www.firstcitizensbank.com Open in urlscan Pro
2606:4700:7::a29f:8506 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://firstcitizenscommunitybank.com/
Effective URL:
https://www.firstcitizensbank.com/
Submission Tags: falconsandbox
Submission: On May 26 via api (May 26th 2025, 6:54:10 pm UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 76 HTTP transactions. The main IP is 2606:4700:7::a29f:8506, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.firstcitizensbank.com.
TLS certificate: Issued by WE1 on May 17th 2025. Valid for: 3 months.

This is the only time www.firstcitizensbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.159.130.6 162.159.130.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:7::... 2606:4700:7::a29f:8506	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
8	2606:4700:7::... 2606:4700:7::a29f:8206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.172.114.101 18.172.114.101	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.192.125 18.66.192.125	16509 (AMAZON-02) (AMAZON-02)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.227.219.3 13.227.219.3	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6812:1c9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	34.107.204.85 34.107.204.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.211.137.222 34.211.137.222	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
76	20

1 162.159.130.6 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

firstcitizenscommunitybank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:7::a29f:8506 (United States)

ASN13335 (CLOUDFLARENET, US)

www.firstcitizensbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:7::a29f:8206 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.firstbranchcms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.172.114.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-114-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-125.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-3.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:1c9b (United States)

ASN13335 (CLOUDFLARENET, US)

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com

data.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.211.137.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-137-222.us-west-2.compute.amazonaws.com

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	audioeye.com wsmcdn.audioeye.com — Cisco Umbrella Rank: 5312 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 3522 analytics.audioeye.com — Cisco Umbrella Rank: 3963	305 KB
14	firstcitizensbank.com www.firstcitizensbank.com	201 KB
11	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 1198 insight.adsrvr.org — Cisco Umbrella Rank: 989 match.adsrvr.org — Cisco Umbrella Rank: 387	10 KB
8	firstbranchcms.com cdn.firstbranchcms.com — Cisco Umbrella Rank: 99962	1 MB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	588 KB
4	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 566 data.pendo.io — Cisco Umbrella Rank: 490	168 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	22 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 3699
3	gstatic.com fonts.gstatic.com	100 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1047 script.hotjar.com — Cisco Umbrella Rank: 1287	62 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10258	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 168	555 B
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4316	76 KB
1	firstcitizenscommunitybank.com 1 redirects firstcitizenscommunitybank.com	742 B
0	zixcentral.com Failed link.zixcentral.com Failed
76	16

	Domain	Requested by
14	www.firstcitizensbank.com	www.firstcitizensbank.com
11	wsv3cdn.audioeye.com	wsmcdn.audioeye.com wsv3cdn.audioeye.com
8	cdn.firstbranchcms.com	www.firstcitizensbank.com
6	insight.adsrvr.org	2 redirects js.adsrvr.org
6	www.googletagmanager.com	www.firstcitizensbank.com www.googletagmanager.com
4	fonts.googleapis.com	www.firstcitizensbank.com wsv3cdn.audioeye.com
3	analytics.audioeye.com	wsv3cdn.audioeye.com
3	data.pendo.io	cdn.pendo.io
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	js.adsrvr.org	www.firstcitizensbank.com match.adsrvr.org
2	match.adsrvr.org	js.adsrvr.org
2	region1.analytics.google.com	www.googletagmanager.com
1	wsmcdn.audioeye.com	www.firstcitizensbank.com
1	www.google.de	www.firstcitizensbank.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	netdna.bootstrapcdn.com	www.firstcitizensbank.com
1	cdn.pendo.io	www.firstcitizensbank.com
1	static.hotjar.com	www.firstcitizensbank.com
1	firstcitizenscommunitybank.com	1 redirects
0	link.zixcentral.com Failed	www.firstcitizensbank.com
76	23

This site contains links to these domains. Also see Links.

Domain
payments.mwamplifi.com
www.ordermychecks.com
www.fccbwealthadvisors.com
investor.broadridge.com
www.netteller.com
firstcitizensbank.teachbanzai.com
www.401k.com
icp.infovisa.com
www.mycardstatement.com
link.zixcentral.com
www.mortgagesmadesimple.com
play.google.com
itunes.apple.com
www.facebook.com
www.thisisfirstbranch.com
www.fdic.gov

Subject Issuer	Validity	Valid
www.firstcitizensbank.com WE1	`2025-05-17` - `2025-08-15`	3 months	crt.sh
*.google-analytics.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
cdn.firstbranchcms.com E5	`2025-04-08` - `2025-07-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
upload.video.google.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M02	`2025-04-22` - `2026-05-22`	a year	crt.sh
cdn.pendo.io WR3	`2025-05-08` - `2025-08-06`	3 months	crt.sh
*.gstatic.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
bootstrapcdn.com WE1	`2025-05-14` - `2025-08-12`	3 months	crt.sh
*.google.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.google.de WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
wsmcdn.audioeye.com WE1	`2025-04-03` - `2025-07-02`	3 months	crt.sh
pendo.io WR3	`2025-04-30` - `2025-07-29`	3 months	crt.sh
wsv3cdn.audioeye.com WE1	`2025-05-06` - `2025-08-04`	3 months	crt.sh
report-prod.audioeye.com Amazon RSA 2048 M03	`2024-08-18` - `2025-09-17`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.firstcitizensbank.com/
Frame ID: 2AD76B219DD9CF7F2BFE3CCE82453C69
Requests: 67 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Fwww.firstcitizensbank.com
Frame ID: 1D1726934417B79EEE6BAC9688F55FBA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1
Frame ID: 7C3A65263C99C383AD0D7279BDA8893C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1
Frame ID: AD67A0AD325C151F377A3411602F69A4
Requests: 2 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/cookieStorage.html
Frame ID: BC30C856B357DEF82BE757EB72582C60
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

First Citizens Community Bank | Personal & Business Banking

Page URL History Show full URLs

https://firstcitizenscommunitybank.com/ HTTP 301
https://www.firstcitizensbank.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

76
Requests

97 %
HTTPS

40 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

2574 kB
Transfer

5553 kB
Size

15
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://payments.mwamplifi.com/v2/c/154/
Title: Make a Loan Payment

Search URL Search Domain Scan URL

URL: https://www.ordermychecks.com/login_a.jsp
Title: Reorder Checks

Search URL Search Domain Scan URL

URL: https://www.fccbwealthadvisors.com/
Title: Visit FCCB Wealth Advisors

Search URL Search Domain Scan URL

URL: https://investor.broadridge.com/
Title: Shareholder Account Access

Search URL Search Domain Scan URL

URL: https://www.netteller.com/login2008/Authentication/Views/Login.aspx?returnUrl=%2Fmansfield
Title: Enroll in Online Banking

Search URL Search Domain Scan URL

URL: https://firstcitizensbank.teachbanzai.com/wellness
Title: FCCB Academy

Search URL Search Domain Scan URL

URL: https://www.netteller.com/mansfield
Title: NetTeller/eStatement Account Log In

Search URL Search Domain Scan URL

URL: http://www.401k.com/
Title: My Retirement Account

Search URL Search Domain Scan URL

URL: https://icp.infovisa.com/0239
Title: My Trust Account

Search URL Search Domain Scan URL

URL: https://www.mycardstatement.com/#/
Title: Credit Card Account Access

Search URL Search Domain Scan URL

URL: https://link.zixcentral.com/u/28a3a10d/tGW1iOco6xGpQxTphnsoMg?u=https%3A%2F%2Fwww.uasconnect.com%2Fauth%2Flogin
Title: Student Loan Account Access

Search URL Search Domain Scan URL

URL: http://www.mortgagesmadesimple.com/
Title: It's free, carries no obligation, and makes you a more attractive buyer!

