citizensbankk.z13.web.core.windows.net Open in urlscan Pro
20.60.128.225  Malicious Activity! Public Scan

52 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response citizensbankk.z13.web.core.windows.net/	50 KB 50 KB	562ms 106ms	Document text/html	20.60.128.225 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://citizensbankk.z13.web.core.windows.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.128.225 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 35fe4b9aa90a872c36f9cb9ecf8c830cc6df221ba349ff5ebd33ca2b7ada3273 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Content-Length 50901 Content-MD5 MSw0mJOvEUfMrqAVoaDpUQ== Content-Type text/html Date Fri, 22 Apr 2022 03:13:37 GMT ETag "0x8DA18E8ED729CFD" Last-Modified Thu, 07 Apr 2022 22:49:52 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id a531cc37-201e-001d-36f6-55c853000000 x-ms-version 2018-03-28
GET H/1.1	200 OK	app.css ttxex.xyz/cm/ctzphp/ctzphp/	210 KB 210 KB	1087ms 167ms	Stylesheet text/css	111.90.148.213 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://ttxex.xyz/cm/ctzphp/ctzphp/app.css Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 111.90.148.213 Port Dickson, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software Apache / Resource Hash aac8a90dd443390e88cbd20188c37fd71a2ff363180d0d555a1a169b4a97691b Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Fri, 22 Apr 2022 11:09:25 GMT Last-Modified Thu, 17 Mar 2022 13:50:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 215019
GET H2	200	jquery-ui-1.10.3.custom.min.css www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/	19 KB 3 KB	380ms 26ms	Stylesheet text/css	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3118 x-olb-req-received t=1650436750387589 last-modified Wed, 20 Apr 2022 07:10:54 GMT server Akamai Resource Optimizer x-frame-options SAMEORIGIN etag "4a56-5dbf272ca37c8" vary Accept-Encoding strict-transport-security max-age=15768000 content-type text/css access-control-allow-origin * expires Fri, 22 Apr 2022 07:05:37 GMT cache-control max-age=13919 accept-ranges bytes lb-action None, None x-olb-req-duration D=607
GET H2	200	normalize.css www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/	10 KB 3 KB	389ms 35ms	Stylesheet text/css	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 2300 x-olb-req-received t=1650436750461349 last-modified Wed, 20 Apr 2022 08:44:26 GMT server Akamai Resource Optimizer x-frame-options SAMEORIGIN etag "26c2-5dbf26b2638d9" vary Accept-Encoding strict-transport-security max-age=15768000 content-type text/css access-control-allow-origin * expires Fri, 22 Apr 2022 07:05:37 GMT cache-control max-age=13919 accept-ranges bytes lb-action None, None x-olb-req-duration D=475
GET H2	200	main.css www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/	61 KB 11 KB	399ms 45ms	Stylesheet text/css	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 66a13cad6c244da4061da65fd2fbf027bf1bb49e21c42f5e7c943a9379f1e7c4 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 10382 x-olb-req-received t=1650436750351499 last-modified Wed, 20 Apr 2022 08:02:31 GMT server Akamai Resource Optimizer x-frame-options SAMEORIGIN etag "f405-5dbf2933205c2" vary Accept-Encoding strict-transport-security max-age=15768000 content-type text/css access-control-allow-origin * expires Fri, 22 Apr 2022 07:05:37 GMT cache-control max-age=13919 accept-ranges bytes lb-action None, None x-olb-req-duration D=2666
GET H2	200	flows.css www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/	8 KB 2 KB	428ms 74ms	Stylesheet text/css	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash 99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1975 x-olb-req-received t=1650436750474679 last-modified Wed, 20 Apr 2022 07:01:26 GMT server Akamai Resource Optimizer x-frame-options SAMEORIGIN etag "21ce-5dbf26b262d21" vary Accept-Encoding strict-transport-security max-age=15768000 content-type text/css access-control-allow-origin * expires Fri, 22 Apr 2022 07:05:37 GMT cache-control max-age=13919 accept-ranges bytes lb-action None, None x-olb-req-duration D=619
GET H2	200	ad-containers.css www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/	7 KB 2 KB	409ms 55ms	Stylesheet text/css	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT content-encoding br server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1227 x-olb-req-received t=1650436750114640 last-modified Wed, 20 Apr 2022 08:00:25 GMT server Akamai Resource Optimizer x-frame-options SAMEORIGIN etag "1dd4-5dbf29331f622" vary Accept-Encoding strict-transport-security max-age=15768000 content-type text/css access-control-allow-origin * expires Fri, 22 Apr 2022 07:05:37 GMT cache-control max-age=13919 accept-ranges bytes lb-action None, None x-olb-req-duration D=439
