www3.citizensbankonline.com Open in urlscan Pro
104.108.36.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://specifi.citizensbankonline.com/f/
Effective URL:
https://www3.citizensbankonline.com/efs/servlet/efs/login.jsp?next=%2Flanding
Submission: On January 10 via manual (January 10th 2020, 4:06:59 pm UTC) from US

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 7 countries across 16 domains to perform 46 HTTP transactions. The main IP is 104.108.36.219, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www3.citizensbankonline.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on May 31st 2019. Valid for: a year.

This is the only time www3.citizensbankonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	104.16.131.233 104.16.131.233	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	95.100.197.46 95.100.197.46	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	63.35.240.22 63.35.240.22	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.30.105.51 52.30.105.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	15.188.31.119 15.188.31.119	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	143.204.100.16 143.204.100.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.224.197.218 13.224.197.218	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.77.236.71 54.77.236.71	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.108.36.219 104.108.36.219	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
46	15

17 104.16.131.233 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

specifi.citizensbankonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.100.197.46 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-197-46.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.71.113 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.35.240.22 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.105.51 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-105-51.eu-west-1.compute.amazonaws.com

citizensbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.31.119 (Paris, France)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-15-188-31-119.eu-west-3.compute.amazonaws.com

smetrics.citizensbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.117.28.86 (United States) 2 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.100.16 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-100-16.fra50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.218 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-218.fra2.r.cloudfront.net

d7e8o9i11vi0c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.236.71 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-236-71.eu-west-1.compute.amazonaws.com

sigfig.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.36.219 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-36-219.deploy.static.akamaitechnologies.com

www3.citizensbankonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	citizensbankonline.com 1 redirects specifi.citizensbankonline.com www3.citizensbankonline.com	1 MB
6	demdex.net dpm.demdex.net citizensbank.demdex.net sigfig.demdex.net	5 KB
5	ensighten.com nexus.ensighten.com	65 KB
3	adobedtm.com assets.adobedtm.com	98 KB
2	everesttech.net 2 redirects cm.everesttech.net	1020 B
2	citizensbank.com smetrics.citizensbank.com	4 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	cloudfront.net d7e8o9i11vi0c.cloudfront.net Failed
1	heapanalytics.com cdn.heapanalytics.com heapanalytics.com Failed	30 KB
1	zdassets.com static.zdassets.com ekr.zdassets.com Failed	7 KB
1	zendesk.com 1 redirects assets.zendesk.com	238 B
0	a3cloud.net Failed t.a3cloud.net Failed
0	omtrdc.net Failed sigfig.sc.omtrdc.net Failed
0	sigfig.com Failed snowplow.sigfig.com Failed
46	16

	Domain	Requested by
17	specifi.citizensbankonline.com	1 redirects specifi.citizensbankonline.com
5	nexus.ensighten.com	specifi.citizensbankonline.com nexus.ensighten.com
4	dpm.demdex.net	specifi.citizensbankonline.com
3	assets.adobedtm.com	specifi.citizensbankonline.com assets.adobedtm.com
2	cm.everesttech.net	2 redirects
2	smetrics.citizensbank.com	specifi.citizensbankonline.com
2	www.google-analytics.com	specifi.citizensbankonline.com
1	www3.citizensbankonline.com	specifi.citizensbankonline.com
1	www.googletagmanager.com	nexus.ensighten.com
1	sigfig.demdex.net	specifi.citizensbankonline.com
1	stats.g.doubleclick.net	specifi.citizensbankonline.com
1	d7e8o9i11vi0c.cloudfront.net	specifi.citizensbankonline.com
1	cdn.heapanalytics.com	specifi.citizensbankonline.com
1	citizensbank.demdex.net	nexus.ensighten.com
1	static.zdassets.com	specifi.citizensbankonline.com
1	assets.zendesk.com	1 redirects
0	t.a3cloud.net Failed	nexus.ensighten.com
0	ekr.zdassets.com Failed	static.zdassets.com
0	heapanalytics.com Failed	specifi.citizensbankonline.com
0	sigfig.sc.omtrdc.net Failed	specifi.citizensbankonline.com
0	snowplow.sigfig.com Failed	specifi.citizensbankonline.com
46	21

This site contains no links.

Subject Issuer	Validity	Valid
specifi.citizensbankonline.com DigiCert SHA2 Extended Validation Server CA	`2019-02-19` - `2020-03-29`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2019-10-03` - `2020-10-02`	a year	crt.sh
*.zdassets.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-25` - `2021-05-31`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
smetrics.citizensbank.com DigiCert SHA2 High Assurance Server CA	`2019-03-11` - `2020-06-17`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2019-10-22` - `2020-11-22`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
citizensbankonline.com DigiCert SHA2 Extended Validation Server CA	`2019-05-31` - `2020-07-04`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www3.citizensbankonline.com/efs/servlet/efs/login.jsp?next=%2Flanding
Frame ID: F112B9851C9BA1B2A0ADE61BFAAFBCDF
Requests: 40 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 19F954C1DE0F49AC07AA860B40CB60D2
Requests: 2 HTTP requests in this frame

Frame: https://citizensbank.demdex.net/dest5.html?d_nsid=0
Frame ID: FD8D795B81B966F582D758B03B1BEEDD
Requests: 1 HTTP requests in this frame

Frame: https://d7e8o9i11vi0c.cloudfront.net/f/snapengage.html?for=https_specifi_citizensbankonline_com_f_prelanding_next_2Flanding_route_2Flanding
Frame ID: F8737A6FFF6E829A81074A743CE73CA6
Requests: 2 HTTP requests in this frame