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.firstcitizensbank
Title: Google play store

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/fccb/id809930960?mt=8
Title: Apple App store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FirstCitizensCommunityBank
Title: Connect with us

Search URL Search Domain Scan URL

URL: https://www.thisisfirstbranch.com/
Title: Powered by First Branch Powered by First Branch Powered by FIRSTBranch.cls-4{fill:#d41a27;}.cls-5{fill:#000;}

Search URL Search Domain Scan URL

URL: https://www.fdic.gov/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://firstcitizenscommunitybank.com/ HTTP 301
https://www.firstcitizensbank.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://insight.adsrvr.org/track/cei?adv=1x23dye&ref=https%3A%2F%2Fwww.firstcitizensbank.com%2F&upid=mq166gf&upv=1.1.0&paapi=1 HTTP 302
https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1

Request Chain 47

https://insight.adsrvr.org/track/cei?adv=1x23dye&ref=https%3A%2F%2Fwww.firstcitizensbank.com%2F&upid=mq166gf&upv=1.1.0&paapi=1 HTTP 302
https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.firstcitizensbank.com/
Redirect Chain

https://firstcitizenscommunitybank.com/
https://www.firstcitizensbank.com/

53 KB
11 KB

1790ms
1428ms

Document
text/html

2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6524cdf90b69eab3b2cd8c260c9c565cf97941c23dc7a47d9c042709bb369294

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 945f7acd8c2c4db4-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests; base-uri 'none';
content-type: text/html; charset=UTF-8
date: Mon, 26 May 2025 18:54:13 GMT
expires: Mon, 26 May 2025 22:54:13 GMT
last-modified: Mon, 26 May 2025 18:54:13 GMT
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-firstbase: 1
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 945f7ac66b1e2189-MAD
content-security-policy: upgrade-insecure-requests; base-uri 'none';
content-type: text/html; charset=UTF-8
date: Mon, 26 May 2025 18:54:11 GMT
expires: Mon, 26 May 2025 22:54:11 GMT
location: https://www.firstcitizensbank.com
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-firstbase: 1
x-frame-options: SAMEORIGIN

GET
H2 200 custom.min.css
www.firstcitizensbank.com/custom/firstcitizensbank3/css/ 300 KB
59 KB 800ms
799ms Stylesheet
text/css 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/firstcitizensbank3/css/custom.min.css

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb0c6b8df80bad4cb314fdb342e7cfcf4b6ff7a0d0884121a5d71f736bca9dcc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"66a14e7d-4af87"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:14 GMT
date: Mon, 26 May 2025 18:54:14 GMT
content-type: text/css
last-modified: Wed, 24 Jul 2024 18:57:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7ad68c1a4db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 siteAlertDefault.css
www.firstcitizensbank.com/view/tal/tallibrary/css/ 967 B
571 B 712ms
711ms Stylesheet
text/css 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/view/tal/tallibrary/css/siteAlertDefault.css

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8307990166654796c13f399af94cf673956d425e1a289b2d0c9537eb4420308

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"681d1516-3c7"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:14 GMT
date: Mon, 26 May 2025 18:54:14 GMT
content-type: text/css
last-modified: Thu, 08 May 2025 20:33:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7ad68c1c4db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
109 KB 78ms
42ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1007886338

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7aac4e716c8b0e09380e2b7513319bcba2347c028e1aad8b5ef8623bba1967e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 18:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 26 May 2025 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 111104
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
91 KB 107ms
71ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104987168-1

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0778ebeffbc240eeda902ea3026613b2388af37fe3822644b8cd5022b69bd605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 18:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 93124
x-xss-protection: 0
server: Google Tag Manager

GET PvS9faY97RGOEZkoh3soMg
link.zixcentral.com/u/5214b34f/ 0
0

GET aAW_bQZE7RGSV2y4hnsoMg
link.zixcentral.com/u/18f3bcb1/ 0
0

GET
H2 200 all.min.js Show response
www.firstcitizensbank.com/custom/firstcitizensbank3/javascript/ 215 KB
70 KB 874ms
873ms Script
application/javascript 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/firstcitizensbank3/javascript/all.min.js

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b09d97be2f2535bde1b4833c8c324aa4472e07f98b521dec2fa6ecdfdf5368

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"67c8cad9-35a99"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:14 GMT
date: Mon, 26 May 2025 18:54:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 05 Mar 2025 22:06:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7ad68c204db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 logo-2x-new.png
www.firstcitizensbank.com/custom/firstcitizensbank3/image/ 18 KB
18 KB 776ms
776ms Image
image/webp 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://www.firstcitizensbank.com/custom/firstcitizensbank3/image/logo-2x-new.png

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad03cb68ca57b181681e19ec4fb023dc77a4b5515cfca02322d8e09507178ccb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "60998d38-a10a"
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:14 GMT
cf-polished: origFmt=png, origSize=41226
date: Mon, 26 May 2025 18:54:14 GMT
content-type: image/webp
content-disposition: inline; filename="logo-2x-new.webp"
vary: Accept
last-modified: Mon, 10 May 2021 19:44:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7ad68c224db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
accept-ranges: bytes
content-length: 18576
server: cloudflare

GET
H2 200 image.png
cdn.firstbranchcms.com/kcms-structure/3ff20a9d-1cfd-43b3-8951-aca7b649ba44/ 226 KB
227 KB 612ms
509ms Image
image/webp 2606:4700:7::a29f:8206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.firstbranchcms.com/kcms-structure/3ff20a9d-1cfd-43b3-8951-aca7b649ba44/image.png

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

023debc7d705e7c4cd6ffec27c761619c77f79b60e5a4fd9798fbb5c150ace2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "9ef78029c42485c92e173315d9ce48cc"
x-amz-version-id: .JKQgtJdlvpaugk6CY7E50o.Tyjm0tmW
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:14 GMT
cf-polished: origFmt=png, origSize=355354
date: Mon, 26 May 2025 18:54:14 GMT
content-type: image/webp
content-disposition: inline; filename="image.webp"
vary: Accept
last-modified: Mon, 30 Aug 2021 13:51:54 GMT
x-amz-id-2: v0LnnGFCbkUBLL4IeTXPkMNUCAR8YPr4oHfDeb04hOvsem/dxTvhNKy0L6vY37JmfVFR/8ITqxE=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
x-amz-request-id: WD3X0X0YF7830PXR
cf-ray: 945f7ad72f9cc0eb-FRA
accept-ranges: bytes
content-length: 231398
server: cloudflare

GET
H2 200 compliance-logos.js Show response
www.firstcitizensbank.com/custom/fed-library/production/js-library/ 35 KB
12 KB 716ms
715ms Script
application/javascript 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/fed-library/production/js-library/compliance-logos.js

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

514f84ced013e47dc240550741eba0327c30a0c1ee0572a635e9db2607212add

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"67eee956-8d2b"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
date: Mon, 26 May 2025 18:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Apr 2025 20:02:30 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7adc29d04db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 warning.js Show response
www.firstcitizensbank.com/custom/fed-library/production/browserwarn/v3/ 4 KB
2 KB 841ms
840ms Script
application/javascript 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/fed-library/production/browserwarn/v3/warning.js

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff66548920a087ec78649085d07185ae1cb93e7ace510ae389caa9da131ea93f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"656a08a2-11ce"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:14 GMT
date: Mon, 26 May 2025 18:54:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 01 Dec 2023 16:24:02 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7ada88664db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 ls.bgset.min.js Show response
www.firstcitizensbank.com/custom/fed-library/production/lazysizes/ 3 KB
1 KB 723ms
723ms Script
application/javascript 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/fed-library/production/lazysizes/ls.bgset.min.js

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d96a9a10cd340fe587c45c092c018051ecaf0acf0a861dd266a2c979d48689

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"5efb7ca2-bb1"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
date: Mon, 26 May 2025 18:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Jun 2020 17:55:46 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7adb692b4db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 ls.respimg.min.js Show response
www.firstcitizensbank.com/custom/fed-library/production/lazysizes/ 4 KB
2 KB 1012ms
1010ms Script
application/javascript 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/fed-library/production/lazysizes/ls.respimg.min.js

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65cbc79128d0be357e842635e6ef56476209a7a4928c9cac8cfe75cb753a836

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"5efb7ca1-e63"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
date: Mon, 26 May 2025 18:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Jun 2020 17:55:45 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7adc29c74db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 lazysizes.min.js Show response
www.firstcitizensbank.com/custom/fed-library/production/lazysizes/ 7 KB
3 KB 820ms
818ms Script
application/javascript 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/fed-library/production/lazysizes/lazysizes.min.js

