citadel-mortgages.mtg-app.com Open in urlscan Pro
13.32.27.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3ldj24l
Effective URL:
https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Submission: On May 01 via manual (May 1st 2023, 11:30:29 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 43 HTTP transactions. The main IP is 13.32.27.113, located in United States and belongs to AMAZON-02, US. The main domain is citadel-mortgages.mtg-app.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 1st 2023. Valid for: 5 months.

This is the only time citadel-mortgages.mtg-app.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	13.32.27.113 13.32.27.113	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:205... 2600:9000:2057:ec00:4:8dcd:9500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:459c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	16.12.5.81 16.12.5.81	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	13.225.83.103 13.225.83.103	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
43	16

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.27.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net

citadel-mortgages.mtg-app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ec00:4:8dcd:9500:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.locize.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:459c (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 16.12.5.81 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3.ca-central-1.amazonaws.com

s3-ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-103.fra2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mtg-app.com citadel-mortgages.mtg-app.com	3 MB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	241 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	301 B
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 613	183 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 920 p.typekit.net — Cisco Umbrella Rank: 1162	68 KB
3	gstatic.com www.gstatic.com	351 KB
3	google.com www.google.com — Cisco Umbrella Rank: 16	28 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
2	amazonaws.com s3-ca-central-1.amazonaws.com	29 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	355 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 3063	44 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	43 KB
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 11016	5 KB
1	locize.app api.locize.app — Cisco Umbrella Rank: 153496	17 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1289	7 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4705	330 B
43	16

	Domain	Requested by
10	citadel-mortgages.mtg-app.com	citadel-mortgages.mtg-app.com
5	connect.facebook.net	citadel-mortgages.mtg-app.com connect.facebook.net
4	www.facebook.com	citadel-mortgages.mtg-app.com
4	maps.googleapis.com	citadel-mortgages.mtg-app.com maps.googleapis.com
3	www.gstatic.com	www.google.com
3	www.google.com	citadel-mortgages.mtg-app.com www.gstatic.com www.google.com
3	use.typekit.net	citadel-mortgages.mtg-app.com use.typekit.net
2	www.google-analytics.com	citadel-mortgages.mtg-app.com
2	s3-ca-central-1.amazonaws.com	citadel-mortgages.mtg-app.com
1	stats.g.doubleclick.net	citadel-mortgages.mtg-app.com
1	www.datadoghq-browser-agent.com	www.googletagmanager.com
1	www.googletagmanager.com	citadel-mortgages.mtg-app.com
1	browser-update.org	citadel-mortgages.mtg-app.com
1	api.locize.app	citadel-mortgages.mtg-app.com
1	p.typekit.net	use.typekit.net
1	maxcdn.bootstrapcdn.com	citadel-mortgages.mtg-app.com
1	bit.ly	1 redirects
43	17

This site contains no links.

Subject Issuer	Validity	Valid
*.mtg-app.com Amazon RSA 2048 M01	`2023-03-01` - `2023-08-14`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.locize.app Amazon RSA 2048 M01	`2023-03-01` - `2023-11-07`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.s3.ca-central-1.amazonaws.com Amazon	`2022-09-21` - `2023-09-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Frame ID: B0565A680F7913A9FAC831F7D40A7DC5
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrss8UAAAAAC1KuQPh4kJOXsgPE5hxxWXwhyNK&co=aHR0cHM6Ly9jaXRhZGVsLW1vcnRnYWdlcy5tdGctYXBwLmNvbTo0NDM.&hl=de&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=hisia3jvvmes
Frame ID: 6DCBED25002CE4B3FC93164C31990B1E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citadel Mortgages - Application - CalculatorsPhoneEmail

Page URL History Show full URLs

https://bit.ly/3ldj24l HTTP 301
https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

43
Requests

100 %
HTTPS

75 %
IPv6

16
Domains

17
Subdomains

16
IPs

4
Countries

4082 kB
Transfer

6003 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3ldj24l HTTP 301
https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request calculators Show response
citadel-mortgages.mtg-app.com/
Redirect Chain

https://bit.ly/3ldj24l
https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

