urlscan.io logo urlscan.io
SecurityTrails logo

id-q.firstcitizens.com Open in urlscan Pro
107.162.164.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://profile-q.firstcitizens.com/
Effective URL: https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95...
Submission: On May 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 36 HTTP transactions. The main IP is 107.162.164.160, located in United States and belongs to DEFENSE-NET, US. The main domain is id-q.firstcitizens.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 16th 2022. Valid for: a year.
This is the only time id-q.firstcitizens.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 34.224.49.76 14618 (AMAZON-AES)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 54.155.194.178 16509 (AMAZON-02)
1 52.51.186.199 16509 (AMAZON-02)
1 1 34.246.19.117 16509 (AMAZON-02)
7 107.162.164.160 55002 (DEFENSE-NET)
9 65.9.95.60 16509 (AMAZON-02)
2 65.9.95.55 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
36 9
8    34.224.49.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-49-76.compute-1.amazonaws.com
profile-q.firstcitizens.com
4    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    54.155.194.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-194-178.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.51.186.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-186-199.eu-west-1.compute.amazonaws.com
firstcitizens.demdex.net
1    34.246.19.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-19-117.eu-west-1.compute.amazonaws.com
cm.everesttech.net
7    107.162.164.160 (United States)

ASN55002 (DEFENSE-NET, US)
id-q.firstcitizens.com
9    65.9.95.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-60.prg50.r.cloudfront.net
op1static.oktacdn.com
2    65.9.95.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-55.prg50.r.cloudfront.net
login.okta.com
2    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
Apex Domain
Subdomains		 Transfer
15 firstcitizens.com
profile-q.firstcitizens.com
id-q.firstcitizens.com
763 KB
9 oktacdn.com
op1static.oktacdn.com — Cisco Umbrella Rank: 85058
731 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 430
205 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
firstcitizens.demdex.net — Cisco Umbrella Rank: 397605
5 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 920
27 KB
2 okta.com
login.okta.com — Cisco Umbrella Rank: 7619
97 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1516
517 B
36 7
Domain Requested by
9 op1static.oktacdn.com id-q.firstcitizens.com
op1static.oktacdn.com
8 profile-q.firstcitizens.com profile-q.firstcitizens.com
7 id-q.firstcitizens.com profile-q.firstcitizens.com
id-q.firstcitizens.com
4 assets.adobedtm.com profile-q.firstcitizens.com
assets.adobedtm.com
2 use.typekit.net
2 login.okta.com op1static.oktacdn.com
login.okta.com
2 dpm.demdex.net assets.adobedtm.com
profile-q.firstcitizens.com
1 cm.everesttech.net 1 redirects
1 firstcitizens.demdex.net assets.adobedtm.com
36 9

This site contains links to these domains. Also see Links.

Domain
www.firstcitizens.com
profile-q.firstcitizens.com
Subject Issuer Validity Valid
profile-q.firstcitizens.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-20 -
2023-07-20		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
id-q.firstcitizens.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
accounts.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-13 -
2023-07-25		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95samyUnY611cmk&code_challenge_method=S256&nonce=aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu&redirect_uri=https%3A%2F%2Fprofile-q.firstcitizens.com%2Fcallback.html&response_type=code&state=OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe&scope=openid%20email
Frame ID: 59A06A76CB5478DC1A5087F0A9744F21
Requests: 32 HTTP requests in this frame

Frame: https://firstcitizens.demdex.net/dest5.html?d_nsid=0
Frame ID: 778E41E5B500C36FABBF9F1702E6A704
Requests: 1 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: F57B59792DE5612743BF6AF5EBD36FA4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

First Citizens QA - Anmelden

Page URL History Show full URLs

  1. https://profile-q.firstcitizens.com/ Page URL
  2. https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxD... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/

Page Statistics

36
Requests

94 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

1828 kB
Transfer

5969 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://profile-q.firstcitizens.com/ Page URL
  2. https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95samyUnY611cmk&code_challenge_method=S256&nonce=aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu&redirect_uri=https%3A%2F%2Fprofile-q.firstcitizens.com%2Fcallback.html&response_type=code&state=OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe&scope=openid%20email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://cm.everesttech.net/cm/dd?d_uuid=03594714175461300524086481544521814512 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFE03gAAAEgc1AN-