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"5efb7ca2-1c43"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
date: Mon, 26 May 2025 18:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Jun 2020 17:55:46 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7adc29ca4db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 16 KB
7 KB 40ms
9ms Script
application/javascript 18.172.114.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.114.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-114-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 997985fd2176679d0a0bd9250a9b6142e3335076b43da211f9db12cddd54e72b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"b0562cc8a1ea42d64a72752319e6bf61"
Age: 24310
Connection: keep-alive
Via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: k_iebwkGPsFAOi8Ub7ODG0XQdsPRo2WGy7jCjiQWTufDLzRwLyoXNA==
Date: Mon, 26 May 2025 12:09:05 GMT
Content-Type: application/javascript
Last-Modified: Sun, 25 May 2025 12:07:42 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 audioeye-api.js Show response
www.firstcitizensbank.com/custom/fed-library/production/audioeye/ 568 B
358 B 796ms
794ms Script
application/javascript 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/fed-library/production/audioeye/audioeye-api.js

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995689497ada67f8588709b19705f21d443afea5e2b63dcfc9b6176ccc32a14c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"62100555-238"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
date: Mon, 26 May 2025 18:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Feb 2022 20:45:09 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7adc29cd4db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 print.css
www.firstcitizensbank.com/custom/firstcitizensbank3/css/ 570 B
388 B 761ms
761ms Stylesheet
text/css 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/firstcitizensbank3/css/print.css

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5c8e2fcf1939dff3877e313bd854a9231b7abe21c882acab270724c68662f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"5efe5399-23a"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
date: Mon, 26 May 2025 18:54:15 GMT
content-type: text/css
last-modified: Thu, 02 Jul 2020 21:37:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7adc29d14db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 47 KB
2 KB 66ms
26ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,600,700,700i

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/custom/firstcitizensbank3/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d1bb9b805f5a2506e52cb8ef1faff71253bfcebe0375748f2fe7a6497728701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 18:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 18:54:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 62ms
23ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/custom/firstcitizensbank3/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3dbc7feacdc4014f3b45509b1dedcdaa2bbcad56983d1632a9bad35038b338c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 18:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 17:27:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 376 KB
126 KB 111ms
76ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKLBV5P

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef67ff8eb4ad33ea0ccdef3ea49ee11f6a460ed4c62bed254055493137120e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1317:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1317:0"}],}
expires: Mon, 26 May 2025 18:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 26 May 2025 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1317:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1317:0
content-length: 129110
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-2364864.js Show response
static.hotjar.com/c/ 15 KB
6 KB 98ms
47ms Script
application/javascript 18.66.192.125
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2364864.js?sv=6

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-125.muc50.r.cloudfront.net

Software

Resource Hash

cda6b617d1e3d4e9c605d4070449b7d0c4fe9d863e646c05091dfc03f2a7e75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/50eaffab40f7143528ebf3210cab9a7a
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: ltQvi69cWb4DGJ6Iw_yUEDPVLG1sdCgTrfVPVYyyPqe6Ye5luJnHNw==
date: Mon, 26 May 2025 18:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: MUC50-P1

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/6c77c00c-077f-43ba-5267-43d26a27a4c2/ 511 KB
167 KB 65ms
16ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://cdn.pendo.io/agent/static/6c77c00c-077f-43ba-5267-43d26a27a4c2/pendo.js

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

d0365ec68f43a7c26dde364f8ae337d5918053a41e5126b25d66370f5038a156

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=5JvvxA==, md5=+7wSrV+b+j8AIyUmQ/QEJw==
etag: "fbbc12ad5f9bfa3f0023252643f40427"
age: 40
x-goog-stored-content-encoding: gzip
alt-svc: clear
x-goog-stored-content-length: 170779
date: Mon, 26 May 2025 18:53:34 GMT
last-modified: Thu, 22 May 2025 18:16:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-guploader-uploadid: AAO2VwpR0dKuizzThIv_FKs1sMHkbhkLhPZd35JPDS8lv5j324N1I90wKKZIk1xJH5ZZsG6VteGLJu8
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public,max-age=450
x-goog-storage-class: STANDARD
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1747937811595459
content-length: 170779
server: UploadServer

GET
H2 200 desktopImage.jpeg
cdn.firstbranchcms.com/kcms-structure/eacfd14c-d07f-4aae-bdd2-1eb49f4bc72c/ 98 KB
99 KB 478ms
477ms Image
image/jpeg 2606:4700:7::a29f:8206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.firstbranchcms.com/kcms-structure/eacfd14c-d07f-4aae-bdd2-1eb49f4bc72c/desktopImage.jpeg

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45a3ca76596642db7e5a535af01a22e25f89180bedf1faa7a923ddac9ea9956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "82693059c6d49cec28f930184921310a"
x-amz-version-id: kP48bnfxQFxj5G1dI5RcLniqh6L5O_Bo
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:14 GMT
cf-polished: origSize=106793
date: Mon, 26 May 2025 18:54:14 GMT
content-type: image/jpeg
last-modified: Thu, 08 May 2025 18:40:42 GMT
vary: Accept-Encoding
x-amz-id-2: 1QreoZ9yKCJUpGYvZyhY5Ur5NLhe8ydATPe/M0sFC7DOCBRjXN+dm7KSSDYNbLFSMPQV8qDf29U=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
x-amz-request-id: W0XG86REX21A31A4
cf-ray: 945f7adc2e32c0eb-FRA
accept-ranges: bytes
content-length: 100838
server: cloudflare

GET
H2 200 desktopImage.jpeg
cdn.firstbranchcms.com/kcms-structure/f5370c64-46bf-45f6-901d-7cad67793cf3/ 61 KB
61 KB 444ms
444ms Image
image/jpeg 2606:4700:7::a29f:8206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.firstbranchcms.com/kcms-structure/f5370c64-46bf-45f6-901d-7cad67793cf3/desktopImage.jpeg

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be3e45c65a7c766b3459630161426f2e749b081d5eed081cdf3ef4335d9b7be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "af7529a072f26074e6f5fbb522ad274c"
x-amz-version-id: e.3xoUEdoZjsAX2zb.GGp0nrJpLJlTHc
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:14 GMT
cf-polished: origSize=69558
date: Mon, 26 May 2025 18:54:14 GMT
content-type: image/jpeg
last-modified: Thu, 02 Jan 2025 14:14:31 GMT
vary: Accept-Encoding
x-amz-id-2: QGjG+V7r5Mn0A+1Cd4eOaXo71AIVrCu4oZ33NctPS7GWE2VHpoMJd3/cHmOpxW/hfgEQ6pZQ36k=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
x-amz-request-id: HJANKD3JRAG51KKY
cf-ray: 945f7adc2e35c0eb-FRA
accept-ranges: bytes
content-length: 62251
server: cloudflare

GET
H2 200 sprites-2x.png
www.firstcitizensbank.com/custom/firstcitizensbank3/image/ 18 KB
18 KB 944ms
944ms Image
image/webp 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://www.firstcitizensbank.com/custom/firstcitizensbank3/image/sprites-2x.png

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/custom/firstcitizensbank3/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c110ddd8223d630e6af5f986756b01a4dc4901adb5904247b1df38ace3148aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/custom/firstcitizensbank3/css/custom.min.css

Response headers

cf-bgj: imgq:100,h2pri
etag: "5efe5387-960c"
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
cf-polished: origFmt=png, origSize=38412
date: Mon, 26 May 2025 18:54:15 GMT
content-type: image/webp
content-disposition: inline; filename="sprites-2x.webp"
vary: Accept
last-modified: Thu, 02 Jul 2020 21:37:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7adc2a4c4db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
accept-ranges: bytes
content-length: 18266
server: cloudflare

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 39 KB
39 KB 38ms
14ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,600,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.firstcitizensbank.com
Referer: https://fonts.googleapis.com/

Response headers

age: 217951
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 24 May 2026 06:21:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 24 May 2025 06:21:43 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 50ms
23ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/custom/firstcitizensbank3/css/custom.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.firstcitizensbank.com
Referer: https://www.firstcitizensbank.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "af7ae505a9eed503f8b8e6982036873e"
age: 571590
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 26 May 2025 18:54:14 GMT
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
content-type: font/woff2
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/28/2025 11:42:03
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0b6801228e20811096b8302e878a5472
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.22
cf-ray: 945f7adc7a22de38-AMS
access-control-allow-origin: *
cdn-edgestorageid: 1077
server: cloudflare
cdn-requestcountrycode: DE

GET
H2 200 modules.f5772d147096c4644991.js Show response
script.hotjar.com/ 224 KB
56 KB 71ms
17ms Script
application/javascript 13.227.219.3
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://script.hotjar.com/modules.f5772d147096c4644991.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2364864.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-3.ams54.r.cloudfront.net