3 KB
4 KB

287ms
225ms

Document
text/html

13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bc178c6e78bca51f93096b68af2734afc5d6bf18ec2a71ebffb1e635e03dac6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 3259
Content-Type: text/html
Date: Mon, 01 May 2023 11:30:23 GMT
ETag: "33b8b6e2f97a5741da6888f394a173ea"
Last-Modified: Thu, 27 Apr 2023 16:45:06 GMT
Server: AmazonS3
Via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
X-Amz-Cf-Id: b4xBgPW0PMNR2kx1vLVP-sJtNQJwbtcOJq3qDURyDIsZT72ickPbBg==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: RefreshHit from cloudfront
x-amz-version-id: 6ffohBHEYv9cg.hlDL6tBs2kBQmvnANP

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 179
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 11:30:22 GMT
location: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 34ms
16ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 926803
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: be050c61329891fb4ef880afd785a1b0
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c07b12c7c5f3624-FRA
cdn-requestpullsuccess: True

GET
H2 200 ozj5iql.css
use.typekit.net/ 3 KB
964 B 185ms
131ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ozj5iql.css

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bd932aca3bbdee045705d1bb70d3589e6ef67236d99bbd3f1e771333dae40893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 01 May 2023 11:30:22 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 732

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 220 KB
70 KB 153ms
73ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyD2inMv31lf5DkugkuNxse1pmmZczpLVfY&libraries=places

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

dea64d84b62424332852636d2d26340ae6f151f0548c3cc4eb2dfec05ef385fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71831
x-xss-protection: 0

GET
H/1.1 200
OK 2.8f90e36a.chunk.css
citadel-mortgages.mtg-app.com/static/css/ 54 KB
54 KB 232ms
231ms Stylesheet
text/css 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citadel-mortgages.mtg-app.com/static/css/2.8f90e36a.chunk.css
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f871ccf0df8ee28af89289954fe23c6777e52eb31bcf87904e334fa7c5805a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 3jGW1oeyJ0lIte1gBaBDEAUFYu99Shb0
Date: Mon, 01 May 2023 11:30:23 GMT
Via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Apr 2023 16:44:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
ETag: "0c7cba57dedc11e36d32e92eff168eec"
X-Cache: RefreshHit from cloudfront
Content-Type: text/css
Connection: keep-alive
Content-Length: 54912
X-Amz-Cf-Id: NgB-O18C425GIy9CRwlyggJhm88Jg6iXAKEanoeHhSU325MPw4RW8g==

GET
H/1.1 200
OK main.eaec89d5.chunk.css
citadel-mortgages.mtg-app.com/static/css/ 42 KB
43 KB 222ms
205ms Stylesheet
text/css 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citadel-mortgages.mtg-app.com/static/css/main.eaec89d5.chunk.css
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5330ae41eb1358591d391d80fe733103d8798f272a0cdbba7a4016a713999cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: QoXPHIQ3IiG1HB2iGanYx_B7b0ToaCx.
Date: Mon, 01 May 2023 11:30:23 GMT
Via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Apr 2023 16:44:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
ETag: "de0591b29ee3f97ebc3a79cf9726cac0"
X-Cache: RefreshHit from cloudfront
Content-Type: text/css
Connection: keep-alive
Content-Length: 43507
X-Amz-Cf-Id: h_LcAZXZLVQ474CRK0lS2IsloZGmwgFi8rGCee_BSyB9NEcGrRarXA==

GET
H/1.1 200
OK 2.798b378a.chunk.js Show response
citadel-mortgages.mtg-app.com/static/js/ 2 MB
2 MB 244ms
225ms Script
text/javascript 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citadel-mortgages.mtg-app.com/static/js/2.798b378a.chunk.js
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04bd4b35ca5ea873e13d0adff7bcd8d9567ae3b83b535830ce4461db1730b464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 11:30:23 GMT
x-amz-version-id: QByUtMVVQN2Q0bkVrsbcy4y4N90Xb3vN
Via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Apr 2023 16:44:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
ETag: "aee0a3dc0cb7a1023a8b7d3027d1f69a"
X-Cache: Miss from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 1683967
X-Amz-Cf-Id: MWf9I2wsEHLE59ZAqXjvFzJS57lKyoTmulPLT8nVEqN-79zZGhBliA==