GET H2	404	citizensns.min.46109.css www3.citizensbankonline.com/efs/hhf/css/	0 0	550ms 196ms	Stylesheet text/html	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/hhf/css/citizensns.min.46109.css Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H2	200	CTZ_Green-01.png www3.citizensbankonline.com/efs/hhf/img/	5 KB 5 KB	54ms 53ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT x-olb-req-received t=1650436750608205 last-modified Wed, 06 Apr 2022 01:34:05 GMT etag "149d-5dbf25b61db50" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444303 x-olb-req-duration D=167 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 5277 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:38:41 GMT
GET H2	200	feedback.png www.citizensbank.com/assets/CB_media/images/	824 B 1 KB	197ms 31ms	Image image/png	23.75.235.74 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.citizensbank.com/assets/CB_media/images/feedback.png Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.75.235.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-75-235-74.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET, ARR/3.0 Resource Hash 713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT last-modified Wed, 22 Jan 2020 18:38:44 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET, ARR/3.0 etag "052b72c53d1d51:0" strict-transport-security max-age=15768000 content-type image/png cache-control max-age=600 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes x-robots-tag none content-length 824
GET H2	200	equal-housing.gif www3.citizensbankonline.com/efs/hhf/img/	1 KB 1 KB	70ms 69ms	Image image/gif	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/hhf/img/equal-housing.gif Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash 319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT x-olb-req-received t=1650436750056497 last-modified Wed, 06 Apr 2022 01:45:35 GMT etag "46e-5dbf2848bd637" x-frame-options SAMEORIGIN content-type image/gif access-control-allow-origin * cache-control max-age=444314 x-olb-req-duration D=115 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1134 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:38:52 GMT
GET H2	200	footer-follow-facebook.png www3.citizensbankonline.com//efs/hhf/img/	395 B 709 B	78ms 77ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com//efs/hhf/img/footer-follow-facebook.png Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT x-olb-req-received t=1650436751661518 last-modified Wed, 06 Apr 2022 01:34:05 GMT etag "18b-5dbf25b61df38" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444317 x-olb-req-duration D=126 server-timing cdn-cache; desc=HIT, edge; dur=2 content-length 395 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:38:55 GMT
GET H2	200	footer-follow-twitter.png www3.citizensbankonline.com//efs/hhf/img/	3 KB 4 KB	86ms 85ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com//efs/hhf/img/footer-follow-twitter.png Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash 9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT x-olb-req-received t=1650436761919451 last-modified Wed, 06 Apr 2022 01:34:05 GMT etag "cdf-5dbf25b61df38" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444369 x-olb-req-duration D=146 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3295 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:39:47 GMT
GET H2	200	footer-follow-linkedin.png www3.citizensbankonline.com//efs/hhf/img/	3 KB 3 KB	95ms 94ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com//efs/hhf/img/footer-follow-linkedin.png Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT x-olb-req-received t=1650436762144394 last-modified Wed, 06 Apr 2022 01:41:29 GMT etag "ca7-5dbf275d7512f" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444317 x-olb-req-duration D=126 server-timing cdn-cache; desc=HIT, edge; dur=2 content-length 3239 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:38:55 GMT
GET H2	200	footer-follow-youtube.png www3.citizensbankonline.com//efs/hhf/img/	3 KB 4 KB	104ms 103ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com//efs/hhf/img/footer-follow-youtube.png Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash 9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT x-olb-req-received t=1650436750112940 last-modified Wed, 06 Apr 2022 01:34:05 GMT etag "cce-5dbf25b61df38" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444290 x-olb-req-duration D=144 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3278 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:38:28 GMT
GET H2	200	elh.gif www3.citizensbankonline.com//efs/hhf/img/	1 KB 2 KB	112ms 111ms	Image image/gif	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com//efs/hhf/img/elh.gif Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash 56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT x-olb-req-received t=1650436761964914 last-modified Wed, 06 Apr 2022 01:41:29 GMT etag "599-5dbf275d7512f" x-frame-options SAMEORIGIN content-type image/gif access-control-allow-origin * cache-control max-age=444325 x-olb-req-duration D=157 server-timing cdn-cache; desc=HIT, edge; dur=2 content-length 1433 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:39:03 GMT