Frame: https://sigfig.demdex.net/dest5.html?d_nsid=0
Frame ID: EA692827DD68297065E988491C150BB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://specifi.citizensbankonline.com/f/ Page URL
https://www3.citizensbankonline.com/efs/servlet/efs/login.jsp?next=%2Flanding Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

46
Requests

87 %
HTTPS

19 %
IPv6

16
Domains

21
Subdomains

15
IPs

7
Countries

1563 kB
Transfer

5775 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://specifi.citizensbankonline.com/f/ Page URL
https://www3.citizensbankonline.com/efs/servlet/efs/login.jsp?next=%2Flanding Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 21

https://cm.everesttech.net/cm/dd?d_uuid=29595584966490368400660703346945224663 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XhihEgAAADIbusIo

Request Chain 37

https://cm.everesttech.net/cm/dd?d_uuid=29595584966490368400660703346945224663 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XhihEgAAADIbusIo&d_uuid=29595584966490368400660703346945224663

Request Chain 43

https://specifi.citizensbankonline.com/l/portfolio/api/portfolios?includeHidden=true&version=2 HTTP 302
https://specifi.citizensbankonline.com/site/

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
specifi.citizensbankonline.com/f/ 24 KB
9 KB 265ms
173ms Document
text/html 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdf850bd72306e87bd6bf1476ffa01b268749b5d4117acc7e411e11476b7daea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: specifi.citizensbankonline.com
:scheme: https
:path: /f/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Fri, 10 Jan 2020 16:06:41 GMT
content-type: text/html
set-cookie: __cfduid=d250a792c6e2521376720b3b872f989e31578672401; expires=Sun, 09-Feb-20 16:06:41 GMT; path=/; domain=.citizensbankonline.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
expires: Fri, 10 Jan 2020 16:07:11 GMT
cache-control: max-age=30
x-static-hostname: app-private-php-01.prod.dfw1.std.host
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
age: 0
x-v-cache: MISS web-01.prod.dfw1.std.host
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://specifi.citizensbankonline.com
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 552fe64f5bc1c84f-AMS
content-encoding: gzip

GET
H2 200 common.3cc08f04ebc419a42f7c.css
specifi.citizensbankonline.com/f/ 4 KB
1 KB 485ms
484ms Stylesheet
text/css 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/common.3cc08f04ebc419a42f7c.css

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda0755acef70c84d08ecbbaa828d9347366ecf5791d5951997924315cd5b9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-02.prod.dfw1.std.host
x-static-hostname: app-private-php-03.prod.dfw1.std.host
content-length: 1199
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-f81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508edbc84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 shared-styles.612ca3ba73bb0f94544a-1.css
specifi.citizensbankonline.com/f/ 245 KB
76 KB 166ms
164ms Stylesheet
text/css 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/shared-styles.612ca3ba73bb0f94544a-1.css

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f57ae25f7c0223aad8d0003c44b09f27346d5429cbb5e946a59a8f1592b96b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-01.prod.dfw1.std.host
x-static-hostname: app-private-php-02.prod.dfw1.std.host
content-length: 77487
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-3d2cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508edfc84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 shared-styles.612ca3ba73bb0f94544a-2.css
specifi.citizensbankonline.com/f/ 13 KB
4 KB 163ms
161ms Stylesheet
text/css 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/shared-styles.612ca3ba73bb0f94544a-2.css

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

695fcf3151a601d1ec094d820b13e09f7a456bdb3fa3dff27c12e203d4e87578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-01.prod.dfw1.std.host
x-static-hostname: app-private-php-03.prod.dfw1.std.host
content-length: 3623
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-32f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508ee0c84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 app-compiled.f3647861077dea1b49a1-1.css
specifi.citizensbankonline.com/f/ 304 KB
49 KB 189ms
188ms Stylesheet
text/css 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/app-compiled.f3647861077dea1b49a1-1.css

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b51e42f7926a59dcc2d2d09afb98000ce1b61e1e7f0886e93a1454774d170f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-02.prod.dfw1.std.host
x-static-hostname: app-private-php-03.prod.dfw1.std.host
content-length: 50279
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-4c0db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508ee1c84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 app-compiled.f3647861077dea1b49a1-2.css
specifi.citizensbankonline.com/f/ 99 KB
26 KB 201ms
200ms Stylesheet
text/css 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/app-compiled.f3647861077dea1b49a1-2.css

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8090be467cfd4a5bb3e39da9b8164513175deede5f7fbc87f6bdbdd3ac123ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-02.prod.dfw1.std.host
x-static-hostname: app-private-php-02.prod.dfw1.std.host
content-length: 26347
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-18ad0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508ee2c84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 runtime.2204ccbc4d685eaacc09.js Show response
specifi.citizensbankonline.com/f/ 2 KB
1 KB 204ms
203ms Script
application/x-javascript 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/runtime.2204ccbc4d685eaacc09.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52271372a653ca264ee154d7af65a0b9bda6d606949ca383155e911ab0f5d617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-02.prod.dfw1.std.host
x-static-hostname: app-private-php-01.prod.dfw1.std.host
content-length: 1174
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508ee4c84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 common.2823c699d8e95cca4873.js Show response
specifi.citizensbankonline.com/f/ 1 MB
439 KB 252ms
251ms Script
application/x-javascript 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/common.2823c699d8e95cca4873.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

13b7433ac21439b5177af4c33db54a8dd85663a5dc59f8d62fce7fb5321af40c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-01.prod.dfw1.std.host
x-static-hostname: app-private-php-02.prod.dfw1.std.host
content-length: 448569
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-1570d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508ee6c84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 shared-styles.1ffdb1a17cf6fc283764.js Show response
specifi.citizensbankonline.com/f/ 1 KB
410 B 204ms
203ms Script
application/x-javascript 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/shared-styles.1ffdb1a17cf6fc283764.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

