL

URL: https://www.fislbxcentral.com/Login.aspx
Title: Retail Lockbox

Search URL Search Domain Scan URL

URL: https://sweepnet.citizenscommercialbanking.com/CheckLogin.aspx?BankID=
Title: SweepNet®

Search URL Search Domain Scan URL

URL: https://snlnet.citizenscommercialbanking.com/SNL
Title: StuckyNet Link

Search URL Search Domain Scan URL

URL: https://datatransfer.citizensbank.com/citizensfilegateway
Title: Transmissions

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/insights.aspx
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/fraud-protection/cyber-security-best-practices.aspx
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/online-access-tools/accessoptima.page
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/fraud-protection/achieve-access.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/managing-receivables/accessdeposit.page
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/managing-liquidity/accessescrow.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/online-access-tools/accessglobaltradeflow.page
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/managing-liquidity/accessliquidity.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/managing-receivables/lockbox.page
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/online-access-tools/cbforex.page
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/financing/equipment-financing-and-leasing.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/credit-card-and-payment-services.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management/making-payments/integrated-payables.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/small-business/cash-management/sweep-account.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/financing/asset-based-lending.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/corporate-finance/treasury-management.aspx
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.fdic.gov/
Title: FDIC Coverage

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://accessoptima.com/ HTTP 302
https://accessoptima.com/ HTTP 301
https://www.accessoptima.com/Shibboleth.sso/Login?target=/ui HTTP 302
https://gateway.citizenscommercialbanking.com/ccp/accessoptima.jsp?SAMLRequest=fZLNUoMwFEZfhcm%2BQCktmCnMYLuwM1UZQRdunBBvSxQS5AZrfXpT8Kdd2G1y7%2FnynckcWV01NOl0Ke%2FgrQPU1kddSaT9RUS6VlLFUCCVrAakmtMsuV5Tz3Zp0yqtuKqIlSBCq4WSCyWxq6HNoH0XHO7v1hEptW6QOg7jHBBVo0XNbK5qJytFUagKdGmbc%2BfA9Zz0NsuJtTQPEZIdkH%2BALdOwY3ubCy0%2BQaJhmCguWFUw%2BSrktqdy3pxGvWBDrNUyIk9BGMyYG05YMRv7MJ1B4HIeTHzwLzYbFwozhtjBSqJmUkfEcz1v5E5Gnp%2BPQzoNqTt%2BJFb6XftSyGcTet5RMQwhvcrzdDSUe4AW%2B2JmgMTzg2naB7dH7s9j2Y9wEv%2BrF3%2F1zp2jjCGwoTcGulqmqhJ8byVVpXaLFozhiIyJEw8rpz8j%2FgI%3D HTTP 302
https://client.citizensbank.com/s/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
client.citizensbank.com/s/
Redirect Chain

http://accessoptima.com/
https://accessoptima.com/
https://www.accessoptima.com/Shibboleth.sso/Login?target=/ui
https://gateway.citizenscommercialbanking.com/ccp/accessoptima.jsp?SAMLRequest=fZLNUoMwFEZfhcm%2BQCktmCnMYLuwM1UZQRdunBBvSxQS5AZrfXpT8Kdd2G1y7%2FnynckcWV01NOl0Ke%2FgrQPU1kddSaT9RUS6VlLFUCCVrAakmtMs...
https://client.citizensbank.com/s/

110 KB
28 KB

919ms
258ms

Document
text/html

161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

9689d36c88cd5ec6a5461618394233a9b0ad9574c3d1dc233209d4b0863ed11b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 24 Mar 2022 18:58:02 GMT
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Strict-Transport-Security: max-age=63072004; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests frame-ancestors 'self'
Referrer-Policy: origin-when-cross-origin
Expires: Wed, 24 Mar 2021 18:58:02 GMT
Content-Type: text/html;charset=UTF-8
Vary: Origin, Accept-Encoding
Last-Modified: Wed, 24 Mar 2021 18:58:02 GMT
Link: </s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.1-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22KbCmDBVbE10iCy1inwbbzA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js>;rel=preload;as=script;nopush
X-FRAME-OPTIONS: SAMEORIGIN
Server-Timing: Total;dur=141
Timing-Allow-Origin: *
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

