citadelbanking-recover-account.ns01.us Open in urlscan Pro
198.98.48.120  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://citadelbanking-recover-account.ns01.us/ HTTP 301
   https://citadelbanking-recover-account.ns01.us/ HTTP 302
   https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4031716%26time%3D1693925783515%26url%3Dhttps%253A%252F%252Fcitadelbanking-recover-account.ns01.us%252Flogin.php%253Fbadge%253Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&cookiesTest=true&liSync=true&e_ipv6=AQLU-xFpG-YVpgAAAYpl2Dn8_5NQSy3SxWCx3z_m69Ul9xjdG50ak6sLSXgULfVtfDfCfNo

Request Chain 94

• https://um.simpli.fi/smaato HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=010B3B1854C34A27A262DEC17EDF142F&cookieCheck=1 HTTP 302
• https://sync.1rx.io/usersync/smaato/20478041b6?gdpr=0&gdpr_consent= HTTP 302
• https://sync.1rx.io/usersync/smaato/20478041b6?zcc=1&cb=1693925785010 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-00bd9351-55d5-48f3-9be8-4a0c7dc67207-005

Request Chain 95

• https://um.simpli.fi/nexxen HTTP 302
• https://sync.1rx.io/usersync/simplifi/010B3B1854C34A27A262DEC17EDF142F

Request Chain 96

• https://um.simpli.fi/triplelift HTTP 302
• https://eb2.3lift.com/xuid?mid=7969&xuid=010B3B1854C34A27A262DEC17EDF142F&dongle=yf3 HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=010B3B1854C34A27A262DEC17EDF142F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 97

• https://um.simpli.fi/telaria_p HTTP 302
• https://simplifi.partners.tremorhub.com/sync?UISF=010B3B1854C34A27A262DEC17EDF142F

Request Chain 98

• https://um.simpli.fi/tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=010B3B1854C34A27A262DEC17EDF142F

Request Chain 99

• https://um.simpli.fi/ad_advisor HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://d.agkn.com/pixel/10751/?che=1693925784817&ip=38.132.118.67&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213480604630007762811 HTTP 302
• https://um.simpli.fi/aa_px?sk=213480604630007762811 HTTP 302
• https://um.simpli.fi/empty.gif

Request Chain 100

• https://um.simpli.fi/intentiq HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=010B3B1854C34A27A262DEC17EDF142F&ckls=true&ci=w6B3QTjeB6&nc=false&trid=-1854772472

Request Chain 101

• https://um.simpli.fi/pubmatic HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:010B3B1854C34A27A262DEC17EDF142F

Request Chain 102

• https://um.simpli.fi/freewheel HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=010B3B1854C34A27A262DEC17EDF142F

Request Chain 103

• https://um.simpli.fi/dtnx HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=010B3B1854C34A27A262DEC17EDF142F;mimetype=img; HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=010B3B1854C34A27A262DEC17EDF142F;mimetype=img;sr HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NjI2Nzk2NDAyNTc2ODQ2MzIyNg== HTTP 302
• https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEItmOeosIbTGkvAzbgqNsSo&google_cver=1

Request Chain 104

• https://um.simpli.fi/exelatem HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=010B3B1854C34A27A262DEC17EDF142F&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=010B3B1854C34A27A262DEC17EDF142F&j=0&xl8blockcheck=1

Request Chain 105

• https://um.simpli.fi/yahoo HTTP 302
• https://ups.analytics.yahoo.com/ups/55964/sync?uid=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://ups.analytics.yahoo.com/ups/55964/sync?uid=010B3B1854C34A27A262DEC17EDF142F&verify=true

Request Chain 106

• https://um.simpli.fi/beachfront HTTP 302
• https://sync.bfmio.com/sync?pid=141&uid=010B3B1854C34A27A262DEC17EDF142F

Request Chain 107

• https://um.simpli.fi/bluekai HTTP 302
• https://stags.bluekai.com/site/29931?id=010B3B1854C34A27A262DEC17EDF142F

Request Chain 108

• https://um.simpli.fi/crwdcntrl HTTP 302
• https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=010B3B1854C34A27A262DEC17EDF142F

Request Chain 109

• https://um.simpli.fi/lj_match HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=010B3B1854C34A27A262DEC17EDF142F&dnr=1

Request Chain 110

• https://um.simpli.fi/liveramp_match HTTP 302
• https://idsync.rlcdn.com/419566.gif?partner_uid=010B3B1854C34A27A262DEC17EDF142F HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogMDEwQjNCMTg1NEMzNEEyN0EyNjJERUMxN0VERjE0MkYQABoNCJiD3acGEgUI6AcQAEIASgA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=8bbabdf3ff06b88fbd84e5aadf793cfddaec1098a43d5134edf3ee7421ce2bf2791426b5417dce21&_=2 HTTP 307
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8bbabdf3ff06b88fbd84e5aadf793cfddaec1098a43d5134edf3ee7421ce2bf2791426b5417dce21&rand=05950462

Request Chain 111

• https://www.googleadservices.com/pagead/conversion/1026675585/?random=1693925784398&cv=7&fst=1693925784398&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1727879299&cv=7&fst=1693925784398&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mEH3ZPiwJM7W_gTM1a_QCw&sscte=1&crd=CKK4sQI&pscrd=IhMI-Nyqpd2TgQMVTqufCh3M6gu6 HTTP 302
• https://www.google.com/pagead/1p-conversion/1026675585/?random=1727879299&cv=7&fst=1693925784398&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=IhMI-Nyqpd2TgQMVTqufCh3M6gu6&is_vtc=1&ocp_id=mEH3ZPiwJM7W_gTM1a_QCw&cid=CAQSKQBpAlJWUEkIKABlYtVVVuZopdPaiSV8CWGElGZemFfMebSza6aVSEZ-&random=2390784782

Request Chain 112

• https://um.simpli.fi/spotx_match HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7797&uid=010B3B1854C34A27A262DEC17EDF142F

Request Chain 113

• https://um.simpli.fi/an HTTP 302
• https://ib.adnxs.com/setuid?entity=66&code=010B3B1854C34A27A262DEC17EDF142F HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D010B3B1854C34A27A262DEC17EDF142F

Request Chain 114

• https://um.simpli.fi/rb_match HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=010B3B1854C34A27A262DEC17EDF142F&expires=365

Request Chain 115

• https://um.simpli.fi/ox_match HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072966&val=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=010B3B1854C34A27A262DEC17EDF142F

Request Chain 116

• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
• https://um.simpli.fi/g_match?id=&google_gid=CAESEOAUMgJwzsXdBkDZOz6Yud4&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=010B3B1854C34A27A262DEC17EDF142F HTTP 302
• https://um.simpli.fi/g_match?id=