38cb55e6edf48c58cba0dbaf33593eeab93c9d1d1432e3c2814369e7c8f2c6c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-01.prod.dfw1.std.host
x-static-hostname: app-private-php-01.prod.dfw1.std.host
content-length: 325
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-4fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508ee7c84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 polyfills.482b2446de485e7cde0e.js Show response
specifi.citizensbankonline.com/f/ 147 B
360 B 157ms
156ms Script
application/x-javascript 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/polyfills.482b2446de485e7cde0e.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f0e9caf990d535e56d1c34c1b4aa37b934afa98713136875a1bda9139af47e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-02.prod.dfw1.std.host
x-static-hostname: app-private-php-01.prod.dfw1.std.host
content-length: 134
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508ee8c84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 vendor.483a1afe8f9a4423f979.js Show response
specifi.citizensbankonline.com/f/ 97 KB
34 KB 196ms
196ms Script
application/x-javascript 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/vendor.483a1afe8f9a4423f979.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd9b46d8732d9cb5706300427219e8bb526a29a5f52d3f617baa0c49a209fd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-01.prod.dfw1.std.host
x-static-hostname: app-private-php-03.prod.dfw1.std.host
content-length: 34532
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-1833a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508eebc84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 app-compiled.1dda8d252fdcca6a3ae9.js Show response
specifi.citizensbankonline.com/f/ 3 MB
644 KB 327ms
327ms Script
application/x-javascript 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/app-compiled.1dda8d252fdcca6a3ae9.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

691afec73ad5f1f2188a263fa3323de74015b411eaa39c6f2738d8adfd9d3043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-01.prod.dfw1.std.host
x-static-hostname: app-private-php-01.prod.dfw1.std.host
content-length: 658940
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-2aff33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6508eedc84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 adobe-target-visitor.9284dec2f849ec2a1b7fba04cf2e9954.js Show response
specifi.citizensbankonline.com/f/ 58 KB
16 KB 162ms
161ms Script
application/x-javascript 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/f/adobe-target-visitor.9284dec2f849ec2a1b7fba04cf2e9954.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3991c7d534c427b4040fee8914e949228fa98653410580400ac846d10ffa78b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000
x-v-cache: MISS web-02.prod.dfw1.std.host
x-static-hostname: app-private-php-03.prod.dfw1.std.host
content-length: 16673
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Nov 2019 16:13:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddd4f36-e602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe6539fcbc84f-AMS
expires: Mon, 07 Jan 2030 16:06:42 GMT

GET
H2 200 satelliteLib-6cf65a7d17ac4a17744d34102e11100362514092.js Show response
assets.adobedtm.com/9e99f888a6e099a17094a2280adc7bbad8a3367f/ 132 KB
40 KB 56ms
20ms Script
application/x-javascript 95.100.197.46
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9e99f888a6e099a17094a2280adc7bbad8a3367f/satelliteLib-6cf65a7d17ac4a17744d34102e11100362514092.js
Requested by: Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.46 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-46.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 47277aea36e67ab0937c5b60c08810317e5765b97ceb0bd11b2b01a58d00e4f5

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 21:22:52 GMT
server: AkamaiNetStorage
etag: "f5f518ae1744a4c541440c05193accfd:1563398572"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 40897
expires: Fri, 10 Jan 2020 17:06:42 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/citizensbank/specifiprod/ 96 KB
30 KB 77ms
33ms Script
application/javascript 18.197.253.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citizensbank/specifiprod/Bootstrap.js
Requested by: Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0d5d7a3e039ee5c0a22e4f5f11aaaf1cb0d62f7e557fb26d475681dc053761e1

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
last-modified: Thu, 02 Jan 2020 23:16:04 GMT
server: nginx
etag: W/"5e0e79b4-18197"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=300

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 19F9
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

77ms
31ms

Script
application/javascript

104.18.70.113
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ef14094971c85cb858a14229b66434ba058647685e7995efeb003907843680

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 34
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 7CA0F1C2247E0BA2
x-amz-id-2: 1MRQ3aaKwifJvyUjD7jkAm6FoJm1+NY9Ax8SRyIxRAH/CcMX5VzbqvwjLI1P294Lf5yJickoVNc=
last-modified: Mon, 25 Nov 2019 03:12:11 GMT
server: cloudflare
etag: W/"f23e2e8621b39c963c5314230b30e8f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: vA138V8AjTSx.rHWOBKMdQTbxk4qg8M4
cf-ray: 552fe655987c2b92-AMS

Redirect headers

date: Fri, 10 Jan 2020 16:06:42 GMT
server: cloudflare
location: https://static.zdassets.com/ekr/asset_composer.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 301
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 552fe65439279d4e-AMS
expires: Fri, 10 Jan 2020 17:06:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/vendor.483a1afe8f9a4423f979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1708
date: Fri, 10 Jan 2020 15:38:14 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 10 Jan 2020 17:38:14 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 150ms
42ms XHR
application/json 63.35.240.22
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1578672402591

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0cfc07e61d90f6c7157f1bfa9a75219ca469418243c3e6a103f4e39f00b68917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://specifi.citizensbankonline.com/f/
Origin: https://specifi.citizensbankonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v057-0c771462f.edge-irl1.demdex.com 5.64.3.20200108083203 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: y6DbhRnUQGw=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://specifi.citizensbankonline.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1248
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citizensbank/specifiprod/ 518 B
660 B 23ms
23ms Script
text/javascript 18.197.253.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citizensbank/specifiprod/serverComponent.php?r=2534159.461547134&ClientID=397&PageID=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/specifiprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f10b903b928cd5a9f18c7feba410b3c4d92362fde5ea19d6ce4e3fac7200f25a