Software

Resource Hash

e40f65481ad4bc0e042c6f3dbe6d011f05fe84e5a5921962f5a8f32c84b8e999

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "fa00874f2a83ba99ac8632b86a0817c2"
age: 380288
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: GNeG5xpLZnakxjHy6mYiYzBQRALgubnb8PdEtz14_yA59nISVDxVpg==
date: Thu, 22 May 2025 09:16:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 22 May 2025 09:15:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56750
x-amz-cf-pop: AMS54-C1

POST
H3 200 collect
www.google.com/ccm/ 0
0 69ms
23ms Fetch
text/plain 142.250.186.100
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?tid=AW-1007886338&en=page_view&dl=https%3A%2F%2Fwww.firstcitizensbank.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=513016566.1748285655&dt=First%20Citizens%20Community%20Bank%20%7C%20Personal%20%26%20Business%20Banking&auid=1279655650.1748285655&navt=n&npa=1&gtm=45be55l1za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635&tft=1748285654604&tfd=4135&apve=1&apvf=f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1007886338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 442 KB
143 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5ZJBKDQYHZ&cx=c&gtm=457e55l1za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104987168-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d11021564d71f052393968a0fe286cc0e5f6c2977f5845aefb2d307e435983ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 18:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 146535
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 52ms
15ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104987168-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: gzip
age: 5145
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 19:28:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 17:28:29 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 335 KB
116 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11263057005&cx=c&gtm=45He55l1v813423273za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKLBV5P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c5ac602d9e32795f75da8415f4df615a14f3d0e7243ad822573afb53a669352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 18:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 26 May 2025 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 118293
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/55j0/ Frame 1D17 3 KB
2 KB 50ms
14ms Document
text/html 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Fwww.firstcitizensbank.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1007886338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 38756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 08:08:18 GMT
expires: Tue, 26 May 2026 08:08:18 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
457 B 20ms
19ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=937044310&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstcitizensbank.com%2F&ul=de-de&de=UTF-8&dt=First%20Citizens%20Community%20Bank%20%7C%20Personal%20%26%20Business%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=898557156&gjid=264091164&cid=1644754869.1748285655&tid=UA-104987168-1&_gid=2129868911.1748285655&_r=1&gtm=457e55l1za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&jsscut=1&npa=1&z=1605392283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.firstcitizensbank.com/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.firstcitizensbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 1
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
73 B 19ms
19ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=937044310&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstcitizensbank.com%2F&ul=de-de&de=UTF-8&dt=First%20Citizens%20Community%20Bank%20%7C%20Personal%20%26%20Business%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=969626205&gjid=727738143&cid=1644754869.1748285655&tid=UA-104987168-1&_gid=2129868911.1748285655&_r=1&_slc=1&gtm=45He55l1n81TKLBV5Pv813423273za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&npa=1&z=379493482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.firstcitizensbank.com/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.firstcitizensbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 3
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 54ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5ZJBKDQYHZ&gtm=45je55l1v890159293za200&_p=1748285654396&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&cid=1644754869.1748285655&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1748285654&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstcitizensbank.com%2F&dt=First%20Citizens%20Community%20Bank%20%7C%20Personal%20%26%20Business%20Banking&en=page_view&_fv=1&_ss=1&tfd=4293
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ZJBKDQYHZ&cx=c&gtm=457e55l1za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.firstcitizensbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 63ms
19ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5ZJBKDQYHZ&cid=1644754869.1748285655&gtm=45je55l1v890159293za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ZJBKDQYHZ&cx=c&gtm=457e55l1za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:124:0
report-to: {"group":"ascnsrsggc:124:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:124:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.firstcitizensbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:124:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:14 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 74ms
49ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5ZJBKDQYHZ&cid=1644754869.1748285655&gtm=45je55l1v890159293za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&z=187980709

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 18:54:14 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 featureIcon.png
cdn.firstbranchcms.com/kcms-structure/f79f5abb-c002-45e9-b6a0-a150cff653f6/ 1 KB
2 KB 417ms
417ms Image
image/webp 2606:4700:7::a29f:8206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.firstbranchcms.com/kcms-structure/f79f5abb-c002-45e9-b6a0-a150cff653f6/featureIcon.png

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2a13dcb2c57c3a316a765ebb3923271ca39c5f6a85b53908340a1fa57b38033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "088f353394443c5643ca720f218fc6d8"
x-amz-version-id: bXnjjbBExfUMy9UYPsmwmS9dzYJJugUb
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
cf-polished: origFmt=png, origSize=4462
date: Mon, 26 May 2025 18:54:15 GMT
content-type: image/webp
content-disposition: inline; filename="featureIcon.webp"
vary: Accept
last-modified: Thu, 09 Jan 2020 15:20:17 GMT
x-amz-id-2: jVP6RV9gPIvf3XXhF4x6G/RTWmdFIS5WorDcJssfxq9Yxq9Myfy67lVY9ClF5uL+7rR1RA7NaLM=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
x-amz-request-id: 8J4VT4TFNBDR6C1P
cf-ray: 945f7ae27f73c0eb-FRA
accept-ranges: bytes
content-length: 1436
server: cloudflare

GET
H2 200 featureIcon.png
cdn.firstbranchcms.com/kcms-structure/40293a1c-fd22-4cca-9bed-3f9371a127fc/ 3 KB
3 KB 455ms
454ms Image
image/webp 2606:4700:7::a29f:8206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.firstbranchcms.com/kcms-structure/40293a1c-fd22-4cca-9bed-3f9371a127fc/featureIcon.png

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5a63fe4225304d0f298cd63c6037ed186d4f7007857cadd00210b251a2a3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "1717ab13c667a0116730ffe9ae2d7b05"
x-amz-version-id: 1Z7OSsFeTz.7mZjd.XIQxXvOAfXtfbfx
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
cf-polished: origFmt=png, origSize=7617
date: Mon, 26 May 2025 18:54:15 GMT
content-type: image/webp
content-disposition: inline; filename="featureIcon.webp"
vary: Accept
last-modified: Thu, 09 Jan 2020 15:21:15 GMT
x-amz-id-2: q4gg2hCidY1aYHL1X9NxlS35eu7zIZqwTUy2JUBMIt6cZ9bkB5KwAgEpuZVR5Rf1+NKDnEmdejM=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
x-amz-request-id: 0VD6GMP44KBZG748
cf-ray: 945f7ae27f74c0eb-FRA
accept-ranges: bytes
content-length: 3126
server: cloudflare

GET
H2 200 featureIcon.png
cdn.firstbranchcms.com/kcms-structure/6aaf31ff-90ec-490e-be0d-c33aab10c1e1/ 5 KB
5 KB 433ms
432ms Image
image/webp 2606:4700:7::a29f:8206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.firstbranchcms.com/kcms-structure/6aaf31ff-90ec-490e-be0d-c33aab10c1e1/featureIcon.png

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b714e92d60748b9dfdbc8b71323b24aa85cc81db0a1363fcedd3f337f6ce6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "9978ade35b889f39ac8960deb0c56a18"
x-amz-version-id: 2J.01ZqQRw5x78qv4fJ6DIEWwGSKkUkF
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
cf-polished: origFmt=png, origSize=10226
date: Mon, 26 May 2025 18:54:15 GMT
content-type: image/webp
content-disposition: inline; filename="featureIcon.webp"
vary: Accept
last-modified: Thu, 09 Jan 2020 15:21:56 GMT
x-amz-id-2: yEvgaaz8vwAGsT7PAJkII9bgQxAny2U7UdCn+u+1Gj0wMa8QTlZlgkFp1u60FkeHTldzpp60fYM=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
x-amz-request-id: 8J4R4HAC5TT684AF
cf-ray: 945f7ae27f75c0eb-FRA
accept-ranges: bytes
content-length: 4854
server: cloudflare

GET
H2 200 featureIcon.png
cdn.firstbranchcms.com/kcms-structure/dd356dad-d6de-4902-9188-f1fe483fc143/ 1 KB
2 KB 481ms
480ms Image
image/webp 2606:4700:7::a29f:8206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.firstbranchcms.com/kcms-structure/dd356dad-d6de-4902-9188-f1fe483fc143/featureIcon.png