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response citadelbanking-recover-account.ns01.us/ Redirect Chain http://citadelbanking-recover-account.ns01.us/ https://citadelbanking-recover-account.ns01.us/ https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875	434 KB 63 KB	126ms 126ms	Document text/html	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 6e6dc51aea36e3c30574e7518c0afac876a1bf87c8eed34b35becf8577869fc0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 05 Sep 2023 14:56:14 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Type text/html; charset=UTF-8 Date Tue, 05 Sep 2023 14:56:14 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Location login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Pragma no-cache Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	q2-tecton-theme.css citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/	29 KB 30 KB	104ms 57ms	Stylesheet text/css	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-theme.css Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash d4628708699f65539acf57ac596d235a4cc583c12560a27751155b283f2068ad Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:14 GMT Last-Modified Fri, 05 May 2023 05:54:10 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a02-75fe" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 30206
GET H/1.1	200 OK	app.css citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/	120 KB 120 KB	161ms 57ms	Stylesheet text/css	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/app.css Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 2a45a3cfd0b0fa8af0a445e99410dd268776248b26367ca24f017ecb3e7ed1c6 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:14 GMT Last-Modified Fri, 05 May 2023 05:54:10 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a02-1dfd0" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 122832
GET H/1.1	200 OK	highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/	1 MB 1 MB	224ms 112ms	Stylesheet text/css	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 2f4f4e3dc0856bd0f5ba0fc25f6597869952556f9c40f4e1b3877d8fe8b587a7 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:14 GMT Last-Modified Fri, 05 May 2023 05:54:10 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a02-152e81" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1388161
GET H/1.1	200 OK	base.css citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/	78 B 322 B	170ms 56ms	Stylesheet text/css	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/base.css Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash c9e9ab1c11be0da2ea654af9e97f98228f5ee24f50fb00ad2a37e27f86a3b86c Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:14 GMT Last-Modified Fri, 05 May 2023 05:54:12 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a04-4e" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 78
GET H/1.1	200 OK	theme-q2-3be9eb26fb212138080388cf113f7fcd.css citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/	1 MB 1 MB	225ms 112ms	Stylesheet text/css	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/theme-q2-3be9eb26fb212138080388cf113f7fcd.css Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 13b29e90471ae30c4d4b24b454d3346829420009d73df825b8397dec0154424f Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:14 GMT Last-Modified Fri, 05 May 2023 05:54:12 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a04-14a937" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1354039
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	115ms 43ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:14 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-15d9d" surrogate-control max-age=315360000;hw-h2proxy vary Accept-Encoding x-hw 1693925774.cdn4-pxy207-mia02.mi1.evs,1693925774.cds223.mi1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000,public accept-ranges bytes content-length 30875
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/950291671/	2 KB 2 KB	196ms 80ms	Script text/javascript	2607:f8b0:4004:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950291671/?random=1683222834779&cv=11&fst=1683222834779&bg=ffffff&guid=ON&async=1&gtm=45He3510&u_w=1366&u_h=768&url=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx&ref=https%3A%2F%2Fwww.citadelbanking.com%2F&hn=www.googleadservices.com&frm=0&tiba=Citadel%20FCU&auid=693226790.1683222814&uaa=x86&uab=64&uafvl=Chromium%3B112.0.5615.138%7CGoogle%2520Chrome%3B112.0.5615.138%7CNot%253AA-Brand%3B99.0.0.0&uamb=0&uap=Windows&uapv=12.0.0&uaw=0&rfmt=3&fmt=4 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144a93cde96d20fb0bcf9eeb4fde5b04ff5015a533c6332e7079638afc84a751 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1310 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tecton-590048df214033d1c1591d552a32c9af.css citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/	9 KB 9 KB	171ms 57ms	Stylesheet text/css	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 66967be43a8a35aee96fd630e243242bb1a0ce28e4bdfb4704381e64a558f3e8 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:14 GMT Last-Modified Fri, 05 May 2023 05:54:12 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a04-2404" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 9220
GET H2	200	.jsonp Show response lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/	308 KB 107 KB	240ms 57ms	Script application/x-javascript	208.89.12.153 LIVEPERSON
General Check archive.org Show headers Download Go to Full URL https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.89.12.153 , United States, ASN11054 (LIVEPERSON, US), Reverse DNS lptag.liveperson.net Software ws / Resource Hash 424fec8c61f2e45521482db72fce793b13ceae58e85698eaa12a041bfb9b471e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:14 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff content-encoding gzip server ws x-cache-status HIT access-control-allow-methods GET, POST, PATCH content-type application/x-javascript access-control-expose-headers X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options cache-control public, max-age=630 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
GET H2	200	134605299.js Show response bat.bing.com/p/action/	4 KB 2 KB	130ms 58ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/134605299.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 35321f2739b2957e42732473b426989a2357070ee0312c8222cb1e5828b471d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Tue, 05 Sep 2023 14:56:17 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 91811FDF2A6843118B0E32077B033E0D Ref B: MIAEDGE1717 Ref C: 2023-09-05T14:56:17Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	200	ui-framework.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/	40 KB 12 KB	87ms 86ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:17 GMT content-encoding br x-guploader-uploadid ADPycdt5cbxP6TFaqbWWv4jvN5y2EYxEdzhsrYS5QX_sc0LV4t-Q1s8vJNVYH41iK4IVhLrfD92fTwROk1aJlC0lYQHXew x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 last-modified Sat, 17 Jun 2023 16:22:59 GMT server UploadServer etag W/"0dfc7fa7d2051d776d5937b7a3a7c4dd" vary Accept-Encoding x-goog-generation 1687018979345736 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q== access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control public,max-age=3600 x-goog-stored-content-length 40455 accept-ranges none
GET H3	200	UMSClientAPI.min.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/	88 KB 24 KB	96ms 96ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:17 GMT content-encoding br x-guploader-uploadid ADPycdvSqoq2GR6WZf0_U4gNOiYYoSJTAz5P9GFIeSI3ESfR8zmI6Gko1ERvbwHCoIieWc8ZTfh2rXKmlC7eJH903M0Kow x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 last-modified Sat, 17 Jun 2023 16:22:59 GMT server UploadServer etag W/"8f52a626981f930e71e87f22a5f0080d" vary Accept-Encoding x-goog-generation 1687018979574643 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=D9Dodw==, md5=j1KmJpgfkw5x6H8ipfAIDQ== access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control public,max-age=3600 x-goog-stored-content-length 90535 accept-ranges none
GET H3	200	lpChatV3.min.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/	92 KB 26 KB	95ms 94ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:18 GMT content-encoding br x-guploader-uploadid ADPycdvW3cQEp8VyMxcUJRRZGa5dTWe1FzpHieO9gHbFQrpPbG6vXayGXZDEpx-IbRg1g8K3fyGPj0Rlabzs7xNasyeT3g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 last-modified Sat, 17 Jun 2023 16:22:59 GMT server UploadServer etag W/"d32e789b3183ed4536dc36e4cabf74ec" vary Accept-Encoding x-goog-generation 1687018979737136 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=JX6E+w==, md5=0y54mzGD7UU23Dbkyr907A== access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control public,max-age=3600 x-goog-stored-content-length 93955 accept-ranges none
GET H3	200	surveylogicinstance.min.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/	8 KB 2 KB	74ms 74ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:18 GMT content-encoding br x-guploader-uploadid ADPycdt0mzMDOLHht_CeJERGsNOQls8z0sAR-Nxh2TP4Ivm5Ms38Od0vuED_qKM_l6w5NoXAUdW84pbwXuhECs4sEPAOyQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 last-modified Sat, 17 Jun 2023 16:22:59 GMT server UploadServer etag W/"d53092c1d6e0a7a3d1bb802c67a6e1e9" vary Accept-Encoding x-goog-generation 1687018979285447 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q== access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control public,max-age=3600 x-goog-stored-content-length 7866 accept-ranges none
GET H3	200	desktopEmbedded.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/	976 KB 237 KB	2730ms 2729ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash ee154a894141cd3c4b00a7538eaba115b66356dadc2f72425a72b6b6ba395a7b Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:18 GMT content-encoding br x-guploader-uploadid ADPycdsdNwDdQObrWv3s0f8Q65ORNpQaGxk7Sp2oeyM2c4RwXqCLHTC048Z_1Aurg-MyLFNUtZPaN1xzfXPRN73SY5XTmA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 last-modified Sat, 17 Jun 2023 16:22:59 GMT server UploadServer etag W/"e14121e1120a46de140ce3d55dbec5b2" vary Accept-Encoding x-goog-generation 1687018979791126 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=zA1O8g==, md5=4UEh4RIKRt4UDOPVXb7Fsg== access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control public,max-age=3600 x-goog-stored-content-length 999172 accept-ranges none
GET H/1.1	200 OK	q2-pendo.js Show response citadelbanking-recover-account.ns01.us/cdn/pendo/	8 KB 8 KB	126ms 58ms	Script application/javascript	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/pendo/q2-pendo.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash cfcda23f40606a339333dbff71f899be62524a7fdbbcd34311eb007be50777a5 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:14 GMT Last-Modified Fri, 05 May 2023 05:54:20 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a0c-1ede" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 7902
GET H/1.1	200 OK	q2-tecton-elements.esm.js Show response citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/	12 KB 13 KB	181ms 57ms	Script application/javascript	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/q2-tecton-elements.esm.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 00d1281b630443e4d7d54eb4120f6b00f10a6bc7f9a68636c3b3e19e6f012f34 Request headers Referer https://citadelbanking-recover-account.ns01.us/ Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:14 GMT Last-Modified Fri, 05 May 2023 05:54:22 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a0e-318e" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 12686
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	5 KB 3 KB	230ms 73ms	Script application/x-javascript	3.161.255.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.161.255.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-255-109.yul62.r.cloudfront.net Software AmazonS3 / Resource Hash 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 08:48:50 GMT Content-Encoding gzip Via 1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront) Last-Modified Tue, 01 Aug 2023 20:10:44 GMT Server AmazonS3 X-Amz-Cf-Pop YUL62-P2 Age 22044 ETag W/"b7474eac210849250426a8f6a39d00f3" x-amz-server-side-encryption AES256 Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id X2LvnjFsw8RKElZ8adsrJ_jUJZ8bHqLNpAWcPq57hWBgXHMHWmDlVg==