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Fri, 10 Jan 2020 16:06:42 GMT
cache-control: no-cache, no-store
expires: Fri, 10 Jan 2020 16:06:41 GMT
server: nginx
content-length: 518
content-type: text/javascript

GET
H/1.1 200
OK Cookie set dest5.html
citizensbank.demdex.net/ Frame FD8D 0
0 173ms
37ms Document
text/html 52.30.105.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://citizensbank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/specifiprod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.105.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-30-105-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: citizensbank.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://specifi.citizensbankonline.com/f/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=29595584966490368400660703346945224663
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://specifi.citizensbankonline.com/f/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 08 Jan 2020 13:59:46 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=29595584966490368400660703346945224663;Path=/;Domain=.demdex.net;Expires=Wed, 08-Jul-2020 16:06:42 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: evpWuce7Qqo=
Content-Length: 2764
Connection: keep-alive

GET
H2 200 id Show response
smetrics.citizensbank.com/ 49 B
485 B 128ms
30ms XHR
application/x-javascript 15.188.31.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.citizensbank.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=4C3B0C3755C3822E7F000101%40AdobeOrg&mid=29626002546023286550658785345795002800&ts=1578672402769

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.31.119 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-15-188-31-119.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

835b385593b503275f5d92ca7b7658391c8cb74e21d22d5c5b0494aeaa506a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
Origin: https://specifi.citizensbankonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 10 Jan 2020 16:06:42 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5fc496b8d4-xgz4j
vary: Origin
x-c: master-1061.Iecc33a.M0-311
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript
content-length: 49
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XhihEgAAADIbusIo
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=29595584966490368400660703346945224663
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XhihEgAAADIbusIo

42 B
915 B

37ms
36ms

Image
image/gif

63.35.240.22
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XhihEgAAADIbusIo

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v057-0fbb15cf7.edge-irl1.demdex.com 5.64.3.20200108083203 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: /XckV73CQk8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 10 Jan 2020 16:06:42 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XhihEgAAADIbusIo
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 heap-3697063019.js Show response
cdn.heapanalytics.com/js/ 70 KB
30 KB 186ms
135ms Script
application/javascript 143.204.100.16
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-3697063019.js
Requested by: Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/app-compiled.1dda8d252fdcca6a3ae9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.100.16 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-100-16.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: ea94e714fa4b4d1304900fd4c5fb6c9be9cad90a0c8d437afa535b3804633aa6

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:42 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"116cc-PSaW6LeOE8jiqcrgqnndzQ"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=120
x-amz-cf-id: BdRv_nzdB0qfUTgPZb063RxvGaQQsmkohUus3grtA-FnlWBnw2hPQQ==
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)

GET
H2 200 brokerages
specifi.citizensbankonline.com/l/portfolio/api/ 71 KB
0 1142ms
1142ms XHR
application/json 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/l/portfolio/api/brokerages

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

0: Sigfig-Correlation-Id: 999852021
1: Sigfig-Multisession-Id: zd1myn
2: X-B3-Sampled: 1
3: X-B3-SpanId: 01DY83ACS6Y8ES931HG5F5Y2NH
4: X-B3-TraceId: 999852021
date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0, 0
status: 200, 200 OK
strict-transport-security: max-age=31536000
x-v-cache: MISS web-01.prod.dfw1.std.host
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hostname: app-private-php-01
content-type: application/json
access-control-allow-origin
cache-control: s-maxage=259200, must-revalidate, max-age=259200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 552fe655cea5c84f-AMS
x-v-buffered: no

GET
H2 200 info
specifi.citizensbankonline.com/l/account/api/ 195 B
693 B 440ms
439ms XHR
application/json 104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/l/account/api/info

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

0: Sigfig-Correlation-Id: 1731759697
1: Sigfig-Multisession-Id: bvwepg
2: X-B3-Sampled: 1
3: X-B3-SpanId: 01DY83ACEZRSJFZ8J91KK6W63T
4: X-B3-TraceId: 1731759697
date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0, 0
status: 200, 200 OK
strict-transport-security: max-age=31536000
x-v-cache: MISS web-02.prod.dfw1.std.host
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: app-private-php-03
cf-ray: 552fe655cea8c84f-AMS
x-v-buffered: no

GET snapengage.html
d7e8o9i11vi0c.cloudfront.net/f/ Frame F873 0
0

GET
H/1.1 200
OK snapengage.html
d7e8o9i11vi0c.cloudfront.net/f/ Frame F873 0
0 582ms
556ms Document
text/html 13.224.197.218
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d7e8o9i11vi0c.cloudfront.net/f/snapengage.html?for=https_specifi_citizensbankonline_com_f_prelanding_next_2Flanding_route_2Flanding

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/app-compiled.1dda8d252fdcca6a3ae9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-224-197-218.fra2.r.cloudfront.net