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
profile-q.firstcitizens.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://profile-q.firstcitizens.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-76.compute-1.amazonaws.com
Software
Apache /
Resource Hash
291d6899c1ed4ffcff6a617f19660a67b19d60d6b61ca8cbc78e0c358e6bd2f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
409777
content-encoding
gzip
content-length
1202
content-type
text/html;charset=utf-8
date
Tue, 02 May 2023 16:05:49 GMT
etag
"dbd-5fa58b4446300-gzip"
last-modified
Thu, 27 Apr 2023 22:16:12 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-dispatcher
dispatcher1useast1
x-frame-options
SAMEORIGIN
x-vhost
publish
clientlib-spa.lc-1681867847473-lc.css
profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/ 		346 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.css
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-76.compute-1.amazonaws.com
Software
Apache /
Resource Hash
777c206df16bdf5abc4507e5083069bac8b52b1cb5b388c5c6ad4870eaa76656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 02 May 2023 16:05:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Apr 2023 18:59:51 GMT
server
Apache
age
409776
etag
"569fd-5fa41d83937c0-gzip"
x-vhost
publish
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=utf-8
cache-control
max-age=2592000, public, immutable
accept-ranges
bytes
content-length
41740
launch-cbaa452238a4-staging.min.js
assets.adobedtm.com/60e0841c6ded/ebad3aca6dec/ 		190 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/60e0841c6ded/ebad3aca6dec/launch-cbaa452238a4-staging.min.js
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f03a78fc6bbc7757b128c1f0474132c9369e95c4efbc27015e714a9d8fbe01da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 16:05:49 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 19:24:25 GMT
server
AkamaiNetStorage
etag
"86a93ed43bf3121df03ccab8ff9187cb:1644348265.864742"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://profile-q.firstcitizens.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
53084
expires
Tue, 02 May 2023 16:05:49 GMT
launch-1112057a89cb-development.min.js
assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/ 		595 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/60e0841c6ded/d5a97f0ea4af/launch-1112057a89cb-development.min.js
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ce0cdb0d0fcdba370b572b97edb3cec6ba5a8e894e6630b7dd3c6365cf59bec6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 16:05:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 16:47:38 GMT
server
AkamaiNetStorage
etag
"1f20fd2ba1a2f169830873e8cbb662ef:1682614058.404528"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://profile-q.firstcitizens.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 16:05:50 GMT
clientlib-spa.lc-1681867847473-lc.js
profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/ 		810 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.js
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-76.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b115ca5b4699827009f47d6040800be9f41128751d73f80e5a14715f367ca487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 02 May 2023 16:05:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 Nov 2022 18:13:53 GMT
server
Apache
age
409776
etag
"ca64e-5edc2ab10da40-gzip"
x-vhost
publish
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
max-age=2592000, public, immutable
accept-ranges
bytes
id
dpm.demdex.net/ 		372 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E6D235355CF7C1DE0A495EEC%40AdobeOrg&d_nsid=0&ts=1683043549523
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/60e0841c6ded/ebad3aca6dec/launch-cbaa452238a4-staging.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.194.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-194-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
462253d83000d6bb10aa8759bcbf9ab492cd05c664ea715905825adf24bbab55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://profile-q.firstcitizens.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v048-086c79cd9.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ze9+rDWXQmw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://profile-q.firstcitizens.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
314
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/60e0841c6ded/ebad3aca6dec/launch-cbaa452238a4-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 16:05:49 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"820eb42f3120ddf65e303b24a8285815:1634593036.305122"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://profile-q.firstcitizens.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12200
expires
Tue, 02 May 2023 17:05:49 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/60e0841c6ded/ebad3aca6dec/launch-cbaa452238a4-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 16:05:49 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://profile-q.firstcitizens.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Tue, 02 May 2023 17:05:49 GMT
config
profile-q.firstcitizens.com/spa/profileManager/ 		278 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://profile-q.firstcitizens.com/spa/profileManager/config
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-76.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c2ea8eeb2453733268d88aa293a697444504379fae73032f0af24f00a6252aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 02 May 2023 16:05:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-vhost
publish
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/json
content-length
188
dest5.html
firstcitizens.demdex.net/ Frame 778E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firstcitizens.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/60e0841c6ded/ebad3aca6dec/launch-cbaa452238a4-staging.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.186.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-186-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://profile-q.firstcitizens.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v048-08f7bcca1.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
KLJmbFOTQzE=
content-encoding
gzip
date
Tue, 2 May 2023 16:05:49 GMT
last-modified
Thu, 27 Apr 2023 14:39:20 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=ZFE03gAAAEgc1AN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=03594714175461300524086481544521814512
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFE03gAAAEgc1AN-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFE03gAAAEgc1AN-
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/
Protocol
HTTP/1.1
Server
54.155.194.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-194-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-059e93707.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
WU/D4O+7Tag=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFE03gAAAEgc1AN-
Date
Tue, 02 May 2023 16:05:50 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
.model.json
profile-q.firstcitizens.com/ 		98 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://profile-q.firstcitizens.com/.model.json