GET H2	204	0 bat.bing.com/action/	0 359 B	55ms 55ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=134605299&tm=gtm002&Ver=2&mid=db6d6937-00c8-4deb-86df-4d35ac3bdca2&sid=978a3c60eaa411edbd2f55eb9cd6dae4&vid=978a44d0eaa411ed804713a4cc1839e8&vids=0&msclkid=N&uach=pv%3D12.0.0&pi=918639831&lg=en-US&sw=1366&sh=768&sc=24&tl=Citadel%20FCU&p=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx&r=https%3A%2F%2Fwww.citadelbanking.com%2F&lt=3025&evt=pageLoad&sv=1&rn=193761 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 05 Sep 2023 14:56:20 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 4B5BB6D8409745B29B1F0C4CF49262A3 Ref B: MIAEDGE1717 Ref C: 2023-09-05T14:56:21Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Serving Show response bs.serving-sys.com/	2 KB 1 KB	201ms 67ms	Script text/html	3.131.208.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073743235&dispType=js&sync=0&sessionid=8705209511755035516&pageurl=$$https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx$$&activityValues=$$Session%3D1803009043109511066$$&ns=0&rnd=5867917631420261&referrer=$$https%3A%2F%2Fwww.citadelbanking.com%2F$$&uinadv=%7B%7D&ccpastatus=1 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.131.208.4 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-131-208-4.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3489fd639e07b4fdcd8e7195a578ae7b9f017c5327fa121fafc11dac3cea6fea Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:21 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type text/html; charset=UTF-8 access-control-allow-origin * p3p CP="NOI DEVa OUR BUS UNI" cache-control no-cache, no-store content-length 841 expires Sun, 05-Jun-2005 22:00:00 GMT
GET H2	200	storage.secure.min.js Show response lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/	37 KB 14 KB	129ms 31ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:00:22 GMT content-encoding br age 3355 x-guploader-uploadid ADPycdv9J3mlQXUDys7Gihz0qN6hX_BL3wAKBadq-ZK8T7aEs-ApkTGdRJofwzxuxwztD5dd1WAeKEHDoy7dpC9dVPCdLg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13407 last-modified Sat, 17 Jun 2023 09:58:12 GMT server UploadServer etag W/"c45eeed74a24f46b0e7a5c5faaae4731" vary Accept-Encoding x-goog-generation 1686995892942818 x-goog-hash crc32c=s01eVg==, md5=xF7u10ok9GsOelxfqq5HMQ== access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control public,max-age=3600 x-goog-stored-content-length 38358 accept-ranges none content-type application/javascript
GET H/1.1	200 OK	ncua_logo_small-b690f247c19ea4970c9d08b2b479f16a.png citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/images/	4 KB 4 KB	57ms 56ms	Image image/png	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Show image Full URL https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/images/ncua_logo_small-b690f247c19ea4970c9d08b2b479f16a.png Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e0553d5e1f49291bd1730745a95e155e6951aebb077378914eb2816b059a6448 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:21 GMT Last-Modified Fri, 05 May 2023 05:54:10 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a02-f54" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3924
GET H2	200	css fonts.googleapis.com/	3 KB 912 B	183ms 66ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Dosis:300,400,500&display=swap Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash abba7247f0ef6bdb47970b488883dc3a4757d62903501436984f237906e9203b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 05 Sep 2023 14:56:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 05 Sep 2023 13:07:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 05 Sep 2023 14:56:14 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/950291671/	42 B 455 B	184ms 69ms	Image image/gif	2607:f8b0:4004:c0b::68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/950291671/?random=1683222834779&cv=11&fst=1683219600000&bg=ffffff&guid=ON&async=1&gtm=45He3510&u_w=1366&u_h=768&url=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx&ref=https%3A%2F%2Fwww.citadelbanking.com%2F&frm=0&tiba=Citadel%20FCU&fmt=3&is_vtc=1&random=2108397457&rmt_tld=0&ipr=y Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::68 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:22 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	134605299 Show response www.clarity.ms/tag/uet/	1022 B 1 KB	198ms 61ms	Script application/x-javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/134605299 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/134605299.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash bfcd145340690dfd04eff4952c54ba715d6f81a106256245099d027f714fa2af Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers request-context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d date Tue, 05 Sep 2023 14:56:21 GMT x-azure-ref 0lkH3ZAAAAADG5GqmN/O6TbDkZKcAuG9xQk4xQUEyMDUxMDE4MDQ3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store content-length 1022 expires -1
GET H2	200	gtm.js Show response www.googletagmanager.com/	411 KB 108 KB	271ms 131ms	Script application/javascript	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 26d926128fc1450d1991bd653ebdca9949ae1a832ed28e71a2bf28e06ba13563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110638 x-xss-protection 0 last-modified Tue, 05 Sep 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Sep 2023 14:56:22 GMT
GET H/1.1	200 OK	ember-template-compiler.js Show response citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/	349 KB 349 KB	115ms 115ms	XHR application/javascript	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/ember-template-compiler.js?_=1693925782659 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 5eb0a8bf4778c5e21b4c42e0bce39184746ffe6537871c6f3c80919e6142c275 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://citadelbanking-recover-account.ns01.us/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Last-Modified Fri, 05 May 2023 05:54:22 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a0e-574ea" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 357610
GET H2	200	pendo-2.110.2_a.js Show response cdn1.onlineaccess1.com/cdn/static/q2-pendo/	430 KB 133 KB	121ms 46ms	Script application/javascript	192.0.54.4 Q2HOLDINGS
General Check archive.org Show headers Download Go to Full URL https://cdn1.onlineaccess1.com/cdn/static/q2-pendo/pendo-2.110.2_a.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/pendo/q2-pendo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US), Reverse DNS Software cloudflare / Resource Hash e80839a5e252a2bfccb67fd501dc5675e3300b7a4ca74406d6a37ef7ce7c50de Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:22 GMT content-encoding gzip cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload age 61200 last-modified Fri, 09 Jun 2023 16:21:43 GMT server cloudflare etag W/"64835197-6b94f" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin * access-control-allow-headers * cf-ray 801f518edea29ad2-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	193 KB 52 KB	235ms 77ms	Script application/x-javascript	2a03:2880:f00e:13:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 05 Sep 2023 14:56:22 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 52127 x-xss-protection 0 pragma public x-fb-debug 6Xr+UXzalIZ0kxjvN02TpntpfqrEQAXIIxW1s0/6jPxYGaK0rYrvS9ErhPiV9buRslyfPRTUHAxaH4qBdt4PEQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ebOneTag.js Show response secure-ds.serving-sys.com/SemiCachedScripts/	73 KB 22 KB	231ms 56ms	Script application/javascript	23.12.146.160 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.12.146.160 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-12-146-160.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 2ca9b16cf6f36ce0ea89f5ab98181eb2628ed9c214921af33e281b85a3efaaf7 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:22 GMT content-encoding gzip last-modified Wed, 23 Aug 2023 14:39:07 GMT server AmazonS3 x-amz-request-id Q3SDHVHBKQA7C28Q x-amz-cf-pop JFK52-P1 etag "96382cdc41be13b5fb94b870287ad6fe" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript access-control-allow-origin * accept-ranges bytes x-amz-cf-id 0xGfLi0o0o7YxyqsKVRnbyqFiWTjHnE5O7nZ_wNHjAJdHs-BVtTqeQ== x-amz-id-2 1pzeF8BRTVD8iXZHF73nmGvT3s676rmrPISXSq1PSfIvUF57svZ6cJkEp6vVanp9HGxuM6BVx7Q= content-length 21733
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	23 KB 8 KB	96ms 30ms	Script application/javascript	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:22 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Thu, 15 Jun 2023 20:49:59 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "4a205643a240cb95fa82289d62b5af7e" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 7409
GET H3	200	storage.secure.min.html Show response lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 32A9	39 KB 13 KB	32ms 32ms	Document text/html	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&env=prod&accdn=accdn.lpsnmedia.net Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48 Request headers Referer https://citadelbanking-recover-account.ns01.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges none access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev age 3424 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=3600 content-encoding br content-length 13672 content-type text/html date Tue, 05 Sep 2023 13:59:18 GMT etag W/"c324135b527679ce95ee8393a719af9d" last-modified Sat, 17 Jun 2023 09:58:13 GMT server UploadServer vary Accept-Encoding x-goog-generation 1686995892984320 x-goog-hash crc32c=Au+7sg== md5=wyQTW1J2ec6V7oOTpxmvnQ== x-goog-metageneration 1 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 39463 x-guploader-uploadid ADPycdvGo52xUHE6lmOg0FKcoYtWUZAkMGBcBroV2-5bLhCdYr-8frpF7mvUOOQTwbRbQjnFqxgL63uEOO1XeCwYMirgig
GET H2	200	tag.js Show response lptag.liveperson.net/tag/	26 KB 10 KB	163ms 162ms	Script application/javascript	208.89.12.153 LIVEPERSON
General Check archive.org Show headers Download Go to Full URL https://lptag.liveperson.net/tag/tag.js?site=71465649 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.89.12.153 , United States, ASN11054 (LIVEPERSON, US), Reverse DNS lptag.liveperson.net Software ws / Resource Hash 07c2ef0fac89b65b6f0877cb66f64a74469b2ad8759bf41097a8c76b8ff782bc Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:22 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains last-modified Tue, 22 Aug 2023 10:45:27 GMT server ws etag "64e491c7-2494" access-control-allow-methods GET, POST, PATCH content-type application/javascript access-control-expose-headers X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options cache-control public, max-age=630 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token content-length 9364
GET H/1.1	200 OK	p-f844ee08.js Show response citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/	23 KB 23 KB	114ms 114ms	Script application/javascript	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/p-f844ee08.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 3f749d60188fe2e7fbb9959fabb7dc00a62a45bb1f0dd2b7764e24f34ef75b41 Request headers Referer https://citadelbanking-recover-account.ns01.us/ Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Last-Modified Fri, 05 May 2023 05:54:22 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a0e-5b4a" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 23370
GET H/1.1	200 OK	p-ad63be1e.js Show response citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/	2 KB 2 KB	57ms 56ms	Script application/javascript	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/p-ad63be1e.js Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a1ed8fdc986ec25860aca0e4d79dc21a0508cf7b2ee69cf8eb45721539d99c01 Request headers Referer https://citadelbanking-recover-account.ns01.us/ Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Last-Modified Fri, 05 May 2023 05:54:22 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a0e-833" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 2099
GET		up insight.adsrvr.org/track/ Frame 2983	0 0