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' https://.cloudfront.net https://.docusign.com https://.docusign.net https://.sigfig.com https://go.oncehub.com https://secure.scheduleonce.com https://sigfig.demdex.net https://www.snapengage.com https://.cambridgesavings.com; connect-src 'self' https://.demdex.net https://.getsentry.com https://.hotjar.com https://.sigfig.com https://.wellsfargo.com https://.zdassets.com https://.zendesk.com https://api.greenhouse.io https://bam.nr-data.net https://heapanalytics.com https://maps.googleapis.com https://sentry.io https://sigfig.sc.omtrdc.net https://sigfig.tt.omtrdc.net https://sigfigprod.112.2o7.net https://www.snapengage.com wss://.hotjar.com https://.cambridgesavings.com; default-src 'self' https://.sigfig.com https://.cambridgesavings.com; frame-src 'self' https://.cloudfront.net https://.docusign.com https://.docusign.net https://.hotjar.com/ https://.sigfig.com https://go.oncehub.com https://secure.scheduleonce.com https://sigfig.demdex.net https://www.snapengage.com https://.cambridgesavings.com; font-src 'self' data: https://.cloudfront.net https://.sigfig.com https://fonts.gstatic.com https://heapanalytics.com https://.cambridgesavings.com; img-src 'self' data: http://.ggpht.com http://.googleusercontent.com http://.gstatic.com http://.wikinvest.com http://feeds.feedburner.com https://.cloudfront.net https://.doubleclick.net https://.ggpht.com https://.google-analytics.com https://.googleapis.com https://.googleusercontent.com https://.gstatic.com https://.quantserve.com https://.sigfig.com https://cm.everesttech.net https://csi.gstatic.com https://dpm.demdex.net https://heapanalytics.com https://sigfigcitizensbankdev.112.2o7.net https://tags.w55c.net https://www.facebook.com https://www.snapengage.com https://.cambridgesavings.com; media-src 'self' https://.cloudfront.net https://.sigfig.com https://.cambridgesavings.com; object-src 'self' https://www.snapengage.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.adobedtm.com https://.cloudfront.net https://.doubleclick.net https://.google-analytics.com https://.googleapis.com https://.hotjar.com/ https://.newrelic.com https://.quantserve.com https://.sigfig.com https://.wellsfargoadvisors.com https://.wikinvest.com https://.zdassets.com https://.zendesk.com https://apis.google.com https://bam.nr-data.net https://cdn.heapanalytics.com https://heapanalytics.com https://nexus.ensighten.com https://sigfig.sc.omtrdc.net https://sigfigprod.112.2o7.net https://www.snapengage.com https://.cambridgesavings.com; style-src 'self' 'unsafe-inline' https://.cloudfront.net https://.googleapis.com https://.sigfig.com https://heapanalytics.com https://.cambridgesavings.com;
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	child-src 'self' https://.cloudfront.net https://.docusign.com https://.docusign.net https://.sigfig.com https://go.oncehub.com https://secure.scheduleonce.com https://sigfig.demdex.net https://www.snapengage.com https://.cambridgesavings.com; connect-src 'self' https://.demdex.net https://.getsentry.com https://.hotjar.com https://.sigfig.com https://.wellsfargo.com https://.zdassets.com https://.zendesk.com https://api.greenhouse.io https://bam.nr-data.net https://heapanalytics.com https://maps.googleapis.com https://sentry.io https://sigfig.sc.omtrdc.net https://sigfig.tt.omtrdc.net https://sigfigprod.112.2o7.net https://www.snapengage.com wss://.hotjar.com https://.cambridgesavings.com; default-src 'self' https://.sigfig.com https://.cambridgesavings.com; frame-src 'self' https://.cloudfront.net https://.docusign.com https://.docusign.net https://.hotjar.com/ https://.sigfig.com https://go.oncehub.com https://secure.scheduleonce.com https://sigfig.demdex.net https://www.snapengage.com https://.cambridgesavings.com; font-src 'self' data: https://.cloudfront.net https://.sigfig.com https://fonts.gstatic.com https://heapanalytics.com https://.cambridgesavings.com; img-src 'self' data: http://.ggpht.com http://.googleusercontent.com http://.gstatic.com http://.wikinvest.com http://feeds.feedburner.com https://.cloudfront.net https://.doubleclick.net https://.ggpht.com https://.google-analytics.com https://.googleapis.com https://.googleusercontent.com https://.gstatic.com https://.quantserve.com https://.sigfig.com https://cm.everesttech.net https://csi.gstatic.com https://dpm.demdex.net https://heapanalytics.com https://sigfigcitizensbankdev.112.2o7.net https://tags.w55c.net https://www.facebook.com https://www.snapengage.com https://.cambridgesavings.com; media-src 'self' https://.cloudfront.net https://.sigfig.com https://.cambridgesavings.com; object-src 'self' https://www.snapengage.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.adobedtm.com https://.cloudfront.net https://.doubleclick.net https://.google-analytics.com https://.googleapis.com https://.hotjar.com/ https://.newrelic.com https://.quantserve.com https://.sigfig.com https://.wellsfargoadvisors.com https://.wikinvest.com https://.zdassets.com https://.zendesk.com https://apis.google.com https://bam.nr-data.net https://cdn.heapanalytics.com https://heapanalytics.com https://nexus.ensighten.com https://sigfig.sc.omtrdc.net https://sigfigprod.112.2o7.net https://www.snapengage.com https://.cambridgesavings.com; style-src 'self' 'unsafe-inline' https://.cloudfront.net https://.googleapis.com https://.sigfig.com https://heapanalytics.com https://.cambridgesavings.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: d7e8o9i11vi0c.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://specifi.citizensbankonline.com/f/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://specifi.citizensbankonline.com/f/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 10 Jan 2020 16:06:43 GMT
Expires: Fri, 10 Jan 2020 16:07:13 GMT
Cache-Control: max-age=30
X-Static-Hostname: app-private-php-v01-2.dfw1.sigfig.host
Access-Control-Allow-Credentials: true