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dcbeb2eba32774ef2d068948db365ead509231023fc7a2db5496a3bee2f9ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "1623d7fdeec8f947decbfa360ecfe067"
x-amz-version-id: u0g0BUZri6na33qD1OUmlNdoAnrze3fl
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:15 GMT
cf-polished: origFmt=png, origSize=4209
date: Mon, 26 May 2025 18:54:15 GMT
content-type: image/webp
content-disposition: inline; filename="featureIcon.webp"
vary: Accept
last-modified: Thu, 09 Jan 2020 15:22:39 GMT
x-amz-id-2: FDjlZVQFv/xn/iGYMzVrabHcSa/GhzL4P/BmEU+4bZHvoIl9+H1HMikPGeccRp43J4GgBCk+Tig=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
x-amz-request-id: H0PRV4KFKKR8C5PV
cf-ray: 945f7ae27f76c0eb-FRA
accept-ranges: bytes
content-length: 1320
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
866 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+3:ital@0;1&display=swap

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/custom/fed-library/production/js-library/compliance-logos.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c206c52ec89600b8f3be4f0867df7b8647f15f74c328ec214e266c81fdd125d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 18:54:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 18:54:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 nwpDtKy2OAdR1K-IwhWudF-R3woAa8opPOrG97lwqLlOxCkSmg.woff2
fonts.gstatic.com/s/sourcesans3/v18/ 15 KB
15 KB 14ms
14ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesans3/v18/nwpDtKy2OAdR1K-IwhWudF-R3woAa8opPOrG97lwqLlOxCkSmg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+3:ital@0;1&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

3c230c03425a2866e4b57954f3173fc149dba2634e9ee32c681b41d96c7f06fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.firstcitizensbank.com
Referer: https://fonts.googleapis.com/

Response headers

age: 268139
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 23 May 2026 16:25:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 23 May 2025 16:25:16 GMT
last-modified: Tue, 11 Mar 2025 01:13:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15808
x-xss-protection: 0
server: sffe

GET
H2 200 featureImage.png
cdn.firstbranchcms.com/kcms-structure/37ede3be-15b7-4891-93d1-f64631df8bcc/ 636 KB
637 KB 482ms
482ms Image
image/webp 2606:4700:7::a29f:8206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.firstbranchcms.com/kcms-structure/37ede3be-15b7-4891-93d1-f64631df8bcc/featureImage.png

Requested by

Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc57a859b9095ed2450e4b6f68295446c4b6fc640360b19cb362016ec225ce3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "f33e075466cbe7e24b68d95b03f37e47"
x-amz-version-id: dU5TIOUddhCxoGxEXb1Dl1fNuCpoDZJP
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:16 GMT
cf-polished: origFmt=png, origSize=887478
date: Mon, 26 May 2025 18:54:16 GMT
content-type: image/webp
content-disposition: inline; filename="featureImage.webp"
vary: Accept
last-modified: Fri, 21 Jun 2024 14:20:58 GMT
x-amz-id-2: 4Pkuj658jx0OvL+/W+61jvVGc4dAKdZ9YCbA3tuYHhymu8ir1YKFe6I4D9iVInxwpituuv1OohQ=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
x-amz-request-id: FFZXY6TVR89XQ5KR
cf-ray: 945f7ae48a3bc0eb-FRA
accept-ranges: bytes
content-length: 651296
server: cloudflare

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 1 KB
669 B 58ms
22ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: www.firstcitizensbank.com
URL: https://www.firstcitizensbank.com/custom/fed-library/production/audioeye/audioeye-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a76a30b6e7616b79899b1b5b69b0c43733957e3669c7920c821d8cfbdbcdb8c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cache-control: max-age=120
content-encoding: br
cf-cache-status: HIT
etag: W/"baf1ebdf01b0b84354d8810ead971eb9"
age: 93
cf-ray: 945f7ae83ad03679-FRA
date: Mon, 26 May 2025 18:54:16 GMT
content-type: application/javascript
vary: Accept-Encoding
surrogate-keys
server: cloudflare

GET
H2

200

cei Show response
match.adsrvr.org/track/ Frame 7C3A
Redirect Chain

https://insight.adsrvr.org/track/cei?adv=1x23dye&ref=https%3A%2F%2Fwww.firstcitizensbank.com%2F&upid=mq166gf&upv=1.1.0&paapi=1
https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1

391 B
354 B

42ms
33ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: a217f69351069da2ad38a5743662c2713469c2ad262217031d2ea890158fe434

Request headers

Referer: https://www.firstcitizensbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 26 May 2025 18:54:16 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 40
content-type: text/html
date: Mon, 26 May 2025 18:54:16 GMT
location: https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1
server: Kestrel

GET
H2

200

cei Show response
match.adsrvr.org/track/ Frame AD67
Redirect Chain

https://insight.adsrvr.org/track/cei?adv=1x23dye&ref=https%3A%2F%2Fwww.firstcitizensbank.com%2F&upid=mq166gf&upv=1.1.0&paapi=1
https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1

391 B
354 B

43ms
33ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: a217f69351069da2ad38a5743662c2713469c2ad262217031d2ea890158fe434

Request headers

Referer: https://www.firstcitizensbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 26 May 2025 18:54:16 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 40
content-type: text/html
date: Mon, 26 May 2025 18:54:16 GMT
location: https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1
server: Kestrel

GET
H2 200 6c77c00c-077f-43ba-5267-43d26a27a4c2
data.pendo.io/data/ptm.gif/ 42 B
98 B 343ms
302ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL

https://data.pendo.io/data/ptm.gif/6c77c00c-077f-43ba-5267-43d26a27a4c2?v=2.277.0_prod&ct=1748285656327&jzb=eJzFkVFv2jAUhf9K5GdGEkMIIE0TbUFLKSkaoRKdpsgkBswS27WdIqj4772mKO0TmvbCm--9vsfH5_v9hsxeUtRHLKfcsNUeNdBSiZ2mKjWshIkftru4G3SCTssPGuiVaWaESlkOS-l0GN89pkm6bT0d8OHl3pMlCJAsExU3H3f8wGtBr1IFFBtjpO677m63a66Y0iZjhh0o10vC_zYzUbo_JFnTBDx934iSTqGAZamE1Kj_hkSRp__iwN776oJXRfG_3o_wPlGQTkKWUa1lPgpEw-FExjhe3Hfl_kn0QGKlSElPw7le0xH7KVXRYwkeb2GoqdZM8NO4HembhRoX3ny03Rj9fBq_VJRnkLsHIPaGwrfbPj42alAlNeQipM61IZ1ft8dLBgrC15VdhRB5Op_ZoM-m6tWzLw6BQjWKfs0S5zZKoudhPHNuHyeTeRwlC-dmEI-db85kEM9G0fDhzpkOPrENak1o5cRYJdxxvcDFHg5A_ZUqi8S2mzgMm14KX8mvxd3_5N7zv3AvBMkvcg-vzd06PPtqB93elfLDdX4tLzz-eQfnAJQf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-max-age: 600
cache-control: no-store
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-methods: GET,POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 42
date: Mon, 26 May 2025 18:54:16 GMT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 6c77c00c-077f-43ba-5267-43d26a27a4c2 Show response
data.pendo.io/data/guide.js/ 377 B
454 B 181ms
142ms Script
application/javascript 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://data.pendo.io/data/guide.js/6c77c00c-077f-43ba-5267-43d26a27a4c2?id=20&jzb=eJx9jlFPszAYhf9K815P4GPBJSTG4MaSqjAibInekH5Qtyq0tZQRMfz3tcbgnXd9T855-nzBmXVMC4VrCKHM4nSzK4vybXkY_fHj3pMtLIBUlei5_q78C7yliXrVmOOktexC1x2GwXllqtMV02ykvPtP-LtTida9leRIi09Jb06ipZk5zFg09eH3V943zQJaqklNNIFwVrJP9odWQ_ixt8QQKC_3OUyz6jz90eWktbUtfsoLtMYFfonTHK13SbJPcfGM7qL0AV2hJErzLY4fNyiLLE0SRbmOZqaJjKMl-deuF7i-5weGfqaqY4Lb2PFXK8crpRI1TNMFIg5vHw&v=2.277.0_prod&ct=1748285656328

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/6c77c00c-077f-43ba-5267-43d26a27a4c2/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