GET DATA	200 OK	truncated /	35 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	logo_large-b9d56583bd20afb2c2fd585c304d8fe2.png cdn1.onlineaccess1.com/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/images/logos/	11 KB 10 KB	259ms 201ms	Image image/png	192.0.54.4 Q2HOLDINGS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onlineaccess1.com/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/images/logos/logo_large-b9d56583bd20afb2c2fd585c304d8fe2.png Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/theme-q2-3be9eb26fb212138080388cf113f7fcd.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US), Reverse DNS Software cloudflare / Resource Hash 826f4907a40c5811a9ceacc94e00a75cad0b9761abb9e24f4af566fe1bd9ed7e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 27 Apr 2023 14:15:52 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload etag W/"644a8398-2c09" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin * access-control-allow-headers * cf-ray 801f518ede9e9ad2-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	OpenSans-Regular.woff citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/	106 B 364 B	57ms 56ms	Font application/font-woff	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Regular.woff Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 67bb5ea879197749b358d19227bbd5163e3e716b5639a1dd5e3ab9f5682d3eb9 Request headers Referer https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Last-Modified Fri, 05 May 2023 05:54:10 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a02-6a" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 106
GET H/1.1	200 OK	OpenSans-Semibold.woff citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/	107 B 365 B	57ms 57ms	Font application/font-woff	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Semibold.woff Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e81f7bc551d1536936fba9fa924fd345ef199720ed67a3ca7c6b02ad0cf5efa3 Request headers Referer https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Last-Modified Fri, 05 May 2023 05:54:10 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a02-6b" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 107
GET H/1.1	404 Not Found	OpenSans-Regular.ttf citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/	0 0	57ms 57ms	Font text/html	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Regular.ttf Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Referer https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	OpenSans-Semibold.ttf citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/	0 0	57ms 56ms	Font text/html	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Semibold.ttf Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Referer https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	129ms 63ms	Image image/gif	151.101.1.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1693925782872&id=t2_v5ag9w85&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=c7149f4a-9e3c-4900-9c69-ce7f50032470&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.140 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:22 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.10/	57 KB 20 KB	56ms 55ms	Script application/javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.10/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/134605299 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:21 GMT content-encoding br last-modified Sun, 03 Sep 2023 09:54:41 GMT x-azure-ref-originshield 0ReL2ZAAAAAAzTirq5MabQb/miJqnqQYtTU5aMjIxMDYwNjEyMDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== etag "0x8DBAC63CB8CA026" x-azure-ref 0lkH3ZAAAAAAmfv/EA6+oTLxwFJjKQX+hQk4xQUEyMDUxMDE4MDQ3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache TCP_HIT content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 466b2b0d-501e-0039-4dcd-dfd5c7000000 cache-control public, max-age=86400 x-ms-version 2018-03-28 accept-ranges bytes
GET H/1.1	404 Not Found	OpenSans-Semibold.woff citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/	0 0	59ms 58ms	Font text/html	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Semibold.woff Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Referer https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	OpenSans-Regular.woff citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/	139 B 397 B	58ms 57ms	Font application/font-woff	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.woff Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash d18a57b29db8a08ba71ad132233d6b0f20b3b5c3e60522d355136a8a095e52d0 Request headers Referer https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:22 GMT Last-Modified Fri, 05 May 2023 05:54:10 GMT Server nginx/1.14.0 (Ubuntu) ETag "64549a02-8b" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 139
GET H2	200	.jsonp Show response lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/	308 KB 107 KB	201ms 201ms	Script application/x-javascript	208.89.12.153 LIVEPERSON
General Check archive.org Show headers Download Go to Full URL https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.89.12.153 , United States, ASN11054 (LIVEPERSON, US), Reverse DNS lptag.liveperson.net Software ws / Resource Hash 424fec8c61f2e45521482db72fce793b13ceae58e85698eaa12a041bfb9b471e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff content-encoding gzip server ws x-cache-status HIT access-control-allow-methods GET, POST, PATCH content-type application/x-javascript access-control-expose-headers X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options cache-control public, max-age=630 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
GET H/1.1	404 Not Found	OpenSans-Regular.ttf citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/	0 0	67ms 67ms	Font text/html	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.ttf Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Referer https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:23 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	OpenSans-Semibold.ttf citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/	0 0	56ms 56ms	Font text/html	198.98.48.120 PONYNET
General Check archive.org Show headers Download Go to Full URL https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Semibold.ttf Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Referer https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css Origin https://citadelbanking-recover-account.ns01.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:23 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H2	200	1073743235 Show response secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/	2 KB 908 B	223ms 57ms	XHR application/octet-stream	23.12.146.160 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/1073743235 Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.12.146.160 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-12-146-160.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 6d54a86d4c9175b78d098370bba18634b0366d8c047bb49cfe0df9ca5439470a Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers x-amz-version-id D99PwiwxsBo2ly_ZqiJL5gvtv.IhrZlW content-encoding gzip date Tue, 05 Sep 2023 14:56:23 GMT last-modified Mon, 12 Jun 2023 15:12:25 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 etag "4c66c6237100b8b004cf8a6125c3e3e3" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * cache-control max-age=122 accept-ranges bytes x-amz-cf-id KYzr68XsJ7NQ9yTO2HZX3rhXgiK3ILCqsHkRdIfFBNDqO75EX-8DSw== content-length 585
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 318 B	283ms 168ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.10/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://citadelbanking-recover-account.ns01.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Access-Control-Allow-Origin https://citadelbanking-recover-account.ns01.us Date Tue, 05 Sep 2023 14:56:23 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	688706377929917 Show response connect.facebook.net/signals/config/	167 KB 42 KB	79ms 78ms	Script application/x-javascript	2a03:2880:f00e:13:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/688706377929917?v=2.9.125&r=stable&domain=citadelbanking-recover-account.ns01.us Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e662b1fbcedf78ff964580d24339d13138541d63904f1046df7606cbe313dc28 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 05 Sep 2023 14:56:23 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 42177 x-xss-protection 0 pragma public x-fb-debug vtbyHhYFRCjLXW5lYAfqRy7G7DgPEQNLCk8r/0AH4hhvtTLaM5kwchI6LwREPyFXwV0dF7JVjOjRmC9Auqc9hQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/950291671/	2 KB 2 KB	136ms 135ms	Script text/javascript	2607:f8b0:4004:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950291671/?random=1693925783242&cv=11&fst=1693925783242&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&hn=www.googleadservices.com&frm=0&tiba=Citadel%20FCU&auid=325529641.1693925783&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash af48e657bc58001cd56abf72d451666d3a686eaa89d4f43f5a5e53495d87b8f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1406 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	2312.js Show response script.crazyegg.com/pages/scripts/0084/	6 KB 2 KB	119ms 40ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0084/2312.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b2c106f284c1e6556e26e313208730fd31cc3aa4ef97d951bee19baea55a85c Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip cf-cache-status HIT age 111310 cf-polished origSize=6004 ce-version 11.5.121 cf-bgj minify last-modified Mon, 04 Sep 2023 08:01:13 GMT server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-ray 801f5191ebcd3714-MIA
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	12 KB 4 KB	195ms 61ms	Script application/x-javascript	2600:141b:e800:11::172c:838f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:e800:11::172c:838f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 Sep 2023 13:41:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=81938 accept-ranges bytes content-length 3822
GET H2	200	bat.js Show response bat.bing.com/	42 KB 12 KB	56ms 56ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 05 Sep 2023 14:56:22 GMT last-modified Fri, 28 Jul 2023 18:19:39 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 676332D591344A759E4DAD8F67A3EF87 Ref B: MIAEDGE1717 Ref C: 2023-09-05T14:56:23Z etag "806f3b1280c1d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12469
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	23 KB 7 KB	30ms 30ms	Script application/javascript	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Thu, 15 Jun 2023 20:49:59 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "4a205643a240cb95fa82289d62b5af7e" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 7409
GET H2	200	ndp.js Show response ads.nextdoor.com/public/pixel/	7 KB 3 KB	337ms 112ms	Script application/javascript	54.71.191.202 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.nextdoor.com/public/pixel/ndp.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.71.191.202 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-191-202.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash 4db51950bb9fdd01735b89f5d77793fac82b83033dd2d61fadaa89ce412cd139 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com; Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-security-policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com; content-encoding gzip last-modified Thu, 31 Aug 2023 20:35:31 GMT server istio-envoy etag W/"64f0f993-1c84" vary Accept-Encoding content-type application/javascript x-envoy-upstream-service-time 1
GET H2	200	ebOneTag.js Show response secure-ds.serving-sys.com/SemiCachedScripts/	73 KB 22 KB	56ms 56ms	Script application/javascript	23.12.146.160 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.12.146.160 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-12-146-160.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 2ca9b16cf6f36ce0ea89f5ab98181eb2628ed9c214921af33e281b85a3efaaf7 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip last-modified Wed, 23 Aug 2023 14:39:07 GMT server AmazonS3 x-amz-request-id Q3SDHVHBKQA7C28Q x-amz-cf-pop JFK52-P1 etag "96382cdc41be13b5fb94b870287ad6fe" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript access-control-allow-origin * accept-ranges bytes x-amz-cf-id 0xGfLi0o0o7YxyqsKVRnbyqFiWTjHnE5O7nZ_wNHjAJdHs-BVtTqeQ== x-amz-id-2 1pzeF8BRTVD8iXZHF73nmGvT3s676rmrPISXSq1PSfIvUF57svZ6cJkEp6vVanp9HGxuM6BVx7Q= content-length 21733