Content-Security-Policy: child-src 'self' https://*.cloudfront.net https://*.docusign.com https://*.docusign.net https://*.sigfig.com https://go.oncehub.com https://secure.scheduleonce.com https://sigfig.demdex.net https://www.snapengage.com https://*.cambridgesavings.com; connect-src 'self' https://*.demdex.net https://*.getsentry.com https://*.hotjar.com https://*.sigfig.com https://*.wellsfargo.com https://*.zdassets.com https://*.zendesk.com https://api.greenhouse.io https://bam.nr-data.net https://heapanalytics.com https://maps.googleapis.com https://sentry.io https://sigfig.sc.omtrdc.net https://sigfig.tt.omtrdc.net https://sigfigprod.112.2o7.net https://www.snapengage.com wss://*.hotjar.com https://*.cambridgesavings.com; default-src 'self' https://*.sigfig.com https://*.cambridgesavings.com; frame-src 'self' https://*.cloudfront.net https://*.docusign.com https://*.docusign.net https://*.hotjar.com/ https://*.sigfig.com https://go.oncehub.com https://secure.scheduleonce.com https://sigfig.demdex.net https://www.snapengage.com https://*.cambridgesavings.com; font-src 'self' data: https://*.cloudfront.net https://*.sigfig.com https://fonts.gstatic.com https://heapanalytics.com https://*.cambridgesavings.com; img-src 'self' data: http://*.ggpht.com http://*.googleusercontent.com http://*.gstatic.com http://*.wikinvest.com http://feeds.feedburner.com https://*.cloudfront.net https://*.doubleclick.net https://*.ggpht.com https://*.google-analytics.com https://*.googleapis.com https://*.googleusercontent.com https://*.gstatic.com https://*.quantserve.com https://*.sigfig.com https://cm.everesttech.net https://csi.gstatic.com https://dpm.demdex.net https://heapanalytics.com https://sigfigcitizensbankdev.112.2o7.net https://tags.w55c.net https://www.facebook.com https://www.snapengage.com https://*.cambridgesavings.com; media-src 'self' https://*.cloudfront.net https://*.sigfig.com https://*.cambridgesavings.com; object-src 'self' https://www.snapengage.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.adobedtm.com https://*.cloudfront.net https://*.doubleclick.net https://*.google-analytics.com https://*.googleapis.com https://*.hotjar.com/ https://*.newrelic.com https://*.quantserve.com https://*.sigfig.com https://*.wellsfargoadvisors.com https://*.wikinvest.com https://*.zdassets.com https://*.zendesk.com https://apis.google.com https://bam.nr-data.net https://cdn.heapanalytics.com https://heapanalytics.com https://nexus.ensighten.com https://sigfig.sc.omtrdc.net https://sigfigprod.112.2o7.net https://www.snapengage.com https://*.cambridgesavings.com; style-src 'self' 'unsafe-inline' https://*.cloudfront.net https://*.googleapis.com https://*.sigfig.com https://heapanalytics.com https://*.cambridgesavings.com;
X-Content-Security-Policy: child-src 'self' https://*.cloudfront.net https://*.docusign.com https://*.docusign.net https://*.sigfig.com https://go.oncehub.com https://secure.scheduleonce.com https://sigfig.demdex.net https://www.snapengage.com https://*.cambridgesavings.com; connect-src 'self' https://*.demdex.net https://*.getsentry.com https://*.hotjar.com https://*.sigfig.com https://*.wellsfargo.com https://*.zdassets.com https://*.zendesk.com https://api.greenhouse.io https://bam.nr-data.net https://heapanalytics.com https://maps.googleapis.com https://sentry.io https://sigfig.sc.omtrdc.net https://sigfig.tt.omtrdc.net https://sigfigprod.112.2o7.net https://www.snapengage.com wss://*.hotjar.com https://*.cambridgesavings.com; default-src 'self' https://*.sigfig.com https://*.cambridgesavings.com; frame-src 'self' https://*.cloudfront.net https://*.docusign.com https://*.docusign.net https://*.hotjar.com/ https://*.sigfig.com https://go.oncehub.com https://secure.scheduleonce.com https://sigfig.demdex.net https://www.snapengage.com https://*.cambridgesavings.com; font-src 'self' data: https://*.cloudfront.net https://*.sigfig.com https://fonts.gstatic.com https://heapanalytics.com https://*.cambridgesavings.com; img-src 'self' data: http://*.ggpht.com http://*.googleusercontent.com http://*.gstatic.com http://*.wikinvest.com http://feeds.feedburner.com https://*.cloudfront.net https://*.doubleclick.net https://*.ggpht.com https://*.google-analytics.com https://*.googleapis.com https://*.googleusercontent.com https://*.gstatic.com https://*.quantserve.com https://*.sigfig.com https://cm.everesttech.net https://csi.gstatic.com https://dpm.demdex.net https://heapanalytics.com https://sigfigcitizensbankdev.112.2o7.net https://tags.w55c.net https://www.facebook.com https://www.snapengage.com https://*.cambridgesavings.com; media-src 'self' https://*.cloudfront.net https://*.sigfig.com https://*.cambridgesavings.com; object-src 'self' https://www.snapengage.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.adobedtm.com https://*.cloudfront.net https://*.doubleclick.net https://*.google-analytics.com https://*.googleapis.com https://*.hotjar.com/ https://*.newrelic.com https://*.quantserve.com https://*.sigfig.com https://*.wellsfargoadvisors.com https://*.wikinvest.com https://*.zdassets.com https://*.zendesk.com https://apis.google.com https://bam.nr-data.net https://cdn.heapanalytics.com https://heapanalytics.com https://nexus.ensighten.com https://sigfig.sc.omtrdc.net https://sigfigprod.112.2o7.net https://www.snapengage.com https://*.cambridgesavings.com; style-src 'self' 'unsafe-inline' https://*.cloudfront.net https://*.googleapis.com https://*.sigfig.com https://heapanalytics.com https://*.cambridgesavings.com;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-V-Cache: MISS web-v01-1.dfw1.sigfig.host
Access-Control-Allow-Origin: https://secure.sigfig.com
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 552fe6576b4bdfbf-FRA
Content-Encoding: gzip
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 7eb0b6b84b224c3eff8520d4bc275e4c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: jb_ob8e-F0tT0lj-f55195eP_283xU4POnX6BZkYmIjML_loDZ410w==