GET
H/1.1 200
OK main.76aa42f2.chunk.js Show response
citadel-mortgages.mtg-app.com/static/js/ 891 KB
892 KB 263ms
244ms Script
text/javascript 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citadel-mortgages.mtg-app.com/static/js/main.76aa42f2.chunk.js
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 149712e3427b74c4a6dbbcf75f440fe1584c19601864e805a6788ca756241c49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 11:30:23 GMT
x-amz-version-id: mzsiN.SGEV_O1Xr6aUD788Oil6Fvzlkk
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Apr 2023 16:44:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
ETag: "2dcebffdba9d444e7536d5418fd0ed0a"
X-Cache: Miss from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Content-Length: 912699
X-Amz-Cf-Id: 3jhwO2yxYbVrm5pB0tzdZLB9Tn_xHszVNqkajzM5PkxNGJP_Jlpifw==

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 30ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ozj5iql&ht=tk&f=139.140.175.176&a=83488517&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ozj5iql.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 01 May 2023 11:30:22 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 48ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 01 May 2023 11:30:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bL7aZUNexBSNCEkQcdqlSDRNzpBD1Mwa8NoKmrwBdvyn2S+q+QwZ47qsg/Mtu32PQxzat6DTBOI/k5No2LXgdw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 133ms
61ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD2inMv31lf5DkugkuNxse1pmmZczpLVfY&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://citadel-mortgages.mtg-app.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK citadel-mortgages Show response
citadel-mortgages.mtg-app.com/api/v1/teams/ 99 KB
100 KB 418ms
417ms Fetch
application/json 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citadel-mortgages.mtg-app.com/api/v1/teams/citadel-mortgages
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/static/js/2.798b378a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 662971ca1eacebbcb6ae779b0bcb1e2d7416b446aaab19eb5b1c8cbe00490e70

Request headers

Accept: application/json
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 01 May 2023 11:30:24 GMT
Via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Powered-By: Express
ETag: W/"18df3-Z6uUSq+AT6d6l88bxmlmo2YAL2A"
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 101875
X-Amz-Cf-Id: MsD53XlbNZVQbkU3mb1OrtIqB__e-_Tr5DbhGk34czWgThcjJL6Haw==

GET
DATA 200
OK truncated
/ 286 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 translation Show response
api.locize.app/4e07c375-db75-4e41-a664-a93997f03cbc/latest/en/ 77 KB
17 KB 189ms
131ms Fetch
application/json 2600:9000:2057:ec00:4:8dcd:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.locize.app/4e07c375-db75-4e41-a664-a93997f03cbc/latest/en/translation
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/static/js/2.798b378a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ec00:4:8dcd:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed7856f8be15fa97b9234e0302da27d0bd58323cf455e971ea7bd74e699c0065

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: RQ85eZtOwy3KuBLZsZ2R1c_WdfNDeawh
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
date: Mon, 01 May 2023 11:30:24 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Apr 2023 22:34:40 GMT
server: AmazonS3
etag: W/"eb33c895d10f86d72730677f36b416a0"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-cache
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: dbTB7kX6tzfwjeKWfuPknbijZJ_jdME3u1EoaxnxcwhcEtQMUD9_fQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
906 B 128ms
47ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ldrss8UAAAAAC1KuQPh4kJOXsgPE5hxxWXwhyNK

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/static/js/2.798b378a.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fbac1a654ccf5ea25fdd74ce9e5bacde9d755527a2e1ce9b2e2cb43102dc2a07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 586
x-xss-protection: 1; mode=block
expires: Mon, 01 May 2023 11:30:23 GMT