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	5 KB 3 KB	74ms 74ms	Script application/x-javascript	3.161.255.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.161.255.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-255-109.yul62.r.cloudfront.net Software AmazonS3 / Resource Hash 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 08:48:50 GMT Content-Encoding gzip Via 1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront) Last-Modified Tue, 01 Aug 2023 20:10:44 GMT Server AmazonS3 X-Amz-Cf-Pop YUL62-P2 Age 22053 ETag W/"b7474eac210849250426a8f6a39d00f3" x-amz-server-side-encryption AES256 Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id tg4vqnaqU_19z8DUZWE6Y9aBN9rtxsOvNmmmOZhEYghc4447FrrrEw==
GET H2	200	rp.gif alb.reddit.com/	42 B 98 B	66ms 65ms	Image image/gif	151.101.1.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1693925783255&id=t2_v5ag9w85&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=c7149f4a-9e3c-4900-9c69-ce7f50032470&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.140 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	Serving Show response bs.serving-sys.com/	2 KB 1 KB	69ms 69ms	Script text/html	3.131.208.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073743235&dispType=js&sync=0&sessionid=1803131168364660922&pageurl=$$https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875$$&activityValues=$$Session%3D3154428238385654661$$&ns=0&rnd=2313161172&uinadv=%7B%7D&ccpastatus=1 Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.131.208.4 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-131-208-4.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 07b79e4dab6934ef5c5c644b5d5b86e050712ef05efe3778d2c6745e488c1da6 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type text/html; charset=UTF-8 access-control-allow-origin * p3p CP="NOI DEVa OUR BUS UNI" cache-control no-cache, no-store content-length 844 expires Sun, 05-Jun-2005 22:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	237ms 77ms	Image text/plain	2a03:2880:f10e:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=688706377929917&ev=PageView&dl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&rl=&if=false&ts=1693925783324&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=28&fbp=fb.1.1693925783319.1280925174&cs_est=true&pm=1&hrl=eb08b6&it=1693925783193&coo=false&cs_cc=1&cas=3925771287484067%2C3162681917134808&rqm=GET Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Sep 2023 14:56:23 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	134605299.js Show response bat.bing.com/p/action/	4 KB 2 KB	57ms 56ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/134605299.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 35321f2739b2957e42732473b426989a2357070ee0312c8222cb1e5828b471d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Tue, 05 Sep 2023 14:56:22 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 5C06794AEA674D898CBC34CD0AE1FDDD Ref B: MIAEDGE1717 Ref C: 2023-09-05T14:56:23Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 119 B	84ms 83ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=134605299&tm=gtm002&Ver=2&mid=e59318da-2b53-4c1a-b94c-39f957e5819b&sid=616b1d104bfc11eea9c26183965af66f&vid=616b10104bfc11ee99a7d7af204c4112&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Citadel%20FCU&p=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&r=&lt=8850&evt=pageLoad&sv=1&rn=50982 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 05 Sep 2023 14:56:22 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8480620643AA41A6A1404348C4687722 Ref B: MIAEDGE1717 Ref C: 2023-09-05T14:56:23Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1073743235 Show response secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/	2 KB 908 B	56ms 56ms	XHR application/octet-stream	23.12.146.160 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/1073743235 Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.12.146.160 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-12-146-160.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 6d54a86d4c9175b78d098370bba18634b0366d8c047bb49cfe0df9ca5439470a Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers x-amz-version-id D99PwiwxsBo2ly_ZqiJL5gvtv.IhrZlW content-encoding gzip date Tue, 05 Sep 2023 14:56:23 GMT last-modified Mon, 12 Jun 2023 15:12:25 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 etag "4c66c6237100b8b004cf8a6125c3e3e3" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * cache-control max-age=122 accept-ranges bytes x-amz-cf-id KYzr68XsJ7NQ9yTO2HZX3rhXgiK3ILCqsHkRdIfFBNDqO75EX-8DSw== content-length 585
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/10619/ Frame E684	59 KB 18 KB	242ms 84ms	Script text/javascript	3.162.3.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/10619/lt.min.js Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.3.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-126.yul62.r.cloudfront.net Software AmazonS3 / Resource Hash 8d43dd1d62d812cd57c0457fa0012d2ac274aea11741326e6c512af1e6bdd4f1 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Mon, 04 Sep 2023 15:36:12 GMT content-encoding gzip via 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront) last-modified Fri, 09 Jun 2023 21:00:12 GMT server AmazonS3 x-amz-cf-pop YUL62-P2 age 84012 etag W/"ae4e10aab27d2a567fb2af9510a6b883" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id r-k_XV7LaiIkXVa9j5x2oIyCvegvYbV37JdfYcMh2GACWmvzPPUGiw==
GET H2	200	dpx.js Show response i.simpli.fi/ Frame D99B	3 KB 4 KB	176ms 61ms	Script application/javascript	34.85.242.117 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052 Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.85.242.117 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 117.242.85.34.bc.googleusercontent.com Software / Resource Hash 9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache, no-cache date Tue, 05 Sep 2023 14:56:23 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 3095 x-request-id F4IIhnoe6UCyXwyfHDGF expires Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
GET		star.gif jelly.mdhv.io/v1/ Frame 6DC1	0 0
GET H2	200	citadelbanking-recover-account.ns01.us.json Show response script.crazyegg.com/pages/data-scripts/0084/2312/site/	13 KB 3 KB	192ms 129ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0084/2312/site/citadelbanking-recover-account.ns01.us.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0084/2312.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 254e1d310013d703d7c76319e099286013879599756e0d0f1db8c7453dfb36b3 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 05 Sep 2023 14:56:23 GMT server cloudflare vary Accept-Encoding content-type application/json ce-version 11.5.121 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 801f5192984c6dce-MIA content-length 2400
GET H2	200	134605299 Show response www.clarity.ms/tag/uet/	1022 B 1 KB	66ms 65ms	Script application/x-javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/134605299 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/134605299.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash bfcd145340690dfd04eff4952c54ba715d6f81a106256245099d027f714fa2af Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers request-context appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2 date Tue, 05 Sep 2023 14:56:23 GMT x-azure-ref 0l0H3ZAAAAADNjUiXQA+eRLiWW0qqbMLUQk4xQUEyMDUxMDE4MDQ3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store content-length 1022 expires -1
GET H2	200	/ www.google.com/pagead/1p-user-list/950291671/	42 B 108 B	73ms 72ms	Image image/gif	2607:f8b0:4004:c0b::68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/950291671/?random=1693925783242&cv=11&fst=1693922400000&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&frm=0&tiba=Citadel%20FCU&fmt=3&is_vtc=1&random=1052465143&rmt_tld=0&ipr=y Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::68 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:23 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Serving Show response bs.serving-sys.com/	2 KB 1 KB	69ms 69ms	Script text/html	3.131.208.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073743235&dispType=js&sync=0&sessionid=3581233742315308257&pageurl=$$https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875$$&activityValues=$$Session%3D2623249649278838919$$&ns=0&rnd=4118002217&uinadv=%7B%7D&ccpastatus=1 Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.131.208.4 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-131-208-4.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 735529da12e9297d21cf38e22bed8d32257e515dc2c6c4b2d159e8af54abf083 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type text/html; charset=UTF-8 access-control-allow-origin * p3p CP="NOI DEVa OUR BUS UNI" cache-control no-cache, no-store content-length 843 expires Sun, 05-Jun-2005 22:00:00 GMT
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	60ms 60ms	Script application/x-javascript	2600:141b:e800:11::172c:838f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:e800:11::172c:838f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 28 Aug 2023 12:14:15 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=14616 accept-ranges bytes content-length 4862
GET		star.gif jelly.mdhv.io/v1/ Frame B8F1	0 0
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/10619/ Frame 937D	59 KB 18 KB	142ms 99ms	Script text/javascript	3.162.3.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/10619/lt.min.js Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.3.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-126.yul62.r.cloudfront.net Software AmazonS3 / Resource Hash 8d43dd1d62d812cd57c0457fa0012d2ac274aea11741326e6c512af1e6bdd4f1 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Mon, 04 Sep 2023 15:36:12 GMT content-encoding gzip via 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront) last-modified Fri, 09 Jun 2023 21:00:12 GMT server AmazonS3 x-amz-cf-pop YUL62-P2 age 84012 etag W/"ae4e10aab27d2a567fb2af9510a6b883" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id f9AWTj5hf78kWm8ztOHuz_AJVLlFaUE6XUSlhN-q9824jydk2xo9Tg==
GET H2	200	dpx.js Show response i.simpli.fi/ Frame 97EB	3 KB 4 KB	62ms 62ms	Script application/javascript	34.85.242.117 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052 Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.85.242.117 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 117.242.85.34.bc.googleusercontent.com Software / Resource Hash 9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache, no-cache date Tue, 05 Sep 2023 14:56:23 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 3095 x-request-id F4IIhnolmEQHSs24z-pE expires Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/4031716/domain/citadelbanking-recover-account.ns01.us/	36 B 376 B	262ms 93ms	XHR application/json	2600:9000:26a0:1e00:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/4031716/domain/citadelbanking-recover-account.ns01.us/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26a0:1e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://citadelbanking-recover-account.ns01.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:46:52 GMT content-encoding gzip via 1.1 302bce0287d24df9c94be17a5fd67262.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-P2 age 571 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id ZNNchaRC4kljawcJSBwdrY5Xjw6scTP4h5Gue2WcQRUMLIXG-6tbeA==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4031716%26time%3D1693925783515%26url%3Dhttps%253A%252F%252Fcitadelbanking-recover... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9...	0 489 B	198ms 132ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&cookiesTest=true&liSync=true&e_ipv6=AQLU-xFpG-YVpgAAAYpl2Dn8_5NQSy3SxWCx3z_m69Ul9xjdG50ak6sLSXgULfVtfDfCfNo Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:24 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: C539281EB3E341FA9EB9D8D592C2CCDD Ref B: MIAEDGE1314 Ref C: 2023-09-05T14:56:24Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYEndSlUE6DmiytdPOfKw== Redirect headers date Tue, 05 Sep 2023 14:56:23 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 64B11BA8B0184E459FBCCFF11E6C5A1D Ref B: MIAEDGE1910 Ref C: 2023-09-05T14:56:24Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925783515&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&cookiesTest=true&liSync=true&e_ipv6=AQLU-xFpG-YVpgAAAYpl2Dn8_5NQSy3SxWCx3z_m69Ul9xjdG50ak6sLSXgULfVtfDfCfNo x-li-proto http/2 content-length 0 x-li-uuid AAYEndSiWAUzUviVqPdBTw==