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-76.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3c2fb2119f202afe7fb87f13b13648be349f90309e3b9996924336b875d0e35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 02 May 2023 16:05:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 22:16:17 GMT
server
Apache
age
409772
etag
"18844-5fa58b490ae40-gzip"
x-vhost
publish
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
accept-ranges
bytes
content-length
13423
.model.json
profile-q.firstcitizens.com/ 		98 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://profile-q.firstcitizens.com/.model.json
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-76.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3c2fb2119f202afe7fb87f13b13648be349f90309e3b9996924336b875d0e35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 02 May 2023 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 22:16:17 GMT
server
Apache
age
409773
etag
"18844-5fa58b490ae40-gzip"
x-vhost
publish
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
accept-ranges
bytes
content-length
13423
icons.svg
profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/ 		1 MB
246 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/icons/icons.svg
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-76.compute-1.amazonaws.com
Software
Apache /
Resource Hash
10078f6f9f0c199a299e17362a2db7cb61d0da35a3b0292e11e72abff5c146ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://profile-q.firstcitizens.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 02 May 2023 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jan 2021 20:03:08 GMT
server
Apache
age
76608
etag
"10688c-5b9e74282b700-gzip"
x-vhost
publish
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=86400, public
accept-ranges
bytes
me
id-q.firstcitizens.com/api/v1/sessions/ 		168 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id-q.firstcitizens.com/api/v1/sessions/me
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.162.164.160 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
f4fccb373bd1e11fcef099f8cddd02a3860d672c432f0c6dee0bb13d0b9ab456
Security Headers
Name Value
Content-Security-Policy default-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; connect-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com idx-fcb.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; style-src 'unsafe-inline' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com login.okta.com com-okta-authenticator:; img-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://profile-q.firstcitizens.com/
X-Okta-User-Agent-Extended
okta-auth-js/4.9.2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
ZFE032acbJlpK6aqqUTW3gAAA1U
Date
Tue, 02 May 2023 16:05:51 GMT
content-security-policy
default-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; connect-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com idx-fcb.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; style-src 'unsafe-inline' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com login.okta.com com-okta-authenticator:; img-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
750
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
749
Strict-Transport-Security
max-age=315360000; includeSubDomains
Via
1.1 dca1-bit11029
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
Server
nginx
Vary
Accept-Encoding,Origin
Content-Type
application/json
access-control-allow-origin
https://profile-q.firstcitizens.com
x-rate-limit-reset
1683043611
access-control-allow-credentials
true
cache-control
no-cache, no-store
access-control-allow-headers
Content-Type
Keep-Alive
timeout=5, max=100
expires
0
me
id-q.firstcitizens.com/api/v1/sessions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id-q.firstcitizens.com/api/v1/sessions/me
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.162.164.160 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; connect-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com idx-fcb.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; style-src 'unsafe-inline' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com login.okta.com com-okta-authenticator:; img-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://profile-q.firstcitizens.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Date
Tue, 02 May 2023 16:05:50 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Via
1.1 dca1-bit11029
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS
access-control-allow-origin
https://profile-q.firstcitizens.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control
no-cache, no-store
content-security-policy
default-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; connect-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com idx-fcb.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; style-src 'unsafe-inline' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com login.okta.com com-okta-authenticator:; img-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
vary
Origin
x-frame-options
SAMEORIGIN
x-okta-request-id
ZFE03sO_0Txryd_ZaMye1QAACTY
x-rate-limit-limit
10000
x-rate-limit-remaining
9999
x-rate-limit-reset
1683043610
x-xss-protection
0
HarmoniaSansStd-Regular.woff2
profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-aem/resources/fonts/HarmoniaSansStd/HarmoniaSansStd-Regular.woff2
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-76.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3966f3091c7e9c586b259d00f5f9be81420299206ce4e503d7730436809cd200
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.css
Origin
https://profile-q.firstcitizens.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 02 May 2023 16:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 Jun 2020 22:58:10 GMT
server
Apache
age
76608
etag
"4d44-5a918c2704480-gzip"
x-vhost
publish
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
19803
openid-configuration
id-q.firstcitizens.com/.well-known/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id-q.firstcitizens.com/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.162.164.160 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://profile-q.firstcitizens.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://profile-q.firstcitizens.com
Access-Control-Max-Age
3600
Connection
Keep-Alive
Content-Length
0
Content-Type
application/octet-stream
Date
Tue, 02 May 2023 16:05:51 GMT
Keep-Alive
timeout=5, max=99
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Vary
Origin
Via
1.1 dca1-bit11029
X-Okta-Request-Id
ZFE038O_0Txryd_ZaMye1gAACTY
openid-configuration
id-q.firstcitizens.com/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id-q.firstcitizens.com/.well-known/openid-configuration
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.162.164.160 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
9b2b1a9aed1f7c7393fcce0f48d9cd4399b8b3409555cca084c84eb7a818f7a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://profile-q.firstcitizens.com/
X-Okta-User-Agent-Extended
okta-auth-js/4.9.2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