Resource Hash

29f05fe2ecbc237d3c33bc139a512ee1212edfd8cb8b374fc66cb717a83cbf5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-max-age: 600
cache-control: no-store
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-methods: GET,POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 377
date: Mon, 26 May 2025 18:54:16 GMT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 6c77c00c-077f-43ba-5267-43d26a27a4c2
data.pendo.io/data/guide.gif/ 42 B
289 B 163ms
124ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL

https://data.pendo.io/data/guide.gif/6c77c00c-077f-43ba-5267-43d26a27a4c2?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1748285656328&v=2.277.0_prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-max-age: 600
cache-control: no-store
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-methods: GET,POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 42
date: Mon, 26 May 2025 18:54:16 GMT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 61 KB
21 KB 56ms
22ms Script
application/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=9d1500647ef45ee3a58efc9eb9f17094
Requested by: Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d22d9ac5e1facba6ce114cba90d0519e8899d46e8caf7ef533a9ddf6f08f1856

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cache-control: max-age=3600, s-maxage=21600
content-encoding: br
cf-cache-status: HIT
etag: W/"c58ed4730a87a80af1db91282c85b637"
age: 17843
cf-ray: 945f7ae89a94d9da-FRA
date: Mon, 26 May 2025 18:54:16 GMT
content-type: application/javascript
vary: Accept-Encoding
surrogate-keys: 9d1500647ef45ee3a58efc9eb9f17094
server: cloudflare

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 144 KB
27 KB 264ms
245ms Script
text/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=9d1500647ef45ee3a58efc9eb9f17094&lang=en&cb=fa5d8c9f6
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=9d1500647ef45ee3a58efc9eb9f17094
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511c35daeb0439ec79928eea090528eae55dacb5a95aefab1110443daaef8bd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.firstcitizensbank.com
Referer: https://www.firstcitizensbank.com/

Response headers

cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
surrogate-key: prod 9d1500647ef45ee3a58efc9eb9f17094 fa5d8c9f6
cf-cache-status: HIT
content-encoding: br
cf-ray: 945f7ae8ec0ad23a-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 26 May 2025 18:31:08 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 7C3A 422 B
958 B 24ms
9ms Script
application/javascript 18.172.114.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.114.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-114-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://match.adsrvr.org/

Response headers

Vary: accept-encoding
ETag: "4e7de5ca0248ffa6216174e643f3112d"
Age: 24312
Connection: keep-alive
Via: 1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 422
X-Amz-Cf-Id: KL30B4mOHzwWZJxy3MoSCgDh9Uyxtnv5rcuhYKGb32L_JQ7gjRC5Mg==
Date: Mon, 26 May 2025 12:09:05 GMT
Content-Type: application/javascript
Last-Modified: Sun, 25 May 2025 12:07:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H/1.1 304
Not Modified universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame AD67 422 B
465 B 8ms
8ms Script
application/javascript 18.172.114.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/cei?adv=1x23dye&ref=https%3a%2f%2fwww.firstcitizensbank.com%2f&upid=mq166gf&upv=1.1.0&paapi=1&redirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.114.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-114-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f

Request headers

If-None-Match: "4e7de5ca0248ffa6216174e643f3112d"
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
If-Modified-Since: Sun, 25 May 2025 12:07:41 GMT

Response headers

ETag: "4e7de5ca0248ffa6216174e643f3112d"
Age: 24312
Connection: keep-alive
Via: 1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: CmttgpZuf8SjcG41fjw_Mh28mrx545h1ZpIwKoZV7FHShxUr69olhQ==
Date: Mon, 26 May 2025 12:09:05 GMT
Last-Modified: Sun, 25 May 2025 12:07:41 GMT
Vary: accept-encoding
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 startup.bundle.js Show response
wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/ 389 KB
117 KB 25ms
25ms Script
text/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/startup.bundle.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=9d1500647ef45ee3a58efc9eb9f17094&lang=en&cb=fa5d8c9f6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8d0eb3007a70528ad3e65ef2bcf40bfc6e552b87bcb96e5c15156798bffff8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: HIT
etag: W/"f82291b28f68741dc8195bc0c76e9f44"
age: 6843
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 945f7aea7ea6d9da-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/javascript
last-modified: Fri, 23 May 2025 18:43:29 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 tangoEngine.bundle.js Show response
wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/ 55 KB
20 KB 15ms
15ms Script
text/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/tangoEngine.bundle.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/startup.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa043ce0dea407e5fbf8dc5c5dfe43a31664c76f75d0ffe6c6cb6d15be2f6b85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: HIT
etag: W/"46bc3ec7168ee8d8a0fc4170dae57bc0"
age: 6839
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 945f7aeadf4bd9da-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/javascript
last-modified: Fri, 23 May 2025 18:43:29 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 favicon.ico
www.firstcitizensbank.com/custom/firstcitizensbank3/image/ 15 KB
3 KB 787ms
786ms Other
image/x-icon 2606:4700:7::a29f:8506
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.firstcitizensbank.com/custom/firstcitizensbank3/image/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8506 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b0c4aa3483d133d3485cf12019c8c3fae5dee954c89a76f72ae871627155350

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"606b7864-3aee"
x-content-type-options: nosniff
expires: Mon, 26 May 2025 22:54:17 GMT
date: Mon, 26 May 2025 18:54:17 GMT
content-type: image/x-icon
last-modified: Mon, 05 Apr 2021 20:51:48 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'none';
cache-control: public, max-age=14400
referrer-policy: strict-origin-when-cross-origin
cf-ray: 945f7aeaff3d4db4-FRA
permissions-policy: geolocation=(self); execution-while-not-rendered=(self); execution-while-out-of-viewport=(self); hid=(self); speaker-selection=(self)
server: cloudflare

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/ Frame BC30 115 B
419 B 44ms
27ms Document
text/html 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/cookieStorage.html
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/startup.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac3cfaaa8679659e604674c5ac9285eda42a6b82cd41dca9a4289f03b78766fa

Request headers

Referer: https://www.firstcitizensbank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
age: 6839
cf-cache-status: HIT
cf-ray: 945f7aeb3b9f3a92-FRA
content-encoding: br
content-type: text/html
date: Mon, 26 May 2025 18:54:16 GMT
last-modified: Fri, 23 May 2025 18:43:28 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 0
61 B 536ms
172ms Ping
text/plain 34.211.137.222
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/startup.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.211.137.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-137-222.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.firstcitizensbank.com/

Response headers

date: Mon, 26 May 2025 18:54:17 GMT
access-control-allow-origin: *
content-length: 0

GET
H2 200 launcher.bundle.js Show response
wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/ 11 KB
4 KB 16ms
14ms Script
text/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/launcher.bundle.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/startup.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca7b24eed0f4a2b07471901a20b6e8825c6aa4242574a647563a8cdec38b08c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: HIT
etag: W/"b51dc529f7b414ac2aa1db366eda0ff2"
age: 6837
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 945f7aeb3846d9da-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/javascript
last-modified: Fri, 23 May 2025 18:43:29 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 compliance.css
wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/ 2 KB
690 B 18ms
18ms Stylesheet
text/css 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/compliance.css
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/startup.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78b8e92a560933a581b06e591e2a52e6f74758a88f1bbd3d7252b37ab8bdcd47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: HIT
etag: W/"21190dc484113930ea0a8022dabce414"
age: 6837
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 945f7aeb3848d9da-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/css
last-modified: Fri, 23 May 2025 18:43:28 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 compliance.bundle.js Show response
wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/ 56 KB
20 KB 17ms
17ms Script
text/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/compliance.bundle.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/startup.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c73e590614d46015b778c015afd91c38c9aa8d12ff36d0190e722857b424df7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: HIT
etag: W/"af686a6cfb3a45dc83acd48f9877f712"
age: 6843
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 945f7aeb384bd9da-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/javascript
last-modified: Fri, 23 May 2025 18:43:28 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 fullCSS.bundle.css
wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/ 57 KB
12 KB 21ms
21ms Stylesheet
text/css 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/fullCSS.bundle.css
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/launcher.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 535414b76b2c4e01fc081a112c8c57e5b5450cb2816e05f8f0be2a0911b59a60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: HIT
etag: W/"1d55d72c855e0decea3ccf6a4cef6ee6"
age: 6837
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 945f7aeb5889d9da-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/css
last-modified: Fri, 23 May 2025 18:43:29 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 audioeye-scanner-esm.js Show response
wsv3cdn.audioeye.com/static-scripts/m/audioeye-scanner-esm/v10.1.0/ 307 KB
81 KB 181ms
181ms Script
text/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/m/audioeye-scanner-esm/v10.1.0/audioeye-scanner-esm.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/tangoEngine.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe41a1859fec54aa7e76b464acea17486073c8b205b5dc3699adad4d8be9f5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.firstcitizensbank.com
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: HIT
etag: W/"7e10e5ac1157917c0b445e44752c25fb"
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 945f7aeb5e11d23a-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:17 GMT
content-type: text/javascript
last-modified: Thu, 01 May 2025 17:46:44 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 cookieStorage.bundle.js Show response
wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/ Frame BC30 597 B
457 B 20ms
20ms Script
text/javascript 2606:4700::6812:1c9b
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/cookieStorage.bundle.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/cookieStorage.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35b4231f3db71b25e5a54bd931746129db82eb13b9bb1876750f969ed0930479