GET H2	200	fdicFooter.gif www3.citizensbankonline.com//efs/hhf/img/	2 KB 2 KB	113ms 113ms	Image image/gif	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com//efs/hhf/img/fdicFooter.gif Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:38 GMT x-olb-req-received t=1650436750097568 last-modified Wed, 06 Apr 2022 01:45:35 GMT etag "8c5-5dbf2848bd637" x-frame-options SAMEORIGIN content-type image/gif access-control-allow-origin * cache-control max-age=444373 x-olb-req-duration D=108 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 2245 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:39:51 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	71ms 22ms	Script text/javascript	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 05:51:41 GMT content-encoding gzip x-content-type-options nosniff age 76916 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 05:51:41 GMT
GET H/1.1	200 OK	cleave.js Show response ttxex.xyz/cm/ctzphp/ctzphp/	91 KB 92 KB	1002ms 167ms	Script application/javascript	111.90.148.213 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://ttxex.xyz/cm/ctzphp/ctzphp/cleave.js Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 111.90.148.213 Port Dickson, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software Apache / Resource Hash f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5 Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Fri, 22 Apr 2022 11:09:25 GMT Last-Modified Thu, 17 Mar 2022 13:14:52 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 93486
GET H/1.1	200 OK	details.js Show response ttxex.xyz/cm/ctzphp/ctzphp/	4 KB 5 KB	1003ms 168ms	Script application/javascript	111.90.148.213 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://ttxex.xyz/cm/ctzphp/ctzphp/details.js Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 111.90.148.213 Port Dickson, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software Apache / Resource Hash 3c57fe3c393c33e4481a11619604d0fc7bb1faec771ba1ab5e1ed279c7b4d884 Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Fri, 22 Apr 2022 11:09:25 GMT Last-Modified Thu, 17 Mar 2022 13:29:48 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4461
GET H/1.1	200 OK	index.js Show response ttxex.xyz/cm/ctzphp/ctzphp/	3 KB 3 KB	1005ms 169ms	Script application/javascript	111.90.148.213 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://ttxex.xyz/cm/ctzphp/ctzphp/index.js Requested by Host: citizensbankk.z13.web.core.windows.net URL: https://citizensbankk.z13.web.core.windows.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 111.90.148.213 Port Dickson, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software Apache / Resource Hash 853073359da99a7ccb6ddfe262f0e81f984a05d7ab3e8f45e9e9158d9e70d24a Request headers accept-language de-DE,de;q=0.9 Referer https://citizensbankk.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Fri, 22 Apr 2022 11:09:25 GMT Last-Modified Thu, 17 Mar 2022 13:30:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2942
GET H2	200	icon-secure.png www3.citizensbankonline.com/efs/efs/grafx/	292 B 605 B	26ms 26ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650436751335648 last-modified Sat, 29 Jan 2022 03:02:19 GMT etag "124-5d6afc794472b" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444361 x-olb-req-duration D=116 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 292 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:39:40 GMT
GET H2	200	flows-tooltip.png www3.citizensbankonline.com/efs/efs/grafx/	364 B 678 B	36ms 36ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650436751331684 last-modified Sat, 29 Jan 2022 03:00:50 GMT etag "16c-5d6afc240e017" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444335 x-olb-req-duration D=146 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 364 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:39:14 GMT
GET H2	200	arrow-button-white.png www3.citizensbankonline.com/efs/efs/grafx/	1017 B 1 KB	45ms 44ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650436751281005 last-modified Sat, 29 Jan 2022 03:00:50 GMT etag "3f9-5d6afc23fb73c" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444399 x-olb-req-duration D=121 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1017 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:40:18 GMT
GET H2	200	citizen_roman.woff www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/	31 KB 32 KB	85ms 27ms	Font application/octet-stream	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Origin https://citizensbankk.z13.web.core.windows.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650436758824830 last-modified Wed, 06 Apr 2022 01:38:29 GMT etag "7ce0-5dbf26b2638d9" x-frame-options SAMEORIGIN access-control-allow-origin * cache-control max-age=444258 x-olb-req-duration D=178 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 31968 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:37:57 GMT