location: https://client.citizensbank.com/s/
server: BigIP
content-length: 0
date: Thu, 24 Mar 2022 18:58:01 GMT
server-timing: cdn-cache; desc=MISS edge; dur=143 origin; dur=25
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK aura_prod.js Show response
client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/ 756 KB
240 KB 378ms
363ms Script
text/javascript 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

b3c0f4c313dd0b10df279781dc24c220d193e2837630255b77a44bd637a8f07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:02 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 23 Mar 2022 18:58:02 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server-Timing
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=24
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.js Show response
client.citizensbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.1-b%22%2C%22parts%22%3A%22f%22%2C%22loaded... 2 MB
447 KB 55ms
19ms Script
text/javascript 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.1-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22KbCmDBVbE10iCy1inwbbzA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

b5a303d862a4eb33617dd49ff66b7765dcda2409dbe02e2953f74f21518160c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:50:05 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 23 Mar 2022 18:50:05 GMT
Age: 477
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,public,immutable
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 457106
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fonts.css
client.citizensbank.com/s/sfsites/runtimedownload/ 336 KB
241 KB 425ms
411ms Stylesheet
text/css 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/runtimedownload/fonts.css?lastMod=1647020227000&brandSet=13994244-5c43-4809-a4ce-26d4978bfb09

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

be6120f6d95d2e15d1a9d63fccfadbbf9f90b9be9283be9c09c949eece500dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:02 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 11 Mar 2022 17:37:07 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: public,max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Mar 2023 18:58:02 GMT

GET
H/1.1 200
OK app.css
client.citizensbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22KbCm... 973 KB
121 KB 250ms
250ms Stylesheet
text/css 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22KbCmDBVbE10iCy1inwbbzA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityFormFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AsldsFontOverride%22%5D%2C%22tuid%22%3A%22Hlvz_h_ys5YhPTnBR-flJg%22%2C%22cuid%22%3A-164478729%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%2213994244-5c43-4809-a4ce-26d4978bfb09%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%2216%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%223549c569-5704-4f0c-89bf-cad87782e535%22%7D&2

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

9bdc1feabd70ed03398c5ea3999f60e43c4c74d7db711f781d38378a67282624

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:03 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 23 Mar 2022 18:58:03 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK resources.js Show response
client.citizensbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22hXQ6H-x_YQB1RZ2gyQB4Mg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%... 29 KB
8 KB 218ms
218ms Script
text/javascript 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

ee745131cef36e5d08d312b12b27591650d8ea04d794b4297a29fe6bd247c7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:03 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 23 Mar 2022 18:58:03 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,private,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.js Show response
client.citizensbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22hXQ6H-x_YQB1RZ2gyQB4Mg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%... 518 KB
103 KB 425ms
424ms Script
text/javascript 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22hXQ6H-x_YQB1RZ2gyQB4Mg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22KbCmDBVbE10iCy1inwbbzA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22HN9nz6u8TgeBNXZK43oXrA%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/bootstrap.js?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%2213994244-5c43-4809-a4ce-26d4978bfb09%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%2216%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%223549c569-5704-4f0c-89bf-cad87782e535%22%7D

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

6320731b5586452e2f9af103f85d27486faf30f59fcef9465c03ec52aef11d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:03 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 23 Mar 2022 18:58:03 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 532 KB
120 KB 568ms
567ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%22d1eb9c46-2a2b-45b4-a1c0-53110779c3a3%22%2C%22routeType%22%3A%22home%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22params%22%3A%7B%22viewid%22%3A%2292772bbc-4e31-423e-a66b-25ec1059755f%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A16%2C%22brandingSetId%22%3A%2213994244-5c43-4809-a4ce-26d4978bfb09%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22hXQ6H-x_YQB1RZ2gyQB4Mg%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22KbCmDBVbE10iCy1inwbbzA%22%7D%2C%22apck%22%3A%22HN9nz6u8TgeBNXZK43oXrA%22%2C%22uad%22%3Afalse%7D&aura.isAction=true