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
5 KB 44ms
14ms Script
application/javascript 2606:4700:20::ac43:459c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f94cc643ef69a7c7ff801e421af3f4e472e5f6c55cb51933f6abf5eb0e70d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Apr 2023 20:21:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 448929
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRUxx5jvTJmUlwOxOV%2B5i%2FNDlun1wPpW0QaSdGf1tgtbS09uoV1pIuuUhtGxRwWGTlIYeEq8o0D62JFFyufGlZ14o6tG5QDZ4Vl6FxYxiF2C5TVRKIQJu9DpGpIWGTpXVfkksuKDWcwBnTif%2BOlsVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
content-disposition: inline; filename=update.min.js
cf-ray: 7c07b1329e9c18c3-FRA
expires: Thu, 27 Apr 2023 06:48:14 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ 409 KB
164 KB 114ms
36ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ldrss8UAAAAAC1KuQPh4kJOXsgPE5hxxWXwhyNK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89b22ad742d4802bb729ed58852376a8ed85a99a410df64bd31e117408e7b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citadel-mortgages.mtg-app.com/
Origin: https://citadel-mortgages.mtg-app.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167195
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 11:28:30 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6DCB 49 KB
27 KB 60ms
59ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrss8UAAAAAC1KuQPh4kJOXsgPE5hxxWXwhyNK&co=aHR0cHM6Ly9jaXRhZGVsLW1vcnRnYWdlcy5tdGctYXBwLmNvbTo0NDM.&hl=de&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=hisia3jvvmes

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32185db67e25dede49909aea22a9cbe0a91cb411d1e2ece9c19e482b7428cabd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tPRML0vo_Eb5opBJhfoQHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://citadel-mortgages.mtg-app.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27634
content-security-policy: script-src 'report-sample' 'nonce-tPRML0vo_Eb5opBJhfoQHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 11:30:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame 6DCB 55 KB
24 KB 113ms
39ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrss8UAAAAAC1KuQPh4kJOXsgPE5hxxWXwhyNK&co=aHR0cHM6Ly9jaXRhZGVsLW1vcnRnYWdlcy5tdGctYXBwLmNvbTo0NDM.&hl=de&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=hisia3jvvmes

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 02:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 02:16:05 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame 6DCB 409 KB
163 KB 131ms
57ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89b22ad742d4802bb729ed58852376a8ed85a99a410df64bd31e117408e7b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167195
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 11:28:30 GMT

GET
H2 200 367601960534511 Show response
connect.facebook.net/signals/config/ 158 KB
42 KB 167ms
166ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367601960534511?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67fcfee3aefd309397d0625bef2d9cfff7944e707934f12dadacb880bfa1f121

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 01 May 2023 11:30:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: g8J3TDK0yyLqK8KPPrmy4+bFzL3zcBvhBmcNTguaLURvuYdMSmzW2AbitLn+uYWJWjiv4vi+MPjIrJb76Vjh0A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 95759824-e2cc-4348-9290-1174cde3bd5b Show response
citadel-mortgages.mtg-app.com/api/v1/referral-links/ 261 B
749 B 382ms
382ms Fetch
application/json 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citadel-mortgages.mtg-app.com/api/v1/referral-links/95759824-e2cc-4348-9290-1174cde3bd5b
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/static/js/2.798b378a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 2f4955c2b03ab404552b7660c25c34151780ab15916f4cbded49ee71de1f3216

Request headers

Accept: application/json
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 01 May 2023 11:30:24 GMT
Via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Powered-By: Express
ETag: W/"105-zqQr7mb2eVAeWJ6jyF4OGVEvTn0"
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 261
X-Amz-Cf-Id: bStRhnNplIdU9tCxKK5_E9Kf7hyEB7LbLuY6JgfUbu7jfGU-tG74XA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
43 KB 145ms
60ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KZRJVHJ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08fbc120c631d486e2bacffedb441e5581566436b713588ab9a3cdc9d5718b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44083
x-xss-protection: 0
last-modified: Mon, 01 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 May 2023 11:30:24 GMT