X-Okta-Request-Id
ZFE032acbJlpK6aqqUTW4AAAA1U
Date
Tue, 02 May 2023 16:05:51 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
Strict-Transport-Security
max-age=315360000; includeSubDomains
Via
1.1 dca1-bit11029
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://profile-q.firstcitizens.com
cache-control
max-age=86400, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=99
expires
Wed, 03 May 2023 16:05:51 GMT
Primary Request authorize
id-q.firstcitizens.com/oauth2/v1/ 		45 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95samyUnY611cmk&code_challenge_method=S256&nonce=aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu&redirect_uri=https%3A%2F%2Fprofile-q.firstcitizens.com%2Fcallback.html&response_type=code&state=OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe&scope=openid%20email
Requested by
Host: profile-q.firstcitizens.com
URL: https://profile-q.firstcitizens.com/etc.clientlibs/firstcitizens/clientlibs/clientlib-spa.lc-1681867847473-lc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.162.164.160 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
f48da11cd6229e68a5a7e58cbb3a7e3b304ecdd714b8c952cec4c295106d72b5
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://profile-q.firstcitizens.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 02 May 2023 16:05:51 GMT
Keep-Alive
timeout=5, max=98
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 dca1-bit11029
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
de
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
ZFE032acbJlpK6aqqUTW4gAAA1U
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1683043611
x-ua-compatible
IE=edge
x-xss-protection
0
fcb_common.js
id-q.firstcitizens.com/js/vendor/lib/ 		296 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id-q.firstcitizens.com/js/vendor/lib/fcb_common.js
Requested by
Host: id-q.firstcitizens.com
URL: https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95samyUnY611cmk&code_challenge_method=S256&nonce=aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu&redirect_uri=https%3A%2F%2Fprofile-q.firstcitizens.com%2Fcallback.html&response_type=code&state=OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe&scope=openid%20email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.162.164.160 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
34365f1ebede22aba38a142a68433afa088a2beed5d00e22d6c946a6608db4c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 16:05:52 GMT
Content-Encoding
gzip
Via
1.1 google, 1.1 dca1-bit14030, 1.1 dca1-bit11029
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Ion-Hop
0
Cache-Control
no-cache, no-store, must-revalidate
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Expires
0
okta-sign-in.min.js
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/js/ 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/js/okta-sign-in.min.js
Requested by
Host: id-q.firstcitizens.com
URL: https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95samyUnY611cmk&code_challenge_method=S256&nonce=aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu&redirect_uri=https%3A%2F%2Fprofile-q.firstcitizens.com%2Fcallback.html&response_type=code&state=OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe&scope=openid%20email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
d4d14431454c9f44fc28868a99dc86ec976407f4770d896e0148e07f9480d1c8
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 21:21:03 GMT
x-amz-meta-sha1sum
cd2798edb5d4b0aeb36e7598fee5485e62fe3988
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
413089
x-cache
Hit from cloudfront
last-modified
Wed, 26 Apr 2023 22:54:37 GMT
server
nginx
etag
W/"babedbed43054e30cdc7e39ba8540f70"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
I7fHlh1qsDUBzyKp9XgYjlcbIxcoFvcTdf2wKUYJWYo3lRPUDwqQOA==
expires
Fri, 26 Apr 2024 21:21:03 GMT
okta-sign-in.min.css
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/css/ 		215 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/css/okta-sign-in.min.css
Requested by
Host: id-q.firstcitizens.com
URL: https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95samyUnY611cmk&code_challenge_method=S256&nonce=aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu&redirect_uri=https%3A%2F%2Fprofile-q.firstcitizens.com%2Fcallback.html&response_type=code&state=OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe&scope=openid%20email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
1b3497f46b1aad07ce78f2cf3d6af3842342c992f1524f4dd28e344813f208f9
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 21:21:04 GMT
x-amz-meta-sha1sum
b87399a13a821a03dfa37f9e13208a995611ac26
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