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

bf2278100205ceaf4647f73f8ba06296873e1a02b381b6e9f5ba7d985c0672be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:04 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 23 Mar 2022 18:58:04 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:04 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 975 KB
230 KB 581ms
581ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=1&aura.Component.getComponentDef=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

eef24385c88f32131798ad8fcdbc5e265c92c9419dee5e1adbd4070fa42b215c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 4221500000e31975c5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:04 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:04 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:04 GMT

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51

Request headers

Referer: https://client.citizensbank.com/
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-woff

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 113 KB
33 KB 441ms
440ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=2&aura.Component.getComponent=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1&ui-self-service-components-profileMenu.ProfileMenu.getProfileMenuResponse=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

a90c13c88354d95b3fddafa77ca5c7f6d73c9a9e57375f62f4b2aaf016152f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 4251700000cdfd6c04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:04 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:04 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=257
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:04 GMT

GET
H/1.1 200
OK CSP_URL_Links Show response
client.citizensbank.com/resource/1647292683000/ 337 B
811 B 19ms
18ms XHR
text/plain 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1647292683000/CSP_URL_Links

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

0e8c3206d929c1ea87ea327a184ff74551989466a00608015a0248b906cb93c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:00:43 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 14 Mar 2022 21:18:03 GMT
Age: 3441
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/plain
Content-Length: 337
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 May 2022 18:00:43 GMT

GET
H/1.1 200
OK CBDScss301
client.citizensbank.com/resource/1646678850000/ 602 KB
47 KB 19ms
18ms Stylesheet
text/css 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDScss301

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

d0b11319ca84de36db526f4788ce3a480b35f650bbf6ea92323901e7d3cd34fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:50:07 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 7 Mar 2022 18:47:30 GMT
Age: 477
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 47577
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 May 2022 18:50:07 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 152 KB
24 KB 429ms
428ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=3&other.CSPApplicationLogin.GetCCPLoginApplication=1&other.DisplayBanner.getBannerText=1&ui-communities-components-aura-components-forceCommunity-managedContent.ManagedContentComponent.getRenderDataFromCollectionNames=1&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

381ad379739fd90d2bf69b06fc69720fd3d9c0d01d89439d1ede32aa51f0120d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 48548000007db9ea8c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:04 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:05 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=318
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:05 GMT

GET
H/1.1 200
OK cbds-logos-citizens.svg Show response
client.citizensbank.com/resource/1646666721000/CBDSlogos200/ 24 KB
3 KB 19ms
19ms XHR
image/svg+xml 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646666721000/CBDSlogos200/cbds-logos-citizens.svg

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

afbf15d128ca73d16c73780b849a155ced55ab2cb8719657e08d2ac8e92bfae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 7 Mar 2022 15:25:21 GMT
Age: 331
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/svg+xml
Vary: Accept-Encoding
Content-Length: 2854
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 May 2022 18:52:33 GMT

GET
H/1.1 200
OK cbds-icons-brand.svg Show response
client.citizensbank.com/resource/1646678850000/CBDSicons290/ 215 KB
83 KB 27ms
19ms XHR
image/svg+xml 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDSicons290/cbds-icons-brand.svg

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

a653d5b9fb9a5489bb78ef7bf252044fa854e701e8a06f34da9c3e937003d25d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:52:33 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 7 Mar 2022 18:47:30 GMT
Age: 331
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/svg+xml
Vary: Accept-Encoding
Content-Length: 84883
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 May 2022 18:52:34 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 1 KB
1 KB 259ms
222ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=4&ui-communities-components-aura-components-forceCommunity-embeddedService.EmbeddedService.getStaticButtonConfigurationValues=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