GET
H/1.1 200
OK 8dae8427-8fab-45d9-ab0e-de3d09a1bd31
s3-ca-central-1.amazonaws.com/lendesk-finmo-production-assets-ca-central-1/ 14 KB
14 KB 393ms
150ms Image
image/png 16.12.5.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/lendesk-finmo-production-assets-ca-central-1/8dae8427-8fab-45d9-ab0e-de3d09a1bd31
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.12.5.81 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5adad77261457049bfa107b6bf5877bf211aba918f2817fee62dd189c188b2e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 11:30:25 GMT
x-amz-version-id: 0RESm.WBAB8tdwbXV8ssj9CZai_.A.Rb
Last-Modified: Wed, 11 Aug 2021 20:07:25 GMT
Server: AmazonS3
x-amz-request-id: ET3FRTQWC0J29A70
ETag: "c949ca7cddb5625a90fd4037e12afe25"
Content-Type: image/png
x-amz-replication-status: REPLICA
Accept-Ranges: bytes
Content-Length: 14173
x-amz-id-2: Cmb2niF1T/SjftYQzNyMY5fzV3D8EPtdzNbDi0kZxMgAfobJgZ55Vg2e6FR/TkWFZPls4iilNZw=

GET
H/1.1 200
OK calculator_starting.9962c163.png
citadel-mortgages.mtg-app.com/static/media/ 192 KB
192 KB 110ms
109ms Image
image/png 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citadel-mortgages.mtg-app.com/static/media/calculator_starting.9962c163.png
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b80fbad5d4e27106e039978170ce1e482db9f777d322e03303c5847d4ea30a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: vcyuYfC68I0Ch4SbW8TQ_iilks7ODZUt
Date: Mon, 01 May 2023 11:30:25 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Apr 2023 16:44:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
ETag: "9962c1637423ec4b52b3aa54bd6aa265"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Connection: keep-alive
Content-Length: 196326
X-Amz-Cf-Id: MVPYCK8PDbBIp7yJA9pDu3fDlRuJoQcaOsQnN866PMaL6RJjxRn9lQ==

GET
H/1.1 200
OK calculator_purchase.ba2780c2.png
citadel-mortgages.mtg-app.com/static/media/ 78 KB
78 KB 249ms
249ms Image
image/png 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citadel-mortgages.mtg-app.com/static/media/calculator_purchase.ba2780c2.png
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 099d7a7c5233f8c323bb86048376be86d9e97a4feafd8304651144a055012c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 11:30:25 GMT
x-amz-version-id: rDTOb.2KDmcDro1jo26WclJ3loEGsyNO
Via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Apr 2023 16:44:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
ETag: "ba2780c27e3d1e69bb29d181e9897aef"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Content-Length: 79776
X-Amz-Cf-Id: Z9BaMy0lPfEZHj0CQA8VKVNzCzgOcBQzrS5Pw5S81W7cMH0vcixVZw==

GET
H/1.1 200
OK calculator_refinance.21f6f29d.png
citadel-mortgages.mtg-app.com/static/media/ 34 KB
35 KB 206ms
206ms Image
image/png 13.32.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citadel-mortgages.mtg-app.com/static/media/calculator_refinance.21f6f29d.png
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbe4e278ef89383f1fe9f5c738e9810538d109df8de922edb0f5fb27b96384ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: UBzigEvXIfPP3ZQ7Fatx7Cs.VfqnSEqK
Date: Mon, 01 May 2023 11:30:25 GMT
Via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Apr 2023 16:44:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
ETag: "21f6f29de9c53a13a6cb50580b0738cc"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Connection: keep-alive
Content-Length: 35235
X-Amz-Cf-Id: SqrEBl6EYiy5H7eGn70Lemi1q3BXCJKxWgN4Ouf5rKOL0_5COagjlw==