413088
x-cache
Hit from cloudfront
last-modified
Wed, 26 Apr 2023 22:53:35 GMT
server
nginx
etag
W/"3affe4883a3dece7a1111d1e409af0aa"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
8ZnXFgWb3yoW3F6L0pv7UY3oO-JwVF4BIEnM0HKLIJNRVVcYSqwtHg==
expires
Fri, 26 Apr 2024 21:21:04 GMT
custom-signin.241e0fb439244dc50c5929c0513a6765.css
op1static.oktacdn.com/assets/loginpage/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
Requested by
Host: id-q.firstcitizens.com
URL: https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95samyUnY611cmk&code_challenge_method=S256&nonce=aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu&redirect_uri=https%3A%2F%2Fprofile-q.firstcitizens.com%2Fcallback.html&response_type=code&state=OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe&scope=openid%20email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 11:23:40 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
967332
x-cache
Hit from cloudfront
last-modified
Wed, 16 Mar 2022 23:24:01 GMT
server
nginx
etag
W/"241e0fb439244dc50c5929c0513a6765"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
1UoF1GKEGP_gTrltRqx2d1vp6Kg1aGffqvZcue0uVYN8874vpMlItg==
expires
Sat, 20 Apr 2024 11:23:40 GMT
fs0l0juyjxQP0iwY50h7
op1static.oktacdn.com/fs/bco/1/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://op1static.oktacdn.com/fs/bco/1/fs0l0juyjxQP0iwY50h7
Requested by
Host: id-q.firstcitizens.com
URL: https://id-q.firstcitizens.com/oauth2/v1/authorize?client_id=0oatqq668b0Wf4dOO0h7&code_challenge=f16F49ZkxDju3OFpZx4aPU8uweEl95samyUnY611cmk&code_challenge_method=S256&nonce=aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu&redirect_uri=https%3A%2F%2Fprofile-q.firstcitizens.com%2Fcallback.html&response_type=code&state=OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe&scope=openid%20email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
256b7a915c4ef2ab216b9bf6fed1e390e9435272cdaf880a3faa732400fbe243
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 05:16:46 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
125346
x-cache
Hit from cloudfront
content-length
20180
last-modified
Wed, 22 May 2019 14:39:38 GMT
server
nginx
etag
"1e4f13e5a55d478ec7c0656fa65d2648"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
41SwVgSnzHdKq8oOmx27bgCcTu21226FZ6ppc5K7ds3t89K-ykVhTA==
expires
Tue, 30 Apr 2024 05:16:46 GMT
initLoginPage.pack.e3c1ead3b55da6c854c20649a1e437c8.js
op1static.oktacdn.com/assets/js/mvc/loginpage/ 		205 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.e3c1ead3b55da6c854c20649a1e437c8.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
f5d6a6e7d3648b0830cf9de5ef59d2167e2536885e4174b6ff8af73f6dd80978
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 22:11:45 GMT
x-amz-meta-sha1sum
8d9f54b48d8e525e03f87987c5b3b3de22f15b92
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1014847
x-cache
Hit from cloudfront
last-modified
Thu, 02 Feb 2023 03:24:25 GMT
server
nginx
etag
W/"e3c1ead3b55da6c854c20649a1e437c8"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
92izmmIteekYEFAL-Ki6NwFij6AE6zfs05JZEDcpnZP2q0pOFil61w==
expires
Fri, 19 Apr 2024 22:11:45 GMT
login_de.json
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/labels/json/ 		99 KB
100 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/labels/json/login_de.json
Requested by
Host: id-q.firstcitizens.com
URL: https://id-q.firstcitizens.com/js/vendor/lib/fcb_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
83d5d52da9b325f7c93caeea6698ff8bf356e7b9ffa9b3aa75c93253380d73df
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 27 Apr 2023 22:37:32 GMT
x-amz-meta-sha1sum
4d7dc3c54269e7e123ff1f8e359661f9075f0180
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
408500
x-cache
Hit from cloudfront
content-length
101532
last-modified
Wed, 26 Apr 2023 22:54:42 GMT
server
nginx
etag
"9cfae23e13199a19bc19bca4903e5dd5"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
GsjXgT_AqI0OBxkf1zYcJiHyaudo6-H5YHSBukR0gFEX_hesWKGuaQ==
expires
Fri, 26 Apr 2024 22:37:32 GMT
country_de.json
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/labels/json/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/labels/json/country_de.json
Requested by
Host: id-q.firstcitizens.com
URL: https://id-q.firstcitizens.com/js/vendor/lib/fcb_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 27 Apr 2023 22:37:32 GMT
x-amz-meta-sha1sum
251dd1ccca4c80570aee52db71eed703ac579ad8
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
408500
x-cache
Hit from cloudfront
content-length
4805
last-modified
Wed, 26 Apr 2023 22:54:40 GMT
server
nginx
etag
"51bec6463b4f7c5a26ede1fd8ee067f8"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