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/cookieStorage.html

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: HIT
etag: W/"108db42c18968d62fe0daeb979d5a63c"
age: 6837
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 945f7aeb7be83a92-FRA
access-control-allow-origin: *
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/javascript
last-modified: Fri, 23 May 2025 18:43:28 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
451 B 55ms
55ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Schibsted+Grotesk:wght@400;600&display=swap

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/fullCSS.bundle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

d30232224150c5b0e211a076219e723daac45ef8532ecf116b166fd8bd59a38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://wsv3cdn.audioeye.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 18:54:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 17:28:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H2 200 realtimeconversion Show response
insight.adsrvr.org/track/ 36 B
362 B 120ms
49ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/realtimeconversion
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 15a3dc247a9802298e21568c4d7d501a6236c246e9a2257177799a5400844740

Request headers

Referer: https://www.firstcitizensbank.com/
eventDataSourceVersion: 1.1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-type: application/json
eventDataSource: UpSdk

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.firstcitizensbank.com
date: Mon, 26 May 2025 18:54:17 GMT
content-type: application/json
vary: Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

OPTIONS
H2 200 realtimeconversion
insight.adsrvr.org/track/ Frame 0
0 89ms
30ms Preflight
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/realtimeconversion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,eventdatasource,eventdatasourceversion
Access-Control-Request-Method: POST
Origin: https://www.firstcitizensbank.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, ttdSignature, eventDataSource, eventDataSourceVersion
access-control-allow-origin: https://www.firstcitizensbank.com
content-encoding: gzip
content-type: application/json
date: Mon, 26 May 2025 18:54:17 GMT
server: Kestrel
vary: Accept-Encoding

POST
H2 200 realtimeconversion Show response
insight.adsrvr.org/track/ 36 B
363 B 107ms
36ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/realtimeconversion
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 15a3dc247a9802298e21568c4d7d501a6236c246e9a2257177799a5400844740

Request headers

Referer: https://www.firstcitizensbank.com/
eventDataSourceVersion: 1.1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-type: application/json
eventDataSource: UpSdk

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.firstcitizensbank.com
date: Mon, 26 May 2025 18:54:17 GMT
content-type: application/json
vary: Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

OPTIONS
H2 200 realtimeconversion
insight.adsrvr.org/track/ Frame 0
0 88ms
29ms Preflight
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/realtimeconversion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,eventdatasource,eventdatasourceversion
Access-Control-Request-Method: POST
Origin: https://www.firstcitizensbank.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, ttdSignature, eventDataSource, eventDataSourceVersion
access-control-allow-origin: https://www.firstcitizensbank.com
content-encoding: gzip
content-type: application/json
date: Mon, 26 May 2025 18:54:17 GMT
server: Kestrel
vary: Accept-Encoding

POST
H2 200 report
analytics.audioeye.com/v2/ 0
0 347ms
343ms Fetch 34.211.137.222
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://analytics.audioeye.com/v2/report
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/static-scripts/v2/fa5d8c9f6/tangoEngine.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.211.137.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-137-222.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.firstcitizensbank.com/

Response headers

date: Mon, 26 May 2025 18:54:18 GMT
access-control-allow-origin: *
content-length: 0

OPTIONS
H2 200 report
analytics.audioeye.com/v2/ Frame 0
0 513ms
171ms Preflight 34.211.137.222
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://analytics.audioeye.com/v2/report
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.211.137.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-137-222.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.firstcitizensbank.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Mon, 26 May 2025 18:54:18 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
font/truetype

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.firstcitizensbank.com
Referer

Response headers

Content-Type: font/truetype

GET
H3 200 Jqz55SSPQuCQF3t8uOwiUL-taUTtap9Gayo.woff2
fonts.gstatic.com/s/schibstedgrotesk/v3/ 46 KB
46 KB 20ms
20ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/schibstedgrotesk/v3/Jqz55SSPQuCQF3t8uOwiUL-taUTtap9Gayo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Schibsted+Grotesk:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

6b2e740cd29afe711f1048feedc00c524a0fa1aea25fbf70db41d784646273d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.firstcitizensbank.com
Referer: https://fonts.googleapis.com/

Response headers

age: 338661
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 22 May 2026 20:49:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 22 May 2025 20:49:57 GMT
last-modified: Tue, 02 May 2023 14:49:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46764
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 18ms
18ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5ZJBKDQYHZ&gtm=45je55l1v890159293z8813423273za200&_p=1748285654396&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&cid=1644754869.1748285655&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAKAAQ&_s=2&sid=1748285654&sct=1&seg=1&dl=https%3A%2F%2Fwww.firstcitizensbank.com%2F&dt=First%20Citizens%20Community%20Bank%20%7C%20Personal%20%26%20Business%20Banking&en=page_view&_et=20&tfd=9317
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ZJBKDQYHZ&cx=c&gtm=457e55l1za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.firstcitizensbank.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.firstcitizensbank.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 18:54:19 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: link.zixcentral.com
URL: https://link.zixcentral.com/u/5214b34f/PvS9faY97RGOEZkoh3soMg?u=https%3A%2F%2Ftag.simpli.fi%2Fsifitag%2F4d40fe80-1fd2-013b-a3f0-0cc47abd0334

Domain: link.zixcentral.com
URL: https://link.zixcentral.com/u/18f3bcb1/aAW_bQZE7RGSV2y4hnsoMg?u=https%3A%2F%2Ftag.simpli.fi%2Fsifitag%2F4d40fe80-1fd2-013b-a3f0-0cc47abd0334