GET
H/1.1 200
OK 30afb3ee-d9cf-4823-93db-e63f45a887d1
s3-ca-central-1.amazonaws.com/lendesk-finmo-production-assets-ca-central-1/ 14 KB
14 KB 379ms
131ms Image
image/png 16.12.5.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/lendesk-finmo-production-assets-ca-central-1/30afb3ee-d9cf-4823-93db-e63f45a887d1
Requested by: Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.12.5.81 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1ab49094479b14e2b7ab065f250eb95d120472b043d403d2ac43861da6918288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 11:30:25 GMT
x-amz-version-id: PceMPENUtKD1dxfZU.oghV1.kN4sVWQq
Last-Modified: Wed, 11 Aug 2021 20:06:26 GMT
Server: AmazonS3
x-amz-request-id: ET33YDWWAPBR7P1E
ETag: "efbf5443eeda44b2d8a1b78f706944d4"
Content-Type: image/png
x-amz-replication-status: REPLICA
Accept-Ranges: bytes
Content-Length: 14127
x-amz-id-2: IbQL95kmUnlVReULY6EMwiG/UfdsPnAmLDZnX2axEcGpBdL7I2uVKsQ17HyDieIpdGAuHEgRX6Y=

GET
H2 200 l
use.typekit.net/af/98e3f6/000000000000000077359562/30/ 33 KB
34 KB 40ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ozj5iql.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221

Request headers

Referer: https://use.typekit.net/ozj5iql.css
Origin: https://citadel-mortgages.mtg-app.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:24 GMT
server: nginx
etag: "27cd5d037b3d5bcc152de6c7fe0aa3098a381c24"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34148

GET
H2 200 l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ 33 KB
33 KB 41ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ozj5iql.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc

Request headers

Referer: https://use.typekit.net/ozj5iql.css
Origin: https://citadel-mortgages.mtg-app.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:24 GMT
server: nginx
etag: "f806d2fcac6bea1cced8320378bba8659e3a95e8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33364

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6DCB 102 B
134 B 56ms
55ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4q6CtudrwcI-LSEYlfoEbDXg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ab2cbfe6ccb36bf703e876e9b9044361d95d6e4c46acb7d4bd3ba86494bf2eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldrss8UAAAAAC1KuQPh4kJOXsgPE5hxxWXwhyNK&co=aHR0cHM6Ly9jaXRhZGVsLW1vcnRnYWdlcy5tdGctYXBwLmNvbTo0NDM.&hl=de&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=hisia3jvvmes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 01 May 2023 11:30:24 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 01 May 2023 11:30:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jER8oPw9woMAt6kslvTk/syrYGGWqACAWqPxfeCFybp1WfMZZ6A4bD0aZuina9ANTCvjYhJYtQSv2Z/1avZ3hg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 53ms
14ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 09:37:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6782
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 01 May 2023 11:37:22 GMT

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 138 KB
44 KB 40ms
8ms Script
application/javascript 13.225.83.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZRJVHJ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75d3ed5d686101a435fa0256ba1961881937961dbfb5de541163dd0a5246cf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:30:20 GMT
content-encoding: br
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 13:11:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 6
x-amz-server-side-encryption: AES256
etag: W/"a71a788d4ecc15d342ce0bff1bb2862f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: ge7ZZMLvCideszkrtlt-idprRj599CVBd-mKJWVdumDSOL83ekJydw==

GET
H3 200 1022256961277674 Show response
connect.facebook.net/signals/config/ 151 KB
41 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1022256961277674?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

018db259bbc13164b0acca217ac0b6c8fd8a3e7868839f8423585db772dd0e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 01 May 2023 11:30:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gCxQVURFsOjyfHtpRvfgVRlrdfrRKAP8bprGhsyT7QSFlbjnKIwMqsQ4JDjZMPVTqH0/S5ENikorUPm1YkEm4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
218 B 18ms
18ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=974984958&t=pageview&_s=1&dl=https%3A%2F%2Fcitadel-mortgages.mtg-app.com%2Fcalculators%3FrefId%3D95759824-e2cc-4348-9290-1174cde3bd5b&dp=https%3A%2F%2Fcitadel-mortgages.mtg-app.com%2Fcalculators%3FrefId%3D95759824-e2cc-4348-9290-1174cde3bd5b&ul=en-us&de=UTF-8&dt=Citadel%20Mortgages%20-%20Application%20-%20Calculators&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1929399076&gjid=1971995512&cid=514754803.1682940625&tid=UA-109774546-3&_gid=1540739850.1682940625&_r=1&_slc=1&z=426661119