Ehey-EcNTuXt_nTqexposuTmw-UAERNwwvvwm3jOcDDFG2uDCwpvwA==
expires
Fri, 26 Apr 2024 22:37:32 GMT
iframe.html
login.okta.com/discovery/ Frame F57B 		451 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.e3c1ead3b55da6c854c20649a1e437c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-55.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af9e0ea5cb6a750c1bb914ab4b7fadaeeaabb2812d25eb23b3250d9013e579ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
46726
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Tue, 02 May 2023 03:07:08 GMT
ETag
"3e03d2d5a28fe4751c15cf6507fc4aeb"
Last-Modified
Thu, 13 Apr 2023 15:39:37 GMT
Server
AmazonS3
Via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
X-Amz-Cf-Id
GRhcHperLhwQx0lVB3ftenUbY2vSE5z6M_Xz_ymGLFDRe9vwUS-PeQ==
X-Amz-Cf-Pop
PRG50-C1
X-Cache
Hit from cloudfront
40dd52b2-7568-4df2-aeaa-2584a4204a8e
https://id-q.firstcitizens.com/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://id-q.firstcitizens.com/40dd52b2-7568-4df2-aeaa-2584a4204a8e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
2479
Content-Type
text/javascript
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
discoveryIframe-580a3123874a0e600803.min.js
login.okta.com/lib/ Frame F57B 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-580a3123874a0e600803.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-55.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ba13ba24e042794e9f5d55e2032aec59b7896bf64d0d125ffc4742834981828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 02:19:34 GMT
Via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
Last-Modified
Thu, 13 Apr 2023 15:39:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
49580
ETag
"786d615ef5571017953861b98a190f8f"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
98190
X-Amz-Cf-Id
tJFkhQVoCv4hxXgh7DMQixzUBR4VhliXT04McanQlUitnud2dHkF7Q==
introspect
id-q.firstcitizens.com/idp/idx/ 		22 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id-q.firstcitizens.com/idp/idx/introspect
Requested by
Host: id-q.firstcitizens.com
URL: https://id-q.firstcitizens.com/js/vendor/lib/fcb_common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.162.164.160 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
64540384b181d42b96b457be22aa53bd5482fe6d223ae61f9894f9881b0dbb4e
Security Headers
Name Value
Content-Security-Policy default-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; connect-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com idx-fcb.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; style-src 'unsafe-inline' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com login.okta.com com-okta-authenticator:; img-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/ion+json; okta-version=1.0.0
Referer
X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.5.2
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id
ZFE04bGZHAwkFySe1ul1qQAAAig
Date
Tue, 02 May 2023 16:05:53 GMT
content-security-policy
default-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; connect-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com idx-fcb.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com; style-src 'unsafe-inline' 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' idx-fcb.oktapreview.com idx-fcb-admin.oktapreview.com id-q.firstcitizens.com login.okta.com com-okta-authenticator:; img-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' idx-fcb.oktapreview.com id-q.firstcitizens.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
2000
x-content-type-options
nosniff
Via
1.1 dca1-bit11029
x-rate-limit-remaining
1999
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
Server
nginx
vary
Origin
Content-Type
application/ion+json;okta-version=1.0.0
access-control-allow-origin
https://id-q.firstcitizens.com
x-rate-limit-reset
1683043613
access-control-allow-credentials
true
cache-control
no-cache, no-store
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=100
expires
0
checkbox-sign-in-widget.png
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 21:21:04 GMT
x-amz-meta-sha1sum
e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
413089
x-cache
Hit from cloudfront
content-length
3141
last-modified
Wed, 26 Apr 2023 22:53:37 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
b1X3Eg0mgqgspLo3BiE_yDtABaAn24x_8Pl4ayUYdLDXrkEZAoEx5A==
expires
Fri, 26 Apr 2024 21:21:04 GMT
l
use.typekit.net/af/a3941f/00000000000000007735c1a1/30/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a3941f/00000000000000007735c1a1/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
03ce8da381c7a8f7b37f2722c228f1923109838c7380e826ce34f36557b92105