GET H2	200	b2625509b46b716ab8df67870a7d87b8.js Show response script.crazyegg.com/pages/versioned/common-scripts/	91 KB 31 KB	38ms 38ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/common-scripts/b2625509b46b716ab8df67870a7d87b8.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0084/2312.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bc9a4bdde5c48a39cabd8840dec8bd11281dcdd167cf4440f383f01ad3ab123 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 24 Aug 2023 15:03:06 GMT server cloudflare age 346678 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes timing-allow-origin * cf-ray 801f51936e803714-MIA content-length 31312
GET H2	204	pixel flask.nextdoor.com/	0 112 B	119ms 112ms	Image text/plain	54.71.191.202 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://flask.nextdoor.com/pixel?pid=1fa3ad06-e4b3-40b4-b4b1-1da7a3bcc1fb&vrs=7.1&ev=PAGE_VIEW&pl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&ndclid=&ndclid_src=0&rf=&sem=&tm=1&iid=0171e390-082b-4254-8c34-ef2803d485d2&pageid=0c89a4c8-1949-4b4b-b0d2-8fb3508a85d8&sessionid=65252e22-d343-48fa-9040-ee6d9c6d426f Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.71.191.202 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-71-191-202.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT x-envoy-upstream-service-time 1 server istio-envoy context-id fd6b9d0c-75f8-4f10-ba7d-c5a7f764856d
GET H2	200	citadelbanking-recover-account.ns01.us.json Show response script.crazyegg.com/pages/data-scripts/0084/2312/sampling/	242 B 242 B	162ms 162ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0084/2312/sampling/citadelbanking-recover-account.ns01.us.json?t=470534 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/b2625509b46b716ab8df67870a7d87b8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc809483fffc75dae95888a92206e7487a5a87cdd6cd5f2d8a7f7b58ec11357e Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 05 Sep 2023 14:56:23 GMT server cloudflare vary Accept-Encoding content-type application/json ce-version 11.5.121 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 801f5193ea2a6dce-MIA content-length 178
GET H2	200	/ Show response accdn.lpsnmedia.net/api/account/71465649/configuration/setting/accountproperties/	7 KB 3 KB	234ms 57ms	Script application/javascript	208.89.12.91 LIVEPERSON
General Check archive.org Show headers Download Go to Full URL https://accdn.lpsnmedia.net/api/account/71465649/configuration/setting/accountproperties/?cb=accountSettingsCB Requested by Host: lpcdn.lpsnmedia.net URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.89.12.91 , United States, ASN11054 (LIVEPERSON, US), Reverse DNS Software ws / Resource Hash e993792999076dbdec72a33c6e816a85a6c8a4daafd344f44da4fcd1a935b8b8 Security Headers Name Value Strict-Transport-Security max-age=99999999999; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT x-envoy-decorator-operation lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/* x-content-type-options nosniff strict-transport-security max-age=99999999999; includeSubDomains content-encoding gzip server ws x-cache-status HIT vary Accept access-control-allow-methods GET, POST, PATCH content-type application/javascript access-control-expose-headers X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options x-envoy-upstream-service-time 0 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token expires Tue, 05 Sep 2023 14:56:37 GMT
GET H3	200	ui-framework.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/	40 KB 12 KB	37ms 37ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ui-framework.js?version=10.30.1.0-release_5605 Requested by Host: lptag.liveperson.net URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sun, 03 Sep 2023 05:45:23 GMT content-encoding br age 205860 x-guploader-uploadid ADPycdtX15RBNyWQlp9IngXGFL3EzHWzKsy_R8BYuCzwfIJIfpOScwa8NZ3g1Ds1Aj9OSpTO9AZnAj9UEESX54T7DPEGJg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12475 last-modified Fri, 25 Aug 2023 01:06:22 GMT server UploadServer etag W/"0dfc7fa7d2051d776d5937b7a3a7c4dd" vary Accept-Encoding x-goog-generation 1692925582165392 x-goog-hash crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q== access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control max-age=31536000,public x-goog-stored-content-length 40455 accept-ranges none content-type application/javascript
GET H3	200	UMSClientAPI.min.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/	91 KB 25 KB	42ms 41ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/UMSClientAPI.min.js?version=10.30.1.0-release_5605 Requested by Host: lptag.liveperson.net URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash ee01d15ad37daf31ddfb93ff91c06dbb583e5b9c58d6a3d868ec8d66c889bc39 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sun, 03 Sep 2023 05:45:23 GMT content-encoding br age 205860 x-guploader-uploadid ADPycdtuNaCf35UsF9MTpor8ImjBJgCBWlhTjkXz2718chBS3k95lW0FEPt8XavyO9PHksgQnpkbbcx9K1boIKGDlEUEQw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25438 last-modified Fri, 25 Aug 2023 01:06:22 GMT server UploadServer etag W/"0ff5f09769ba7197844be8db03827b08" vary Accept-Encoding x-goog-generation 1692925582079005 x-goog-hash crc32c=VCkrzg==, md5=D/Xwl2m6cZeES+jbA4J7CA== access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control max-age=31536000,public x-goog-stored-content-length 92694 accept-ranges none content-type application/javascript
GET H3	200	lpChatV3.min.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/	92 KB 26 KB	34ms 33ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/lpChatV3.min.js?version=10.30.1.0-release_5605 Requested by Host: lptag.liveperson.net URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sun, 03 Sep 2023 05:45:23 GMT content-encoding br age 205860 x-guploader-uploadid ADPycdu3U6CPzEWAerEOLa4jiKCr8LFi2WsL6PpsscRYYrCC2_GLrHGzlnpv4RQ1jxNaLRqEYxLLplw577Z7gxTVKTqDkw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26338 last-modified Fri, 25 Aug 2023 01:06:22 GMT server UploadServer etag W/"1b9875038c28f82d87ab6ea5ec9c7ef1" vary Accept-Encoding x-goog-generation 1692925582081337 x-goog-hash crc32c=RKdNnA==, md5=G5h1A4wo+C2Hq26l7Jx+8Q== access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control max-age=31536000,public x-goog-stored-content-length 94041 accept-ranges none content-type application/javascript
GET H3	200	surveylogicinstance.min.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/	8 KB 2 KB	46ms 45ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/surveylogicinstance.min.js?version=10.30.1.0-release_5605 Requested by Host: lptag.liveperson.net URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sun, 03 Sep 2023 05:45:23 GMT content-encoding br age 205860 x-guploader-uploadid ADPycdtAFdY-pJ6gcFiKh71dpInt093ES_QoYiOgzp3VyfoL3kTqfyM4VXQ0RKhUsMifsuIZsCxhk6gS4_1CvX6PqZJoug x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2381 last-modified Fri, 25 Aug 2023 01:06:22 GMT server UploadServer etag W/"d53092c1d6e0a7a3d1bb802c67a6e1e9" vary Accept-Encoding x-goog-generation 1692925582263082 x-goog-hash crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q== access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control max-age=31536000,public x-goog-stored-content-length 7866 accept-ranges none content-type application/javascript
GET H2	200	zones Show response accdn.lpsnmedia.net/api/account/71465649/configuration/le-campaigns/	2 KB 1 KB	274ms 108ms	Script application/javascript	208.89.12.91 LIVEPERSON
General Check archive.org Show headers Download Go to Full URL https://accdn.lpsnmedia.net/api/account/71465649/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB Requested by Host: lpcdn.lpsnmedia.net URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.89.12.91 , United States, ASN11054 (LIVEPERSON, US), Reverse DNS Software ws / Resource Hash 2429e64dccee800df3e59a1861294ef4f54ce6f9e6c6496a207c894d6b58e851 Security Headers Name Value Strict-Transport-Security max-age=99999999999; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:23 GMT x-envoy-decorator-operation lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/* x-content-type-options nosniff strict-transport-security max-age=99999999999; includeSubDomains content-encoding gzip server ws x-cache-status EXPIRED vary Accept access-control-allow-methods GET, POST, PATCH content-type application/javascript access-control-expose-headers X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options x-envoy-upstream-service-time 1 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token expires Tue, 05 Sep 2023 14:57:23 GMT
GET H3	200	desktopEmbedded.js Show response lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/	999 KB 242 KB	34ms 33ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/desktopEmbedded.js?version=10.30.1.0-release_5605 Requested by Host: lptag.liveperson.net URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash e06f7140273b0fe1887c41528b4343ccb90e4f65f722869edd5fd8ec8e991459 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Sun, 03 Sep 2023 05:45:23 GMT content-encoding br age 205860 x-guploader-uploadid ADPycdtu__dpXDOoLzdnMEpY_nP7-waKE5s-ZYc-SEeg_xD7V8aULyuzHJgvepmGRZnAmhrNk4ZH1e2Beo9kFgeFr9dXDcOmCSIR x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 247912 last-modified Fri, 25 Aug 2023 01:06:22 GMT server UploadServer etag W/"e4a9484321f3bfad0d26ac8190ce10c2" vary Accept-Encoding x-goog-generation 1692925582775638 x-goog-hash crc32c=IS4lQw==, md5=5KlIQyHzv60NJqyBkM4Qwg== access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control max-age=31536000,public x-goog-stored-content-length 1022822 accept-ranges none content-type application/javascript
GET H3	200	storage.secure.min.html Show response lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 43B9	39 KB 13 KB	32ms 32ms	Document text/html	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&site=71465649&env=prod&accdn=accdn.lpsnmedia.net Requested by Host: lptag.liveperson.net URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48 Request headers Referer https://citadelbanking-recover-account.ns01.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges none access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev age 3426 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=3600 content-encoding br content-length 13672 content-type text/html date Tue, 05 Sep 2023 13:59:18 GMT etag W/"c324135b527679ce95ee8393a719af9d" last-modified Sat, 17 Jun 2023 09:58:13 GMT server UploadServer vary Accept-Encoding x-goog-generation 1686995892984320 x-goog-hash crc32c=Au+7sg== md5=wyQTW1J2ec6V7oOTpxmvnQ== x-goog-metageneration 1 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 39463 x-guploader-uploadid ADPycdvGo52xUHE6lmOg0FKcoYtWUZAkMGBcBroV2-5bLhCdYr-8frpF7mvUOOQTwbRbQjnFqxgL63uEOO1XeCwYMirgig
GET H3	200	storage.secure.min.js Show response lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/	37 KB 13 KB	34ms 34ms	Script application/javascript	34.120.154.120 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net Requested by Host: lptag.liveperson.net URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 120.154.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:49:13 GMT content-encoding br age 431 x-guploader-uploadid ADPycdslF0A5o5F56roQUzIT2j9-a7VEZiSa2v88jHzFEHP0-Ach18GYHPoBrMAkSVRz-WMNGNUNwn8PW2lOczq6vg-dOK6ibFVa x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13392 last-modified Sat, 17 Jun 2023 09:58:12 GMT server UploadServer etag W/"c45eeed74a24f46b0e7a5c5faaae4731" vary Accept-Encoding x-goog-generation 1686995892942818 x-goog-hash crc32c=s01eVg==, md5=xF7u10ok9GsOelxfqq5HMQ== access-control-allow-origin * access-control-expose-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev cache-control public,max-age=3600 x-goog-stored-content-length 38358 accept-ranges none content-type application/javascript
GET H2	200	71465649 Show response va.v.liveperson.net/api/js/	231 B 1 KB	323ms 149ms	Script application/javascript	208.89.12.87 LIVEPERSON