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1200342406&t=pageview&_s=1&dl=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F&dp=%2Fprelanding%3Fnext%3D%252Flanding%26route%3D%252Flanding&ul=en-us&de=UTF-8&dt=Introducing%20SpeciFi%20digital%20advisor%20%7C%20Citizens%20Investment%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAB~&jid=2127996218&gjid=1042383895&cid=1796690231.1578672403&tid=UA-23116607-26&_gid=1878947219.1578672403&z=1126488975

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Dec 2019 07:51:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1844085
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 16ms
15ms Image
image/gif 2a00:1450:400c:c00::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-23116607-26&cid=1796690231.1578672403&jid=2127996218&gjid=1042383895&_gid=1878947219.1578672403&_u=aGBAgAAB~&z=1318777628

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 10 Jan 2020 16:06:43 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET i
snowplow.sigfig.com/ 0
0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 365 B
1 KB 54ms
41ms XHR
application/json 63.35.240.22
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=2.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=2DA155B058A1AEEB0A495E4F%40AdobeOrg&d_nsid=0&ts=1578672403076

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5c01b89f1421c7720b62d3c22bcdbcc1f94766add7c10aea03a67f850a79975c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://specifi.citizensbankonline.com/f/
Origin: https://specifi.citizensbankonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v057-057d19649.edge-irl1.demdex.com 5.64.3.20200108083203 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: l6inOTxXQQE=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://specifi.citizensbankonline.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 302
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mbox-contents-a8517d7d839a0fbf564c6f69398e50305e3159cc.js Show response
assets.adobedtm.com/9e99f888a6e099a17094a2280adc7bbad8a3367f/ 108 KB
35 KB 26ms
25ms Script
application/x-javascript 95.100.197.46
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9e99f888a6e099a17094a2280adc7bbad8a3367f/mbox-contents-a8517d7d839a0fbf564c6f69398e50305e3159cc.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9e99f888a6e099a17094a2280adc7bbad8a3367f/satelliteLib-6cf65a7d17ac4a17744d34102e11100362514092.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.46 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-46.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 25162608debeb84499c8c4816be33a554ef62a3f1758bddaab7bab7dcdc31a08

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 21:22:53 GMT
server: AkamaiNetStorage
etag: "6f78b4578f46ef3d0ed13ba9fc896810:1563398573"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 35162
expires: Fri, 10 Jan 2020 17:06:43 GMT

GET
H2 200 s-code-contents-662bed2ab42fc8c2555e4cc5cf9bddb6283e4c4a.js Show response
assets.adobedtm.com/9e99f888a6e099a17094a2280adc7bbad8a3367f/ 66 KB
23 KB 31ms
31ms Script
application/x-javascript 95.100.197.46
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9e99f888a6e099a17094a2280adc7bbad8a3367f/s-code-contents-662bed2ab42fc8c2555e4cc5cf9bddb6283e4c4a.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9e99f888a6e099a17094a2280adc7bbad8a3367f/satelliteLib-6cf65a7d17ac4a17744d34102e11100362514092.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.46 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-46.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7a6634f8007e34cc9542574eba5c7280b8aa62d44b6f0c1f078ba0845eec436f

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 21:22:52 GMT
server: AkamaiNetStorage
etag: "fd67b3ea5d4509d7f49df769623f74fa:1563398572"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 23746
expires: Fri, 10 Jan 2020 17:06:43 GMT

GET
H2 200 85bdc0574d14d686317bede6d6ffbcc1.js Show response
nexus.ensighten.com/citizensbank/specifiprod/code/ 3 KB
1 KB 21ms
21ms Script
application/javascript 18.197.253.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citizensbank/specifiprod/code/85bdc0574d14d686317bede6d6ffbcc1.js?conditionId0=421909
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/specifiprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c6757a73b6eb4e333af4a80ffddb38a7599b0cdc8bee64d8d0954b4187a1edf3

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Jun 2019 15:58:07 GMT
server: nginx
etag: W/"5cffcf8f-a57"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 a0b329ca85c364f7869b063ccd5c548a.js Show response
nexus.ensighten.com/citizensbank/specifiprod/code/ 89 KB
31 KB 28ms
27ms Script
application/javascript 18.197.253.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citizensbank/specifiprod/code/a0b329ca85c364f7869b063ccd5c548a.js?conditionId0=4854979
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/specifiprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2bfbda60590f5ff2b68cf3a5b445ad75b365aaed3eef4e7c8ba65b4317c9abee

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: gzip
last-modified: Thu, 02 Jan 2020 23:16:04 GMT
server: nginx
etag: W/"5e0e79b4-163e8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 aab3ccd296c7be020623a72ffc364189.js Show response
nexus.ensighten.com/citizensbank/specifiprod/code/ 5 KB
2 KB 31ms
31ms Script
application/javascript 18.197.253.20
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citizensbank/specifiprod/code/aab3ccd296c7be020623a72ffc364189.js?conditionId0=741795
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/specifiprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ded53dcf9e522208416dfa416f55514ce791ec0c2d86c0d2b29d8ac02310113a

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Jun 2019 15:58:07 GMT
server: nginx
etag: W/"5cffcf8f-144b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H/1.1 200
OK Cookie set dest5.html
sigfig.demdex.net/ Frame EA69 0
0 400ms
37ms Document
text/html 54.77.236.71
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sigfig.demdex.net/dest5.html?d_nsid=0