3fb53400bd6e4bc3ccc40094f9bac20afa0cb11d7e7f774a01ed28bb34978de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 49010000004b373713
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:05 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:05 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=112
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:05 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c3f88a8b295295195a4eb5286402a7e7e294a6524854d762f9610cb75e4360

Request headers

Referer: https://client.citizensbank.com/
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145

Request headers

Referer: https://client.citizensbank.com/
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 404
Not Found FiraSans-Regular.woff
client.citizensbank.com/s/sfsites/c/resource/CBDSFontsFirasans300/fira-sans/ 0
0 159ms
154ms Font
text/html 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/c/resource/CBDSFontsFirasans300/fira-sans/FiraSans-Regular.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:05 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072004; includeSubDomains
P3P: CP="CUR OTR STA"
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found FiraSans-Regular.ttf
client.citizensbank.com/s/sfsites/c/resource/CBDSFontsFirasans300/fira-sans/ 0
0 905ms
904ms Font
text/html 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/c/resource/CBDSFontsFirasans300/fira-sans/FiraSans-Regular.ttf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:05 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072004; includeSubDomains
P3P: CP="CUR OTR STA"
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 2 MB
414 KB 444ms
443ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=5&aura.Component.getComponent=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

0c746ed868f9d24fc9361f3ed15059f0e756a180b7ab5fd8b49693a2f42bce08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 51651000001fba7b3e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:05 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:05 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:05 GMT

GET
H/1.1 200
OK cbds-icons-ui.svg Show response
client.citizensbank.com/resource/1646678850000/CBDSicons290/ 39 KB
11 KB 158ms
157ms XHR
image/svg+xml 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDSicons290/cbds-icons-ui.svg

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

468317fd2e1cc3100467f0a4dbf61bb1d4a623c2c3c6e10d859437cc9fc6ccc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:05 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 7 Mar 2022 18:47:30 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/svg+xml
Vary: Accept-Encoding
Content-Length: 10286
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 May 2022 18:58:05 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7bf040554a97747ad38e592cf42546f448eab1f2f41faebcc5bc8411079324c

Request headers

Referer: https://client.citizensbank.com/
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK MCOGPBLQ36GFBHZA6PRZSMOW7MEA
client.citizensbank.com/cms/delivery/media/ 369 KB
369 KB 831ms
831ms Image
image/png 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.citizensbank.com/cms/delivery/media/MCOGPBLQ36GFBHZA6PRZSMOW7MEA?width=675&height=506

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

20425fe862e623af9d3202f76c0852275de4419d1c116cbf9ef004ec44799d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:05 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 11 Mar 2022 20:01:12 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3600
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="integrated-payables-desktop_Hero_Image_R_2560x770.jpg.png"
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 377707
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Mar 2022 19:58:05 GMT

GET
H/1.1 200
OK MCEAX3S7D4DBCITII7XM25QGQJWE
client.citizensbank.com/cms/delivery/media/ 396 KB
397 KB 1111ms
1107ms Image
image/png 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.citizensbank.com/cms/delivery/media/MCEAX3S7D4DBCITII7XM25QGQJWE?width=675&height=506

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

04c505a2d4fbeaed3722a9e7cf948ec581df1b25e7277a17f5c49ee3a9f9ff9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:05 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 11 Mar 2022 20:02:03 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3600
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="cybersecurity-image-012422.jpg.png"
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: image/png
Content-Length: 405724
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Mar 2022 19:58:05 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 1 KB
1 KB 122ms
122ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=6&ui-communities-components-aura-components-forceCommunity-embeddedService.EmbeddedService.getActiveLanguageCode=1&ui-communities-components-aura-components-forceCommunity-embeddedService.EmbeddedService.getSnippetData=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

5c94c7b6291cdc22559088f4557d7c4df78d4e32f3bf2d6daf3e95d7566cfc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 59072000006075a708
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:06 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=16
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:06 GMT