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/static/js/2.798b378a.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://citadel-mortgages.mtg-app.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 May 2023 11:30:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citadel-mortgages.mtg-app.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 294405211172333 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 70ms
70ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/294405211172333?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06439fe962114744c2909b6347b81e7745412ae3e283420ec6fb5064255bd3fb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 01 May 2023 11:30:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nZzd/WEvW6hiBm7Zw2ws77MWjvk7lxvZ6NTYuhiVGeC8Psmd0mDLXHxw7vcUoLKNNcIi232KVQZyaAhW2Du5rw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
355 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-109774546-3&cid=514754803.1682940625&jid=1929399076&gjid=1971995512&_gid=1540739850.1682940625&_u=YEBAAEAAAAAAACAAI~&z=1751185117

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/static/js/2.798b378a.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://citadel-mortgages.mtg-app.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 01 May 2023 11:30:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citadel-mortgages.mtg-app.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 44ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367601960534511&ev=PageView&dl=https%3A%2F%2Fcitadel-mortgages.mtg-app.com%2Fcalculators%3FrefId%3D95759824-e2cc-4348-9290-1174cde3bd5b&rl=&if=false&ts=1682940624793&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682940624793.1289538532&it=1682940624331&coo=false&rqm=GET

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 01 May 2023 11:30:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 44ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1022256961277674&ev=PageView&dl=https%3A%2F%2Fcitadel-mortgages.mtg-app.com%2Fcalculators%3FrefId%3D95759824-e2cc-4348-9290-1174cde3bd5b&rl=&if=false&ts=1682940624795&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682940624793.1289538532&it=1682940624331&coo=false&rqm=GET

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 01 May 2023 11:30:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 45ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=294405211172333&ev=PageView&dl=https%3A%2F%2Fcitadel-mortgages.mtg-app.com%2Fcalculators%3FrefId%3D95759824-e2cc-4348-9290-1174cde3bd5b&rl=&if=false&ts=1682940624796&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682940624793.1289538532&it=1682940624331&coo=false&rqm=GET

Requested by

Host: citadel-mortgages.mtg-app.com
URL: https://citadel-mortgages.mtg-app.com/calculators?refId=95759824-e2cc-4348-9290-1174cde3bd5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 01 May 2023 11:30:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=294405211172333&ev=Microdata&dl=https%3A%2F%2Fcitadel-mortgages.mtg-app.com%2Fcalculators%3FrefId%3D95759824-e2cc-4348-9290-1174cde3bd5b&rl=&if=false&ts=1682940626298&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Citadel%20Mortgages%20-%20Application%20-%20Calculators%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682940624793.1289538532&it=1682940624331&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 01 May 2023 11:30:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/1a/intl/de_ALL/ 273 KB
60 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/1a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD2inMv31lf5DkugkuNxse1pmmZczpLVfY&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d724ba063c2547954a3773e05a7080aae16d213d93a5d68ee0baf76261f8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61806
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 19:09:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 19:00:45 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/1a/intl/de_ALL/ 164 KB
52 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/1a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD2inMv31lf5DkugkuNxse1pmmZczpLVfY&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af09e9d6fa6f346492234222302afba5ad3f0187295f8903bdb02085a515f11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citadel-mortgages.mtg-app.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52712
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 19:09:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 19:00:45 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 15:48:12	Name: _bit Value: n41bum-ad82f7d0c4a6445fb4-00t
.mtg-app.com/	1970-01-20 21:05:00	Name: _ga Value: GA1.2.514754803.1682940625
.mtg-app.com/	1970-01-20 11:30:27	Name: _gid Value: GA1.2.1540739850.1682940625
.mtg-app.com/	1970-01-20 11:29:00	Name: _gat Value: 1
.mtg-app.com/	1970-01-20 13:38:36	Name: _fbp Value: fb.1.1682940624793.1289538532