General Check archive.org Show headers Download Go to Full URL https://va.v.liveperson.net/api/js/71465649?&cb=lpCb75558x53873&t=sp&ts=1693925783676&pid=1383567468&tid=4208976355&pt=Citadel%20FCU&u=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3Db68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D Requested by Host: lpcdn.lpsnmedia.net URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US), Reverse DNS va.v.liveperson.net Software ws / Resource Hash 8d5cfa852ca6f172234903cb754a9c0ee496051e6a3cedb6acbf80b2dfd66506 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip server ws access-control-allow-methods GET, POST, PATCH content-type application/javascript access-control-expose-headers X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options cache-control no-store access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 318 B	56ms 56ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.10/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://citadelbanking-recover-account.ns01.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Access-Control-Allow-Origin https://citadelbanking-recover-account.ns01.us Date Tue, 05 Sep 2023 14:56:24 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	p Show response i.simpli.fi/ Frame D99B	809 B 1 KB	54ms 54ms	Script application/javascript	34.85.242.117 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=&cb=sifi_att_1271794597506671._hp Requested by Host: i.simpli.fi URL: https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.85.242.117 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 117.242.85.34.bc.googleusercontent.com Software / Resource Hash a09c23134405888ad00e465d90644b4956daa0dedc86b758101a5e8d3b6ae4c4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache, no-cache date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	RX-00bd9351-55d5-48f3-9be8-4a0c7dc67207-005 sync.targeting.unrulymedia.com/csync/ Frame D99B Redirect Chain https://um.simpli.fi/smaato https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=010B3B1854C34A27A262DEC17EDF142F https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=010B3B1854C34A27A262DEC17EDF142F&cookieCheck=1 https://sync.1rx.io/usersync/smaato/20478041b6?gdpr=0&gdpr_consent= https://sync.1rx.io/usersync/smaato/20478041b6?zcc=1&cb=1693925785010 https://sync.targeting.unrulymedia.com/csync/RX-00bd9351-55d5-48f3-9be8-4a0c7dc67207-005	43 B 452 B	245ms 59ms	Image image/gif	199.127.204.171 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.targeting.unrulymedia.com/csync/RX-00bd9351-55d5-48f3-9be8-4a0c7dc67207-005 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Server 199.127.204.171 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Tue, 05 Sep 2023 14:56:25 GMT Server Tengine Connection keep-alive Content-Length 43 P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Redirect headers Pragma no-cache Date Tue, 05 Sep 2023 14:56:25 GMT Server Tengine Transfer-Encoding chunked Content-Type text/html Location https://sync.targeting.unrulymedia.com/csync/RX-00bd9351-55d5-48f3-9be8-4a0c7dc67207-005 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Expires 0
GET H/1.1	204 No Content	010B3B1854C34A27A262DEC17EDF142F sync.1rx.io/usersync/simplifi/ Frame D99B Redirect Chain https://um.simpli.fi/nexxen https://sync.1rx.io/usersync/simplifi/010B3B1854C34A27A262DEC17EDF142F	0 187 B	183ms 60ms	Image text/plain	199.127.204.171 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.1rx.io/usersync/simplifi/010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Server 199.127.204.171 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Sep 2023 14:56:24 GMT Cache-Control no-store, no-cache, must-revalidate Server Tengine Connection keep-alive Expires 0 Redirect headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.1rx.io/usersync/simplifi/010B3B1854C34A27A262DEC17EDF142F access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 04 Sep 2023 14:56:24 GMT
GET H2	200	xuid eb2.3lift.com/ Frame D99B Redirect Chain https://um.simpli.fi/triplelift https://eb2.3lift.com/xuid?mid=7969&xuid=010B3B1854C34A27A262DEC17EDF142F&dongle=yf3 https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=010B3B1854C34A27A262DEC17EDF142F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=	37 B 355 B	59ms 59ms	Image image/gif	52.223.22.214 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=010B3B1854C34A27A262DEC17EDF142F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-type image/gif date Tue, 05 Sep 2023 14:56:24 GMT cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /xuid?ld=1&mid=7969&xuid=010B3B1854C34A27A262DEC17EDF142F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= date Tue, 05 Sep 2023 14:56:24 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync simplifi.partners.tremorhub.com/ Frame D99B Redirect Chain https://um.simpli.fi/telaria_p https://simplifi.partners.tremorhub.com/sync?UISF=010B3B1854C34A27A262DEC17EDF142F	43 B 175 B	178ms 55ms	Image image/gif	2600:1f18:612b:4264:5c81:a00e:dce6:a5e6 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simplifi.partners.tremorhub.com/sync?UISF=010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 2600:1f18:612b:4264:5c81:a00e:dce6:a5e6 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Tue, 05 Sep 2023 14:56:24 GMT server nginx content-type image/gif Redirect headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://simplifi.partners.tremorhub.com/sync?UISF=010B3B1854C34A27A262DEC17EDF142F access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 04 Sep 2023 14:56:24 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame D99B Redirect Chain https://um.simpli.fi/tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=010B3B1854C34A27A262DEC17EDF142F https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=010B3B1854C34A27A262DEC17EDF142F	95 B 438 B	53ms 48ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=010B3B1854C34A27A262DEC17EDF142F alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	empty.gif um.simpli.fi/ Frame D99B Redirect Chain https://um.simpli.fi/ad_advisor https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=010B3B1854C34A27A262DEC17EDF142F https://d.agkn.com/pixel/10751/?che=1693925784817&ip=38.132.118.67&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213480604630007762811 https://um.simpli.fi/aa_px?sk=213480604630007762811 https://um.simpli.fi/empty.gif	43 B 361 B	58ms 58ms	Image image/gif	35.194.66.159 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/empty.gif Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 159.66.194.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:25 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 Redirect headers date Tue, 05 Sep 2023 14:56:25 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location /empty.gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142
GET H2	200	ProfilesEngineServlet sync1.intentiq.com/profiles_engine/ Frame D99B Redirect Chain https://um.simpli.fi/intentiq https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=010B3B1854C34A27A262DEC17EDF142F https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=010B3B1854C34A27A262DEC17EDF142F&ckls=true&ci=w6B3QTjeB6&nc=false&trid=-1854772472	43 B 1 KB	249ms 96ms	Image image/gif	54.192.51.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=010B3B1854C34A27A262DEC17EDF142F&ckls=true&ci=w6B3QTjeB6&nc=false&trid=-1854772472 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 54.192.51.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-51-45.yul62.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:25 GMT via 1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront) server Apache-Coyote/1.1 x-amz-cf-pop YUL62-C2 x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" content-type image/gif cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id B5PwLF3f1Y1rwa6lZlYY2Lfyeyvf2qGikxQbeaXyZOVysj28tYtYVw== expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 05 Sep 2023 14:56:25 GMT via 1.1 3bff6c700d376f51ba81ef57dc2bd6e6.cloudfront.net (CloudFront) server Apache-Coyote/1.1 x-amz-cf-pop YUL62-C2 x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" location https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=010B3B1854C34A27A262DEC17EDF142F&ckls=true&ci=w6B3QTjeB6&nc=false&trid=-1854772472 content-type image/gif cache-control no-cache, no-store, must-revalidate patent https://www.almondnet.com/ip alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id GwWpxFsmkoYkg9rjxiTKOQ7Hqr4FmY_fXjU1zY1Ob3eIu-QtPMh-lA== expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame D99B Redirect Chain https://um.simpli.fi/pubmatic https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:010B3B1854C34A27A262DEC17EDF142F	42 B 514 B	299ms 97ms	Image image/gif	104.36.113.107 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Tue, 05 Sep 2023 14:56:23 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:010B3B1854C34A27A262DEC17EDF142F access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 04 Sep 2023 14:56:24 GMT
GET H/1.1	200	user-registering ads.stickyadstv.com/ Frame D99B Redirect Chain https://um.simpli.fi/freewheel https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=010B3B1854C34A27A262DEC17EDF142F	43 B 606 B	202ms 66ms	Image image/gif	63.251.28.134 FREEWHEEL
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Server 63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Sep 2023 14:56:25 GMT Server nginx Transfer-Encoding chunked Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive x-sticky-vk 1693925785014023-310 Redirect headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=010B3B1854C34A27A262DEC17EDF142F access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 04 Sep 2023 14:56:24 GMT
GET H2	200	engine pbid.pro-market.net/ Frame D99B Redirect Chain https://um.simpli.fi/dtnx https://fei.pro-market.net/engine?du=24;csync=010B3B1854C34A27A262DEC17EDF142F;mimetype=img; https://fei.pro-market.net/engine?du=24;csync=010B3B1854C34A27A262DEC17EDF142F;mimetype=img;sr https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NjI2Nzk2NDAyNTc2ODQ2MzIyNg== https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEItmOeosIbTGkvAzbgqNsSo&google_cver=1	43 B 396 B	68ms 67ms	Image image/gif	2600:1901:0:8eee:: GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEItmOeosIbTGkvAzbgqNsSo&google_cver=1 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:24 GMT via 1.1 google server Apache-Coyote/1.1 anserver gapp1 content-type image/gif access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" cache-control no-cache, no-store, must-revalidate alt-svc clear content-length 43 expires Mon, 1 Jan 1990 0:0:0 GMT Redirect headers pragma no-cache date Tue, 05 Sep 2023 14:56:25 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEItmOeosIbTGkvAzbgqNsSo&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 315 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	/ loadm.exelator.com/load/ Frame D99B Redirect Chain https://um.simpli.fi/exelatem https://loadm.exelator.com/load/?p=204&g=2191&simid=010B3B1854C34A27A262DEC17EDF142F&j=0 https://loadm.exelator.com/load/?p=204&g=2191&simid=010B3B1854C34A27A262DEC17EDF142F&j=0&xl8blockcheck=1	0 767 B	115ms 114ms	Image text/plain	52.26.6.186 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=2191&simid=010B3B1854C34A27A262DEC17EDF142F&j=0&xl8blockcheck=1 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 52.26.6.186 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-26-6-186.us-west-2.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:25 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Tue, 05 Sep 2023 14:56:25 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=2191&simid=010B3B1854C34A27A262DEC17EDF142F&j=0&xl8blockcheck=1 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	204	sync ups.analytics.yahoo.com/ups/55964/ Frame D99B Redirect Chain https://um.simpli.fi/yahoo https://ups.analytics.yahoo.com/ups/55964/sync?uid=010B3B1854C34A27A262DEC17EDF142F https://ups.analytics.yahoo.com/ups/55964/sync?uid=010B3B1854C34A27A262DEC17EDF142F&verify=true	0 121 B	59ms 59ms	Image text/plain	3.225.218.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55964/sync?uid=010B3B1854C34A27A262DEC17EDF142F&verify=true Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-218-10.compute-1.amazonaws.com Software ATS/9.1.10.75 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:25 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.75 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55964/sync?uid=010B3B1854C34A27A262DEC17EDF142F&verify=true date Tue, 05 Sep 2023 14:56:25 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.75 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204	sync sync.bfmio.com/ Frame D99B Redirect Chain https://um.simpli.fi/beachfront https://sync.bfmio.com/sync?pid=141&uid=010B3B1854C34A27A262DEC17EDF142F	0 421 B	229ms 55ms	Image text/plain	52.3.238.251 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=141&uid=010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Server 52.3.238.251 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-238-251.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Connection keep-alive Date Tue, 05 Sep 2023 14:56:24 GMT Redirect headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.bfmio.com/sync?pid=141&uid=010B3B1854C34A27A262DEC17EDF142F access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 04 Sep 2023 14:56:24 GMT