GET
H/1.1 404
Not Found FiraSans-SemiBold.woff
client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/ 0
0 118ms
118ms Font
application/octet-stream 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-SemiBold.woff

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/resource/1646678850000/CBDScss301

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/resource/1646678850000/CBDScss301
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Referrer-Policy: origin-when-cross-origin
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/octet-stream
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found FiraSans-Regular.woff
client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/ 0
0 119ms
119ms Font
application/octet-stream 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-Regular.woff

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/resource/1646678850000/CBDScss301

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/resource/1646678850000/CBDScss301
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Referrer-Policy: origin-when-cross-origin
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/octet-stream
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found FiraSans-Heavy.woff
client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/ 0
0 119ms
119ms Font
application/octet-stream 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-Heavy.woff

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/resource/1646678850000/CBDScss301

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/resource/1646678850000/CBDScss301
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Referrer-Policy: origin-when-cross-origin
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/octet-stream
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 349ms
22ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

bd770dbc583abfb9295abbdefbab9a3819d6e6a080acc585b1178fd38efee213

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 23:08:45 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 00:02:58 GMT
Age: 71361
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 8308
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Mar 2022 23:08:45 GMT

GET
H/1.1 200
OK FiraSans-SemiBold.ttf
client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/ 428 KB
428 KB 1122ms
1122ms Font
application/octet-stream 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-SemiBold.ttf

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/resource/1646678850000/CBDScss301

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

95386ec5d6fe6c9e670a61412a29b835e2911b2c263a1092f60c2a947ccc9211

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/resource/1646678850000/CBDScss301
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 7 Mar 2022 15:25:21 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/octet-stream
Content-Length: 437824
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 May 2022 18:58:06 GMT

GET
H/1.1 200
OK FiraSans-Regular.ttf
client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/ 394 KB
395 KB 643ms
642ms Font
application/octet-stream 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-Regular.ttf

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/resource/1646678850000/CBDScss301

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

a389cef71891df1232370fcebd7cfde5f74e741967070399adc91fd069b2094b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/resource/1646678850000/CBDScss301
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 7 Mar 2022 15:25:21 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/octet-stream
Content-Length: 403924
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 May 2022 18:58:06 GMT

GET
H/1.1 200
OK FiraSans-Heavy.ttf
client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/ 448 KB
448 KB 24ms
23ms Font
application/octet-stream 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-Heavy.ttf

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/resource/1646678850000/CBDScss301

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

28d8c64ed7db4fbd043e4e183d68585c163c8f13471d4d5391dd8910c5062600

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/resource/1646678850000/CBDScss301
Origin: https://client.citizensbank.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 18:50:08 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 7 Mar 2022 15:25:21 GMT
Age: 478
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/octet-stream
Content-Length: 458684
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 May 2022 18:50:08 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 2 KB
1 KB 360ms
341ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=7&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

e1101bb927a18fcd9bd65a764c285671ffa2e1fa4118c949c028f365bdda77b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 61731000003fb5f601
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:06 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=218
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:06 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 2 KB
1 KB 516ms
194ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=8&ui-search-components-forcesearch-sgdp.PermsAndPrefsCache.getPermsAndPrefs=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

b26aed269ddb2ba930f0b2e77634352eac47b1faf72db547ddcea95d56d1164c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 6182800000a8cdc284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:06 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=16
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:06 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 1 KB
1 KB 519ms
170ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=9&ui-comm-runtime-components-aura-components-siteforce-network-tracking.NetworkTracking.createLogRecord=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

d303be1490640c593107173ff383f1b8b9920706881e3389e0ea821f211907cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
X-SFDC-Page-Cache: 1dd79fbed7944b59
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 6183700000992a3e23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:06 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=17
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:06 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 5 KB
2 KB 21ms
21ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 12:55:14 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:57:30 GMT
Age: 21772
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1918
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Mar 2022 12:55:14 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 20 KB
6 KB 19ms
19ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

978838ebb9190a3520eb9f10b8d97d50cf9bbb0a62819d5afc69180254751133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 13:07:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 19:09:22 GMT
Age: 21060
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5778
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Mar 2022 13:07:06 GMT