Request headers

Referer
https://id-q.firstcitizens.com/
Origin
https://id-q.firstcitizens.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 16:05:53 GMT
server
nginx
etag
"e4b3b05932f08149a94d404c4763b0f8583dcc96"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13684
l
use.typekit.net/af/0d0f8f/00000000000000007735c199/30/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0d0f8f/00000000000000007735c199/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
60402dd08f25414ec79ade3f4a96d781a80d503e1e41f529ba12e549f2067829

Request headers

Referer
https://id-q.firstcitizens.com/
Origin
https://id-q.firstcitizens.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 16:05:53 GMT
server
nginx
etag
"d2ee9c1910a413485cb8230e5c2b59ca20f7528e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13356
okticon.woff
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/font/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/font/okticon.woff
Requested by
Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-60.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.5.2/css/okta-sign-in.min.css
Origin
https://id-q.firstcitizens.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 21:58:41 GMT
x-amz-meta-sha1sum
4d706297987d613a4e3f4f23d08c62d16830845d
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
410832
x-cache
Hit from cloudfront
content-length
20600
last-modified
Wed, 26 Apr 2023 22:53:36 GMT
server
nginx
etag
"db28723126138387cdf40680e6e0fa5d"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
33mzcDFZt_4OiiX_N1XVPcGQcrN5QZxxKHBMDeyZh9MI2P-l_wHgvA==
expires
Fri, 26 Apr 2024 21:58:41 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config function| readCookie function| getClientId function| getClientName string| clientName string| clientId string| primaryauth_title string| remember string| oie_remember string| primaryauth_username_tooltip string| needhelp string| help string| brandName string| password_forgot_email_or_username_placeholder string| password_forgot_email_or_username_tooltip string| account_unlock_email_or_username_placeholder string| account_unlock_email_or_username_tooltip string| mfa_backtoFactors string| factor_hotp_description string| enroll_choices_title string| enroll_hotp_restricted string| enroll_choices_description string| enroll_choices_description_generic string| enroll_choices_description_specific string| enroll_choices_description_gracePeriod_bold string| enroll_choices_description_gracePeriod_oneDay_bold string| oie_optional_authenticator_button_title string| enroll_sms_setup string| factor_sms_time_warning string| factor_sms string| factor_call string| factor_call_time_warning string| factor_password string| rememberDevice_devicebased string| contact_support string| error_auth_lockedOut string| password_forgot_noFactorsEnabled string| account_unlock_noFactorsEnabled string| errors_E0000119 string| primaryauth_submit string| error_username_required object| oktaSignIn object| OktaLogin object| jQBrowser

11 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 03594714175461300524086481544521814512
.firstcitizens.com/ Name: AMCVS_E6D235355CF7C1DE0A495EEC%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZFE03gAAAEgc1AN-
.dpm.demdex.net/ Name: dpm
Value: 03594714175461300524086481544521814512
.firstcitizens.com/ Name: AMCV_E6D235355CF7C1DE0A495EEC%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19480%7CMCMID%7C08935515849228304243471580865480873260%7CMCAAMLH-1683648349%7C6%7CMCAAMB-1683648349%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1683050749s%7CNONE%7CMCSYNCSOP%7C411-19487%7CvVersion%7C5.3.0
profile-q.firstcitizens.com/ Name: okta-oauth-redirect-params
Value: {%22responseType%22:%22code%22%2C%22state%22:%22OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe%22%2C%22nonce%22:%22aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu%22%2C%22scopes%22:[%22openid%22%2C%22email%22]%2C%22clientId%22:%220oatqq668b0Wf4dOO0h7%22%2C%22urls%22:{%22issuer%22:%22https://id-q.firstcitizens.com%22%2C%22authorizeUrl%22:%22https://id-q.firstcitizens.com/oauth2/v1/authorize%22%2C%22userinfoUrl%22:%22https://id-q.firstcitizens.com/oauth2/v1/userinfo%22%2C%22tokenUrl%22:%22https://id-q.firstcitizens.com/oauth2/v1/token%22%2C%22revokeUrl%22:%22https://id-q.firstcitizens.com/oauth2/v1/revoke%22%2C%22logoutUrl%22:%22https://id-q.firstcitizens.com/oauth2/v1/logout%22}%2C%22ignoreSignature%22:false}
profile-q.firstcitizens.com/ Name: okta-oauth-nonce
Value: aVeMF24qLdqQEBvakaHaOEv4t9yvQUOeiT9CuleniHwLjSW1O7jbklvJPuslsvyu
profile-q.firstcitizens.com/ Name: okta-oauth-state
Value: OrWHwlTS1W7FK7GO8xnuwhO4Fivro8SWsTFOink61KkTXY8brV3NYxAaaqpEZiTe
id-q.firstcitizens.com/ Name: t
Value: blue-dark
id-q.firstcitizens.com/ Name: DT
Value: DI1cSpXWXAGSsqOQlouny-4WA
id-q.firstcitizens.com/ Name: JSESSIONID
Value: 4ED4443E13D794D1DD97BA798891E7C2