GET H2	200	29931 stags.bluekai.com/site/ Frame D99B Redirect Chain https://um.simpli.fi/bluekai https://stags.bluekai.com/site/29931?id=010B3B1854C34A27A262DEC17EDF142F	62 B 444 B	311ms 181ms	Image image/gif	184.28.136.218 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/29931?id=010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 184.28.136.218 Sterling, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-28-136-218.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Tue, 05 Sep 2023 14:56:25 GMT content-length 62 content-type image/gif Redirect headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://stags.bluekai.com/site/29931?id=010B3B1854C34A27A262DEC17EDF142F access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 04 Sep 2023 14:56:24 GMT
GET H2	200	tpid=010B3B1854C34A27A262DEC17EDF142F bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame D99B Redirect Chain https://um.simpli.fi/crwdcntrl https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=010B3B1854C34A27A262DEC17EDF142F https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=010B3B1854C34A27A262DEC17EDF142F	49 B 543 B	72ms 71ms	Image image/gif	18.209.38.85 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 18.209.38.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-209-38-85.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:25 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.5.148 content-length 49 expires 0 Redirect headers pragma no-cache date Tue, 05 Sep 2023 14:56:25 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=010B3B1854C34A27A262DEC17EDF142F cache-control no-cache x-server 10.40.13.69 content-length 0 expires 0
GET H/1.1	200 OK	merge ce.lijit.com/ Frame D99B Redirect Chain https://um.simpli.fi/lj_match https://ce.lijit.com/merge?pid=2&3pid=010B3B1854C34A27A262DEC17EDF142F https://ce.lijit.com/merge?pid=2&3pid=010B3B1854C34A27A262DEC17EDF142F&dnr=1	43 B 679 B	64ms 64ms	Image image/gif	63.251.114.137 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=010B3B1854C34A27A262DEC17EDF142F&dnr=1 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Server 63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Sep 2023 14:56:25 GMT P3P CP="CUR ADM OUR NOR STA NID" Content-Type image/gif Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap6ewr1 Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 05 Sep 2023 14:56:25 GMT P3P CP="CUR ADM OUR NOR STA NID" Location https://ce.lijit.com/merge?pid=2&3pid=010B3B1854C34A27A262DEC17EDF142F&dnr=1 Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap6ewr1 Content-Length 0 Expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	db_sync px.ads.linkedin.com/ Frame D99B Redirect Chain https://um.simpli.fi/liveramp_match https://idsync.rlcdn.com/419566.gif?partner_uid=010B3B1854C34A27A262DEC17EDF142F https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogMDEwQjNCMTg1NEMzNEEyN0EyNjJERUMxN0VERjE0MkYQABoNCJiD3acGEgUI6AcQAEIASgA https://pippio.com/api/sync?pid=5324&it=1&iv=8bbabdf3ff06b88fbd84e5aadf793cfddaec1098a43d5134edf3ee7421ce2bf2791426b5417dce21&_=2 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8bbabdf3ff06b88fbd84e5aadf793cfddaec1098a43d5134edf3ee7421ce2bf2791426b5417dce21&rand=05950462	0 142 B	130ms 129ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8bbabdf3ff06b88fbd84e5aadf793cfddaec1098a43d5134edf3ee7421ce2bf2791426b5417dce21&rand=05950462 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:25 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 65408357B4B348DA8FC539854C756539 Ref B: MIAEDGE1910 Ref C: 2023-09-05T14:56:25Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYEndS07D9kGu+i731K1Q== Redirect headers date Tue, 05 Sep 2023 14:56:25 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8bbabdf3ff06b88fbd84e5aadf793cfddaec1098a43d5134edf3ee7421ce2bf2791426b5417dce21&rand=05950462 cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	/ www.google.com/pagead/1p-conversion/1026675585/ Frame D99B Redirect Chain https://www.googleadservices.com/pagead/conversion/1026675585/?random=1693925784398&cv=7&fst=1693925784398&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1727879299&cv=7&fst=1693925784398&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook... https://www.google.com/pagead/1p-conversion/1026675585/?random=1727879299&cv=7&fst=1693925784398&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...	42 B 64 B	74ms 73ms	Image image/gif	2607:f8b0:4004:c0b::68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-conversion/1026675585/?random=1727879299&cv=7&fst=1693925784398&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=IhMI-Nyqpd2TgQMVTqufCh3M6gu6&is_vtc=1&ocp_id=mEH3ZPiwJM7W_gTM1a_QCw&cid=CAQSKQBpAlJWUEkIKABlYtVVVuZopdPaiSV8CWGElGZemFfMebSza6aVSEZ-&random=2390784782 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H3 Server 2607:f8b0:4004:c0b::68 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:24 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 05 Sep 2023 14:56:24 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.google.com/pagead/1p-conversion/1026675585/?random=1727879299&cv=7&fst=1693925784398&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=IhMI-Nyqpd2TgQMVTqufCh3M6gu6&is_vtc=1&ocp_id=mEH3ZPiwJM7W_gTM1a_QCw&cid=CAQSKQBpAlJWUEkIKABlYtVVVuZopdPaiSV8CWGElGZemFfMebSza6aVSEZ-&random=2390784782 content-type image/gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		partner sync.search.spotxchange.com/ Frame D99B Redirect Chain https://um.simpli.fi/spotx_match https://sync.search.spotxchange.com/partner?adv_id=7797&uid=010B3B1854C34A27A262DEC17EDF142F	0 0
GET H2	200	bounce ib.adnxs.com/ Frame D99B Redirect Chain https://um.simpli.fi/an https://ib.adnxs.com/setuid?entity=66&code=010B3B1854C34A27A262DEC17EDF142F https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D010B3B1854C34A27A262DEC17EDF142F	43 B 898 B	66ms 66ms	Image image/gif	68.67.160.75 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:25 GMT an-x-request-uuid 1da648eb-a776-4d81-81b6-45259f4c6f1e server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 05 Sep 2023 14:56:25 GMT an-x-request-uuid 625bda20-21f1-4f46-81e5-94954c59ca52 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D010B3B1854C34A27A262DEC17EDF142F cache-control no-store, no-cache, private x-proxy-origin 38.132.118.67; 38.132.118.67; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame D99B Redirect Chain https://um.simpli.fi/rb_match https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=010B3B1854C34A27A262DEC17EDF142F&expires=365	42 B 772 B	246ms 60ms	Image image/gif	8.43.72.97 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=010B3B1854C34A27A262DEC17EDF142F&expires=365 Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol HTTP/1.1 Server 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 2dd9fa24169fa04536d533da131679f8 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=010B3B1854C34A27A262DEC17EDF142F&expires=365 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 04 Sep 2023 14:56:24 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame D99B Redirect Chain https://um.simpli.fi/ox_match https://us-u.openx.net/w/1.0/sd?id=537072966&val=010B3B1854C34A27A262DEC17EDF142F https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=010B3B1854C34A27A262DEC17EDF142F	43 B 180 B	48ms 47ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=010B3B1854C34A27A262DEC17EDF142F Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache date Tue, 05 Sep 2023 14:56:25 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=010B3B1854C34A27A262DEC17EDF142F date Tue, 05 Sep 2023 14:56:24 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	204	g_match um.simpli.fi/ Frame D99B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc https://um.simpli.fi/g_match?id=&google_gid=CAESEOAUMgJwzsXdBkDZOz6Yud4&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=010B3B1854C34A27A262DEC17EDF142F https://um.simpli.fi/g_match?id=	0 320 B	57ms 56ms	Image text/plain	35.194.66.159 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/g_match?id= Requested by Host: citadelbanking-recover-account.ns01.us URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=b68bfa3e09c693d416946b4d21e80033fec43c9d651f1843f142b41acb7a1bec5d83015e7a57a58ebc1963166d9bafc750baab1bcb8850c8b4dfde401fe46875 Protocol H2 Server 35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 159.66.194.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Mon, 04 Sep 2023 14:56:24 GMT Redirect headers pragma no-cache date Tue, 05 Sep 2023 14:56:24 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://um.simpli.fi/g_match?id= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	p Show response i.simpli.fi/ Frame 97EB	45 B 574 B	54ms 53ms	Script application/javascript	34.85.242.117 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=&cb=sifi_att_1271794597506671._hp Requested by Host: i.simpli.fi URL: https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.85.242.117 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 117.242.85.34.bc.googleusercontent.com Software / Resource Hash e116e9fe6f09dc2804a7f96a734ef5469c1ba6e12f39fecf2eb85f87d62dcc91 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers pragma no-cache, no-cache date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	71465649 Show response va.v.liveperson.net/api/js/	111 B 900 B	59ms 59ms	Script application/javascript	208.89.12.87 LIVEPERSON
General Check archive.org Show headers Download Go to Full URL https://va.v.liveperson.net/api/js/71465649?sid=FAc4-3csT9iUtN3hgt_6_A&cb=lpCb52186x35158&t=pl&ts=1693925784176&pid=1383567468&tid=4208976355&vid=NmOGUzYjdjMGQyNTk4YzBm Requested by Host: lpcdn.lpsnmedia.net URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US), Reverse DNS va.v.liveperson.net Software ws / Resource Hash bf61ac747eeec006e06f5c9e7f67947bae71e928d19af60229177bb87e833edf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://citadelbanking-recover-account.ns01.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Tue, 05 Sep 2023 14:56:24 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip server ws access-control-allow-methods GET, POST, PATCH content-type application/javascript access-control-expose-headers X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options cache-control no-store access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 318 B	60ms 60ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.10/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://citadelbanking-recover-account.ns01.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Access-Control-Allow-Origin https://citadelbanking-recover-account.ns01.us Date Tue, 05 Sep 2023 14:56:26 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

insight.adsrvr.org

URL

https://insight.adsrvr.org/track/up?adv=2byx6v5&ref=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx%23%2Flogin&upid=18b1cnl&upv=1.1.0

Domain

jelly.mdhv.io

URL

https://jelly.mdhv.io/v1/star.gif?pid=jURnbr8zBG8MWtyMLPHqJv4oCeBc&src=mh&evt=hi

Domain

jelly.mdhv.io

URL

https://jelly.mdhv.io/v1/star.gif?pid=jURnbr8zBG8MWtyMLPHqJv4oCeBc&src=mh&evt=hi

Domain

sync.search.spotxchange.com

URL

https://sync.search.spotxchange.com/partner?adv_id=7797&uid=010B3B1854C34A27A262DEC17EDF142F