GET
H/1.1 200
OK esw.html Show response
service.force.com/embeddedservice/5.0/ Frame AF24 194 B
1 KB 25ms
25ms Document
text/html 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://client.citizensbank.com/s/

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Expires: Fri, 25 Mar 2022 18:58:06 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK eswFrame.min.js Show response
service.force.com/embeddedservice/5.0/ Frame AF24 5 KB
2 KB 20ms
19ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://client.citizensbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 13:07:07 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 Mar 2021 00:36:08 GMT
Age: 21059
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1804
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Mar 2022 13:07:07 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame AF24 2 KB
1 KB 22ms
22ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 08:09:09 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 18:51:46 GMT
Age: 38937
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 768
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Mar 2022 08:09:09 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame AF24 2 KB
1 KB 42ms
19ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 08:09:09 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Age: 38937
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 779
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Mar 2022 08:09:09 GMT

GET
H/1.1 200
OK chasitor.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame AF24 22 KB
5 KB 24ms
20ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

dc1ec9e02f7fd28a008997a1e9ef0360dba6866fe21e7553cee19ad23c41901e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 08:09:10 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 25 May 2021 17:01:20 GMT
Age: 38936
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5016
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Mar 2022 08:09:10 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 1 KB
1 KB 3138ms
3137ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=10&ui-comm-runtime-components-aura-components-siteforce-qb.Quarterback.getAllowedPostMessageOrigins=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

753186edff775ae29b7512ea0ce223a84924c3ab7e7dd05003e61b08c42c1145

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 6660600000f6dc699d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:06 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=32
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:06 GMT

POST
H/1.1 200
OK aura Show response
client.citizensbank.com/s/sfsites/ 1 KB
1 KB 177ms
137ms XHR
application/json 161.71.25.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://client.citizensbank.com/s/sfsites/aura?r=11&ui-comm-runtime-components-aura-components-siteforce-qb.Quarterback.getAllowedPostMessageOrigins=1

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.25.145 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

lo2.4.0p13n000000myracag.00d70000000kjq0eag.gslb.siteforce.com

Software

Resource Hash

1edf5fe6db97e40dac6eae36def3c3841f5fe788d32da36446d042303463b1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.citizensbank.com/s/
Accept-Language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: abfe115b-2e53-486c-956c-c5a585d54ccf
X-SFDC-Request-Id: 66627000007e975ca7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 18:58:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 24 Mar 2021 18:58:06 GMT
Strict-Transport-Security: max-age=63072004; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=32
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Mar 2021 18:58:06 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la3-c2-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/ 17 KB
4 KB 1576ms
96ms Script
text/javascript 13.110.68.168
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la3-c2-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D300000000XHP&EmbeddedServiceConfig.configName=LWC_Group&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=en-US

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.68.168 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg1-c6-iad5.la3-c2-ia5.salesforceliveagent.com

Software

Resource Hash

f9eba243a208eb98d40005f43ab244a26f3c825bb9479a076a6564f14cff1061

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 26ms
24ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 23:06:35 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:25:36 GMT
Age: 71491
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4540
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Mar 2022 23:06:35 GMT

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame AF24 473 B
745 B 21ms
19ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://client.citizensbank.com/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 12:55:17 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 21769
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 231
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Mar 2022 12:55:17 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la3-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/ 345 B
676 B 1542ms
94ms Script
text/javascript 13.110.68.168
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la3-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735a00000097Vk]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725a00000096mK&org_id=00D300000000XHP&version=48

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.68.168 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg1-c6-iad5.la3-c2-ia5.salesforceliveagent.com