GET H2	200	citiolb_icons.woff www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/	18 KB 18 KB	115ms 58ms	Font application/octet-stream	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citiolb_icons.woff Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Origin https://citizensbankk.z13.web.core.windows.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650436758187657 last-modified Wed, 06 Apr 2022 01:38:29 GMT etag "485c-5dbf26b262d21" x-frame-options SAMEORIGIN access-control-allow-origin * cache-control max-age=444383 x-olb-req-duration D=161 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 18524 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:40:02 GMT
GET H2	200	citizen_extrabold.woff www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/	27 KB 28 KB	124ms 67ms	Font application/octet-stream	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_extrabold.woff Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash 0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Origin https://citizensbankk.z13.web.core.windows.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650436750059194 last-modified Wed, 06 Apr 2022 01:38:29 GMT etag "6ccc-5dbf26b2634f1" x-frame-options SAMEORIGIN access-control-allow-origin * cache-control max-age=444316 x-olb-req-duration D=161 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 27852 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:38:55 GMT
GET H2	200	arrow-down-blue.png www3.citizensbankonline.com/efs/efs/grafx/	1 KB 1 KB	26ms 26ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/arrow-down-blue.png Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash 56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650436751315546 last-modified Sat, 29 Jan 2022 03:00:50 GMT etag "41e-5d6afc23fb73c" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=444370 x-olb-req-duration D=137 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1054 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:39:49 GMT
GET H2	200	arrow-right-orange.png www3.citizensbankonline.com/efs/efs/grafx/	165 B 478 B	33ms 33ms	Image image/png	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/arrow-right-orange.png Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650438894770601 last-modified Sat, 29 Jan 2022 03:00:50 GMT etag "a5-5d6afc23fb73c" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=446430 x-olb-req-duration D=148 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 165 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 07:14:09 GMT
GET H2	200	citizen_book.woff www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/	31 KB 31 KB	64ms 48ms	Font application/octet-stream	23.205.230.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_book.woff Requested by Host: www3.citizensbankonline.com URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.205.230.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-230-114.deploy.static.akamaitechnologies.com Software / Resource Hash 2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/main.css Origin https://citizensbankk.z13.web.core.windows.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 22 Apr 2022 03:13:39 GMT x-olb-req-received t=1650436750013092 last-modified Wed, 06 Apr 2022 01:40:37 GMT etag "7c78-5dbf272ca2ff8" x-frame-options SAMEORIGIN access-control-allow-origin * cache-control max-age=444353 x-olb-req-duration D=158 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 31864 strict-transport-security max-age=15768000 accept-ranges bytes lb-action None expires Wed, 27 Apr 2022 06:39:32 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| Cleave object| btn2 object| form2 object| fname object| address object| city object| state object| zip object| dob object| ssn object| error2 object| q1 object| a1 object| q2 object| a2 object| q3 object| a3 object| error object| btn object| form function| SqPost function| pinfo object| url object| SesIN

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www3.citizensbankonline.com/efs/hhf/css/citizensns.min.46109.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
citizensbankk.z13.web.core.windows.net
ttxex.xyz
www.citizensbank.com
www3.citizensbankonline.com
111.90.148.213
20.60.128.225
23.205.230.114
23.75.235.74
2a00:1450:4001:802::200a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
35fe4b9aa90a872c36f9cb9ecf8c830cc6df221ba349ff5ebd33ca2b7ada3273
3c57fe3c393c33e4481a11619604d0fc7bb1faec771ba1ab5e1ed279c7b4d884
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
66a13cad6c244da4061da65fd2fbf027bf1bb49e21c42f5e7c943a9379f1e7c4
713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
853073359da99a7ccb6ddfe262f0e81f984a05d7ab3e8f45e9e9158d9e70d24a
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8
9af5181113e5d0eacfc3d9c0b3ad627dc3ad50708755fbe45ab18e0cad4f3b36
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
aac8a90dd443390e88cbd20188c37fd71a2ff363180d0d555a1a169b4a97691b
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e