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.locize.app
bit.ly
browser-update.org
citadel-mortgages.mtg-app.com
connect.facebook.net
maps.googleapis.com
maxcdn.bootstrapcdn.com
p.typekit.net
s3-ca-central-1.amazonaws.com
stats.g.doubleclick.net
use.typekit.net
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.225.83.103
13.32.27.113
16.12.5.81
2001:4860:4802:32::178
2600:9000:2057:ec00:4:8dcd:9500:93a1
2606:4700:20::ac43:459c
2606:4700::6812:acf
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2008
2a00:1450:400c:c04::9d
2a02:26f0:3500:16::215:1495
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
67.199.248.11
018db259bbc13164b0acca217ac0b6c8fd8a3e7868839f8423585db772dd0e3c
04bd4b35ca5ea873e13d0adff7bcd8d9567ae3b83b535830ce4461db1730b464
06439fe962114744c2909b6347b81e7745412ae3e283420ec6fb5064255bd3fb
08fbc120c631d486e2bacffedb441e5581566436b713588ab9a3cdc9d5718b52
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
099d7a7c5233f8c323bb86048376be86d9e97a4feafd8304651144a055012c71
0bc178c6e78bca51f93096b68af2734afc5d6bf18ec2a71ebffb1e635e03dac6
149712e3427b74c4a6dbbcf75f440fe1584c19601864e805a6788ca756241c49
1ab49094479b14e2b7ab065f250eb95d120472b043d403d2ac43861da6918288
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2f4955c2b03ab404552b7660c25c34151780ab15916f4cbded49ee71de1f3216
32185db67e25dede49909aea22a9cbe0a91cb411d1e2ece9c19e482b7428cabd
5330ae41eb1358591d391d80fe733103d8798f272a0cdbba7a4016a713999cc0
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5adad77261457049bfa107b6bf5877bf211aba918f2817fee62dd189c188b2e8
5f94cc643ef69a7c7ff801e421af3f4e472e5f6c55cb51933f6abf5eb0e70d8d
662971ca1eacebbcb6ae779b0bcb1e2d7416b446aaab19eb5b1c8cbe00490e70
67fcfee3aefd309397d0625bef2d9cfff7944e707934f12dadacb880bfa1f121
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75d3ed5d686101a435fa0256ba1961881937961dbfb5de541163dd0a5246cf9d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b80fbad5d4e27106e039978170ce1e482db9f777d322e03303c5847d4ea30a5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc
9ab2cbfe6ccb36bf703e876e9b9044361d95d6e4c46acb7d4bd3ba86494bf2eb
a4d724ba063c2547954a3773e05a7080aae16d213d93a5d68ee0baf76261f8fd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af09e9d6fa6f346492234222302afba5ad3f0187295f8903bdb02085a515f11b
af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221
b89b22ad742d4802bb729ed58852376a8ed85a99a410df64bd31e117408e7b1f
bbe4e278ef89383f1fe9f5c738e9810538d109df8de922edb0f5fb27b96384ff
bd932aca3bbdee045705d1bb70d3589e6ef67236d99bbd3f1e771333dae40893
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc
dea64d84b62424332852636d2d26340ae6f151f0548c3cc4eb2dfec05ef385fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ed7856f8be15fa97b9234e0302da27d0bd58323cf455e971ea7bd74e699c0065
f871ccf0df8ee28af89289954fe23c6777e52eb31bcf87904e334fa7c5805a3b
fbac1a654ccf5ea25fdd74ce9e5bacde9d755527a2e1ce9b2e2cb43102dc2a07

citadel-mortgages.mtg-app.com Open in urlscan Pro 13.32.27.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

75 %IPv6

16 Domains

17 Subdomains

16 IPs

4 Countries

4082 kBTransfer

6003 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

citadel-mortgages.mtg-app.com Open in urlscan Pro
13.32.27.113 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

75 %
IPv6

16
Domains

17
Subdomains

16
IPs

4
Countries

4082 kB
Transfer

6003 kB
Size

5
Cookies

43 HTTP transactions
1 data transactions