Software

Resource Hash

9ca358714d31054cbc6fbbf3cf593884677b66e48e9b476d3420f1fb4c306c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 19ms
19ms Script
application/x-javascript 161.71.10.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: client.citizensbank.com
URL: https://client.citizensbank.com/s/sfsites/auraFW/javascript/hXQ6H-x_YQB1RZ2gyQB4Mg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.10.44 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl5-ncg0-lhr4.um2-lo3.force.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.citizensbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 08:09:10 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 38936
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 2469
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Mar 2022 08:09:10 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.client.citizensbank.com/s	1969-12-31 23:59:59	Name: renderCtx Value: %7B%22pageId%22%3A%223549c569-5704-4f0c-89bf-cad87782e535%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2213994244-5c43-4809-a4ce-26d4978bfb09%22%2C%22audienceIds%22%3A%22%22%7D
accessoptima.com/	1969-12-31 23:59:59	Name: TS0199903a Value: 018972e58f6d67c49f1b9fe9d5f2ed9382f4b999e0c219cddf3dd3ce30bf2b93d79ab0fb20aa1d84979115a69eb597533b849bf718
accessoptima.com/	1969-12-31 23:59:59	Name: TSa9f9e0d2027 Value: 08f9c9c1a6ab2000f15bc67e27caabaeb7ee129675f778b42c1d421b2e6c7022b9f2cfad2392f5ff0899d1e0a211300096216fdb6e43ab46077f9a7f59a810d0ecba1aa93c591dd606b58702be5c400e93521858e52712bb73d236eef9f89a6d
www.accessoptima.com/	1969-12-31 23:59:59	Name: TS0199903a Value: 018972e58f32d2cb7268983bb3968cc1229b338addff025f95eea74209c31a0baba1d5dd1b74fd579d4a411cd4c56db901e0cd676b
www.accessoptima.com/	1969-12-31 23:59:59	Name: TSa9f9e0d2027 Value: 08f9c9c1a6ab20009fc7c6879ad2e38e0aac55c69f454f2c8cbca6befb2478555b46a05d495877750815514de1113000b4bd5b10a6296e8756b414bc1a72248e275f8247e91ea1d67d1b88bea95846b4d9411ae0f108283373e5891f1cc2db59
client.citizensbank.com/	1970-01-20 10:34:44	Name: CookieConsentPolicy Value: 0:1
client.citizensbank.com/	1970-01-20 10:34:44	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.client.citizensbank.com/	1970-01-20 10:34:44	Name: CookieConsentPolicy Value: 0:0
.client.citizensbank.com/	1970-01-20 10:34:44	Name: LSKey-c$CookieConsentPolicy Value: 0:0
client.citizensbank.com/	1970-01-20 01:49:19	Name: sfdc-stream Value: !iywIJ7Q+DPCfQuvn81VVzThJvj1s1xYFlIuwa2+Y/BBQMVPRd02b0aa7XThucORuNA3KLEUP2DE7oRs=
client.citizensbank.com/	1970-01-20 10:34:44	Name: pctrk Value: 333a4ee3-c86d-4ea5-aa89-4c06759ca468
.force.com/	1970-01-20 10:34:44	Name: BrowserId_sec Value: VyMlq6ukEey9D-EcDYbJ9Q