Verdicts & Comments Add Verdict or Comment

91 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.firstcitizenscommunitybank.com/	1970-01-21 05:38:07	Name: __cf_bm Value: tQYrnTLEWUdvy8hUlmdL.QaoCBn1C4UiTRCt1HoubrM-1748285651-1.0.1.1-wnXeCoLGurEtdbk.qETdRypk7nkc9Vyn6seAhW3WYyWfaTLWRiIb1gICHDS5.CJJ.2B5GlB9s6jrp73VSXwk57.LSnFVkj8hNwUSU3yvk1g
.www.firstcitizensbank.com/	1970-01-21 05:38:07	Name: __cf_bm Value: XKgxkGTgMVyFYeN5uV6bsAPPxe87A17mREr2yuKdddY-1748285653-1.0.1.1-e3tjqXH.RkLoQORvxfbQS_VmKFtmX66QxZtoCymXy9JozgAdbNEuq18lqA9DYN6_3DIXe8mr58jVcmy__xVEqmmWo1sm6ciyVP4MtMPdOps
.cdn.firstbranchcms.com/	1970-01-21 05:38:07	Name: __cf_bm Value: ZAASbz7wBKItoZe7mbCeV6fuD0tcaK9oxiK3rBAzg9M-1748285654-1.0.1.1-u.gcesMSpWHwCdIEsvrJne6uXqXVaIU.M.l5ktrn8sXmcsAPtFlTNzBJDR0EDRGILjI0sY5.oBP2u02ShZlbe3AOHNa1Gqv7.qdUuMucjhc
.firstcitizensbank.com/	1970-01-21 07:47:41	Name: _gcl_au Value: 1.1.1279655650.1748285655
.firstcitizensbank.com/	1970-01-21 05:39:32	Name: _gid Value: GA1.2.2129868911.1748285655
.firstcitizensbank.com/	1970-01-21 05:38:05	Name: _gat_gtag_UA_104987168_1 Value: 1
.firstcitizensbank.com/	1970-01-21 05:38:05	Name: _gat_UA-104987168-1 Value: 1
.firstcitizensbank.com/	1970-01-21 15:14:05	Name: _ga Value: GA1.1.1644754869.1748285655
.firstcitizensbank.com/	1970-01-21 15:14:05	Name: _ga_5ZJBKDQYHZ Value: GS2.1.s1748285654$o1$g1$t1748285654$j60$l0$h0$dUB8gk685n9pmvdluBy9q9FHyHWvNNTqG_Q
.firstcitizensbank.com/	1970-01-21 14:23:41	Name: _hjSessionUser_2364864 Value: eyJpZCI6ImZjYmIyYjVmLTgyYjItNThjNS1hYTNhLWMyMGJhMzMyY2JmNiIsImNyZWF0ZWQiOjE3NDgyODU2NTU0MzUsImV4aXN0aW5nIjpmYWxzZX0=
.firstcitizensbank.com/	1970-01-21 05:38:07	Name: _hjSession_2364864 Value: eyJpZCI6ImFmNGQ2MTEyLTBhN2QtNDdhZC1iN2FhLTEyNTAxMTBhNmNmMCIsImMiOjE3NDgyODU2NTU0MzUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
www.firstcitizensbank.com/	1970-01-21 14:23:41	Name: _aeaid Value: cb4ed9a2-7152-42eb-b250-3ecd6a146acc
www.firstcitizensbank.com/	1970-01-21 15:14:05	Name: aelastsite Value: dQz7%2BIFaT73xzaPspp33VkI9L9ENMJ12L4Y%2BgiZ7ZJ2HVD4NMSlVsS8T9cpq24ZF
www.firstcitizensbank.com/	1970-01-21 15:14:05	Name: aelreadersettings Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
www.firstcitizensbank.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.audioeye.com
cdn.firstbranchcms.com
cdn.pendo.io
data.pendo.io
firstcitizenscommunitybank.com
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
js.adsrvr.org
link.zixcentral.com
match.adsrvr.org
netdna.bootstrapcdn.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.firstcitizensbank.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
link.zixcentral.com
104.18.10.207
13.227.219.3
142.250.185.106
142.250.186.100
142.250.186.163
162.159.130.6
18.172.114.101
18.66.192.125
2001:4860:4802:34::178
2001:4860:4802:34::36
2606:4700:7::a29f:8206
2606:4700:7::a29f:8506
2606:4700::6812:1c9b
2a00:1450:4001:80b::2008
2a00:1450:4001:81c::200a
2a00:1450:400c:c07::9b
34.107.204.85
34.211.137.222
34.36.213.229
35.71.131.137
023debc7d705e7c4cd6ffec27c761619c77f79b60e5a4fd9798fbb5c150ace2f
0778ebeffbc240eeda902ea3026613b2388af37fe3822644b8cd5022b69bd605
0ca7b24eed0f4a2b07471901a20b6e8825c6aa4242574a647563a8cdec38b08c
15a3dc247a9802298e21568c4d7d501a6236c246e9a2257177799a5400844740
1c110ddd8223d630e6af5f986756b01a4dc4901adb5904247b1df38ace3148aa
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f
28b09d97be2f2535bde1b4833c8c324aa4472e07f98b521dec2fa6ecdfdf5368
29f05fe2ecbc237d3c33bc139a512ee1212edfd8cb8b374fc66cb717a83cbf5e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b714e92d60748b9dfdbc8b71323b24aa85cc81db0a1363fcedd3f337f6ce6a7
35b4231f3db71b25e5a54bd931746129db82eb13b9bb1876750f969ed0930479
3c230c03425a2866e4b57954f3173fc149dba2634e9ee32c681b41d96c7f06fe
3c5ac602d9e32795f75da8415f4df615a14f3d0e7243ad822573afb53a669352
3dbc7feacdc4014f3b45509b1dedcdaa2bbcad56983d1632a9bad35038b338c4
511c35daeb0439ec79928eea090528eae55dacb5a95aefab1110443daaef8bd6
514f84ced013e47dc240550741eba0327c30a0c1ee0572a635e9db2607212add
535414b76b2c4e01fc081a112c8c57e5b5450cb2816e05f8f0be2a0911b59a60
6524cdf90b69eab3b2cd8c260c9c565cf97941c23dc7a47d9c042709bb369294
6b2e740cd29afe711f1048feedc00c524a0fa1aea25fbf70db41d784646273d0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78b8e92a560933a581b06e591e2a52e6f74758a88f1bbd3d7252b37ab8bdcd47
7aac4e716c8b0e09380e2b7513319bcba2347c028e1aad8b5ef8623bba1967e2
7d1bb9b805f5a2506e52cb8ef1faff71253bfcebe0375748f2fe7a6497728701
7e5c8e2fcf1939dff3877e313bd854a9231b7abe21c882acab270724c68662f5
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
995689497ada67f8588709b19705f21d443afea5e2b63dcfc9b6176ccc32a14c
997985fd2176679d0a0bd9250a9b6142e3335076b43da211f9db12cddd54e72b
9b0c4aa3483d133d3485cf12019c8c3fae5dee954c89a76f72ae871627155350
9c73e590614d46015b778c015afd91c38c9aa8d12ff36d0190e722857b424df7
9dcbeb2eba32774ef2d068948db365ead509231023fc7a2db5496a3bee2f9ccf
a217f69351069da2ad38a5743662c2713469c2ad262217031d2ea890158fe434
a65cbc79128d0be357e842635e6ef56476209a7a4928c9cac8cfe75cb753a836
a76a30b6e7616b79899b1b5b69b0c43733957e3669c7920c821d8cfbdbcdb8c8
aa8d0eb3007a70528ad3e65ef2bcf40bfc6e552b87bcb96e5c15156798bffff8
ab5a63fe4225304d0f298cd63c6037ed186d4f7007857cadd00210b251a2a3b4
ac3cfaaa8679659e604674c5ac9285eda42a6b82cd41dca9a4289f03b78766fa
ad03cb68ca57b181681e19ec4fb023dc77a4b5515cfca02322d8e09507178ccb
bc57a859b9095ed2450e4b6f68295446c4b6fc640360b19cb362016ec225ce3f
be3e45c65a7c766b3459630161426f2e749b081d5eed081cdf3ef4335d9b7be2
c206c52ec89600b8f3be4f0867df7b8647f15f74c328ec214e266c81fdd125d4
cda6b617d1e3d4e9c605d4070449b7d0c4fe9d863e646c05091dfc03f2a7e75c
d0365ec68f43a7c26dde364f8ae337d5918053a41e5126b25d66370f5038a156
d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35
d11021564d71f052393968a0fe286cc0e5f6c2977f5845aefb2d307e435983ba
d22d9ac5e1facba6ce114cba90d0519e8899d46e8caf7ef533a9ddf6f08f1856
d30232224150c5b0e211a076219e723daac45ef8532ecf116b166fd8bd59a38c
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d45a3ca76596642db7e5a535af01a22e25f89180bedf1faa7a923ddac9ea9956
d8307990166654796c13f399af94cf673956d425e1a289b2d0c9537eb4420308
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe41a1859fec54aa7e76b464acea17486073c8b205b5dc3699adad4d8be9f5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f65481ad4bc0e042c6f3dbe6d011f05fe84e5a5921962f5a8f32c84b8e999
eb0c6b8df80bad4cb314fdb342e7cfcf4b6ff7a0d0884121a5d71f736bca9dcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef67ff8eb4ad33ea0ccdef3ea49ee11f6a460ed4c62bed254055493137120e6c
f2a13dcb2c57c3a316a765ebb3923271ca39c5f6a85b53908340a1fa57b38033
f7d96a9a10cd340fe587c45c092c018051ecaf0acf0a861dd266a2c979d48689
fa043ce0dea407e5fbf8dc5c5dfe43a31664c76f75d0ffe6c6cb6d15be2f6b85
ff66548920a087ec78649085d07185ae1cb93e7ace510ae389caa9da131ea93f

www.firstcitizensbank.com Open in urlscan Pro 2606:4700:7::a29f:8506 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

97 %HTTPS

40 %IPv6

16 Domains

23 Subdomains

20 IPs

4 Countries

2574 kBTransfer

5553 kBSize

15 Cookies

17 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.firstcitizensbank.com Open in urlscan Pro
2606:4700:7::a29f:8506 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

97 %
HTTPS

40 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

2574 kB
Transfer

5553 kB
Size

15
Cookies

76 HTTP transactions
1 data transactions