3 Console Messages

Source Level URL
Text
network error URL: https://id-q.firstcitizens.com/api/v1/sessions/me
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
rendering warning URL: https://id-q.firstcitizens.com/js/vendor/lib/fcb_common.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://id-q.firstcitizens.com/js/vendor/lib/fcb_common.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
firstcitizens.demdex.net
id-q.firstcitizens.com
login.okta.com
op1static.oktacdn.com
profile-q.firstcitizens.com
use.typekit.net
107.162.164.160
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:591::1e80
34.224.49.76
34.246.19.117
52.51.186.199
54.155.194.178
65.9.95.55
65.9.95.60
03ce8da381c7a8f7b37f2722c228f1923109838c7380e826ce34f36557b92105
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
10078f6f9f0c199a299e17362a2db7cb61d0da35a3b0292e11e72abff5c146ba
1b3497f46b1aad07ce78f2cf3d6af3842342c992f1524f4dd28e344813f208f9
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
256b7a915c4ef2ab216b9bf6fed1e390e9435272cdaf880a3faa732400fbe243
291d6899c1ed4ffcff6a617f19660a67b19d60d6b61ca8cbc78e0c358e6bd2f0
34365f1ebede22aba38a142a68433afa088a2beed5d00e22d6c946a6608db4c1
3966f3091c7e9c586b259d00f5f9be81420299206ce4e503d7730436809cd200
3ba13ba24e042794e9f5d55e2032aec59b7896bf64d0d125ffc4742834981828
3c2fb2119f202afe7fb87f13b13648be349f90309e3b9996924336b875d0e35e
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
462253d83000d6bb10aa8759bcbf9ab492cd05c664ea715905825adf24bbab55
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
60402dd08f25414ec79ade3f4a96d781a80d503e1e41f529ba12e549f2067829
64540384b181d42b96b457be22aa53bd5482fe6d223ae61f9894f9881b0dbb4e
777c206df16bdf5abc4507e5083069bac8b52b1cb5b388c5c6ad4870eaa76656
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
83d5d52da9b325f7c93caeea6698ff8bf356e7b9ffa9b3aa75c93253380d73df
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
9b2b1a9aed1f7c7393fcce0f48d9cd4399b8b3409555cca084c84eb7a818f7a5
af9e0ea5cb6a750c1bb914ab4b7fadaeeaabb2812d25eb23b3250d9013e579ba
b115ca5b4699827009f47d6040800be9f41128751d73f80e5a14715f367ca487
c2ea8eeb2453733268d88aa293a697444504379fae73032f0af24f00a6252aca
ce0cdb0d0fcdba370b572b97edb3cec6ba5a8e894e6630b7dd3c6365cf59bec6
d4d14431454c9f44fc28868a99dc86ec976407f4770d896e0148e07f9480d1c8
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03a78fc6bbc7757b128c1f0474132c9369e95c4efbc27015e714a9d8fbe01da
f48da11cd6229e68a5a7e58cbb3a7e3b304ecdd714b8c952cec4c295106d72b5
f4fccb373bd1e11fcef099f8cddd02a3860d672c432f0c6dee0bb13d0b9ab456
f5d6a6e7d3648b0830cf9de5ef59d2167e2536885e4174b6ff8af73f6dd80978