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://client.citizensbank.com/s/sfsites/c/resource/CBDSFontsFirasans300/fira-sans/FiraSans-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://client.citizensbank.com/s/sfsites/c/resource/CBDSFontsFirasans300/fira-sans/FiraSans-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-SemiBold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://client.citizensbank.com/resource/1646678850000/CBDSFontsFirasans301/fira-sans/FiraSans-Heavy.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=63072004; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessoptima.com
client.citizensbank.com
d.la3-c2-ia5.salesforceliveagent.com
gateway.citizenscommercialbanking.com
service.force.com
www.accessoptima.com
13.110.68.168
161.71.10.44
161.71.25.145
23.37.62.243
69.84.85.34
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
04c505a2d4fbeaed3722a9e7cf948ec581df1b25e7277a17f5c49ee3a9f9ff9a
0c746ed868f9d24fc9361f3ed15059f0e756a180b7ab5fd8b49693a2f42bce08
0e8c3206d929c1ea87ea327a184ff74551989466a00608015a0248b906cb93c0
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
1edf5fe6db97e40dac6eae36def3c3841f5fe788d32da36446d042303463b1ac
20425fe862e623af9d3202f76c0852275de4419d1c116cbf9ef004ec44799d18
28d8c64ed7db4fbd043e4e183d68585c163c8f13471d4d5391dd8910c5062600
336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
381ad379739fd90d2bf69b06fc69720fd3d9c0d01d89439d1ede32aa51f0120d
3fb53400bd6e4bc3ccc40094f9bac20afa0cb11d7e7f774a01ed28bb34978de8
468317fd2e1cc3100467f0a4dbf61bb1d4a623c2c3c6e10d859437cc9fc6ccc8
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
5c94c7b6291cdc22559088f4557d7c4df78d4e32f3bf2d6daf3e95d7566cfc8c
6320731b5586452e2f9af103f85d27486faf30f59fcef9465c03ec52aef11d50
718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145
753186edff775ae29b7512ea0ce223a84924c3ab7e7dd05003e61b08c42c1145
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
81c3f88a8b295295195a4eb5286402a7e7e294a6524854d762f9610cb75e4360
95386ec5d6fe6c9e670a61412a29b835e2911b2c263a1092f60c2a947ccc9211
9689d36c88cd5ec6a5461618394233a9b0ad9574c3d1dc233209d4b0863ed11b
978838ebb9190a3520eb9f10b8d97d50cf9bbb0a62819d5afc69180254751133
9bdc1feabd70ed03398c5ea3999f60e43c4c74d7db711f781d38378a67282624
9ca358714d31054cbc6fbbf3cf593884677b66e48e9b476d3420f1fb4c306c8d
a389cef71891df1232370fcebd7cfde5f74e741967070399adc91fd069b2094b
a653d5b9fb9a5489bb78ef7bf252044fa854e701e8a06f34da9c3e937003d25d
a90c13c88354d95b3fddafa77ca5c7f6d73c9a9e57375f62f4b2aaf016152f49
afbf15d128ca73d16c73780b849a155ced55ab2cb8719657e08d2ac8e92bfae1
b26aed269ddb2ba930f0b2e77634352eac47b1faf72db547ddcea95d56d1164c
b3c0f4c313dd0b10df279781dc24c220d193e2837630255b77a44bd637a8f07c
b5a303d862a4eb33617dd49ff66b7765dcda2409dbe02e2953f74f21518160c8
b7bf040554a97747ad38e592cf42546f448eab1f2f41faebcc5bc8411079324c
bd770dbc583abfb9295abbdefbab9a3819d6e6a080acc585b1178fd38efee213
be6120f6d95d2e15d1a9d63fccfadbbf9f90b9be9283be9c09c949eece500dba
bf2278100205ceaf4647f73f8ba06296873e1a02b381b6e9f5ba7d985c0672be
d0b11319ca84de36db526f4788ce3a480b35f650bbf6ea92323901e7d3cd34fc
d303be1490640c593107173ff383f1b8b9920706881e3389e0ea821f211907cb
dc1ec9e02f7fd28a008997a1e9ef0360dba6866fe21e7553cee19ad23c41901e
e1101bb927a18fcd9bd65a764c285671ffa2e1fa4118c949c028f365bdda77b0
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ee745131cef36e5d08d312b12b27591650d8ea04d794b4297a29fe6bd247c7eb
eef24385c88f32131798ad8fcdbc5e265c92c9419dee5e1adbd4070fa42b215c
f9eba243a208eb98d40005f43ab244a26f3c825bb9479a076a6564f14cff1061
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

client.citizensbank.com Open in urlscan Pro 161.71.25.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

4 IPs

3 Countries

4359 kBTransfer

11809 kBSize

12 Cookies

32 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

client.citizensbank.com Open in urlscan Pro
161.71.25.145 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

4359 kB
Transfer

11809 kB
Size

12
Cookies

47 HTTP transactions
4 data transactions