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/adobe-target-visitor.9284dec2f849ec2a1b7fba04cf2e9954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.236.71 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-77-236-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: sigfig.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://specifi.citizensbankonline.com/f/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=29595584966490368400660703346945224663; dextp=60-1-1578672403154
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://specifi.citizensbankonline.com/f/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 08 Jan 2020 15:26:23 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=29595584966490368400660703346945224663;Path=/;Domain=.demdex.net;Expires=Wed, 08-Jul-2020 16:06:43 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: obDg5EybTAY=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XhihEgAAADIbusIo&d_uuid=29595584966490368400660703346945224663
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=29595584966490368400660703346945224663
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XhihEgAAADIbusIo&d_uuid=29595584966490368400660703346945224663

0
882 B

38ms
37ms

Image
text/plain

63.35.240.22
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XhihEgAAADIbusIo&d_uuid=29595584966490368400660703346945224663

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v057-0bec6a275.edge-irl1.demdex.com 5.64.3.20200108083203 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: yuYvh7dpSgA=
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 10 Jan 2020 16:06:42 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XhihEgAAADIbusIo&d_uuid=29595584966490368400660703346945224663
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET id
sigfig.sc.omtrdc.net/ 0
0

GET h
heapanalytics.com/ 0
0

GET sonora.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame 19F9 0
0

GET tag.js
t.a3cloud.net/AM-141554/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8253365

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/specifiprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0833aca37f860167e285f05917d3381fe3ebaf5c842b4f1ea40d08bdadb8f963

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: br
last-modified: Fri, 10 Jan 2020 15:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27908
x-xss-protection: 0
expires: Fri, 10 Jan 2020 16:06:43 GMT

GET
H/1.1 403
Forbidden Primary Request login.jsp Show response
www3.citizensbankonline.com/efs/servlet/efs/ 323 B
595 B 461ms
54ms Document
text/html 104.108.36.219
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.citizensbankonline.com/efs/servlet/efs/login.jsp?next=%2Flanding
Requested by: Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/app-compiled.1dda8d252fdcca6a3ae9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.36.219 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-36-219.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: af96a73d8c60e1d7f3d17e1924881e983d597a2df83639ca0228c7d8931693ab

Request headers

Host: www3.citizensbankonline.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Referer: https://specifi.citizensbankonline.com/f/
Accept-Encoding: gzip, deflate, br
Cookie: __cfduid=d250a792c6e2521376720b3b872f989e31578672401; nv_tc=%7B%22referer%22%3A%22%22%2C%22query%22%3A%22%2Ff%2F%22%7D; AMCVS_2DA155B058A1AEEB0A495E4F%40AdobeOrg=1; AMCV_2DA155B058A1AEEB0A495E4F%40AdobeOrg=-1891778711%7CMCIDTS%7C18272%7CMCMID%7C30017724931606555290689416715325702486%7CMCAAMLH-1579277203%7C6%7CMCAAMB-1579277203%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1578679603s%7CNONE%7CvVersion%7C2.4.0; _hp2_id.3697063019=%7B%22userId%22%3A%220801601917966162%22%2C%22pageviewId%22%3A%226483569720571180%22%2C%22sessionId%22%3A%228373128688428087%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.3697063019=%7B%22z%22%3A0%2C%22ts%22%3A1578672403161%2C%22d%22%3A%22specifi.citizensbankonline.com%22%2C%22h%22%3A%22%2Ff%2F%22%2C%22t%22%3A%22Introducing%20SpeciFi%20digital%20advisor%20%7C%20Citizens%20Investment%20Services%22%2C%22g%22%3A%22%23%2Fprelanding%3Fnext%3D%252Flanding%26route%3D%252Flanding%22%7D; check=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://specifi.citizensbankonline.com/f/

Response headers

Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 323
Expires: Fri, 10 Jan 2020 16:06:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 10 Jan 2020 16:06:43 GMT
Connection: close

GET
H2

200

/
specifi.citizensbankonline.com/site/
Redirect Chain

https://specifi.citizensbankonline.com/l/portfolio/api/portfolios?includeHidden=true&version=2
https://specifi.citizensbankonline.com/site/

16 KB
7 KB

152ms
152ms

XHR
text/html

104.16.131.233
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://specifi.citizensbankonline.com/site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.131.233 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 10 Jan 2020 16:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
status: 200
x-v-cache: MISS web-01.prod.dfw1.std.host
x-static-hostname: app-private-php-01.prod.dfw1.std.host
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html
access-control-allow-origin: https://specifi.citizensbankonline.com
cache-control: max-age=30
access-control-allow-credentials: true
cf-ray: 552fe65a3b9bc84f-AMS
expires: Fri, 10 Jan 2020 16:07:13 GMT

Redirect headers

0: Sigfig-Correlation-Id: 1731759731
1: Sigfig-Multisession-Id: bvwepg
2: X-B3-Sampled: 1
3: X-B3-SpanId: 01DY83ACWPQKRAQCP2ZJCX696S
4: X-B3-TraceId: 1731759731
date: Fri, 10 Jan 2020 16:06:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0, 0
status: 302, 302 Found
x-v-cache: MISS web-02.prod.dfw1.std.host
vary: Accept-Encoding
x-xss-protection: 1; mode=block
location: https://specifi.citizensbankonline.com/site/#/login
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
access-control-allow-origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: app-private-php-03
cf-ray: 552fe6588ee0c84f-AMS
x-v-buffered: no

GET
H2 200 s32980125788605
smetrics.citizensbank.com/b/ss/citizensbankdotcomprod/10/JS-2.5.0/ 3 KB
4 KB 56ms
56ms Script
application/x-javascript 15.188.31.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.citizensbank.com/b/ss/citizensbankdotcomprod/10/JS-2.5.0/s32980125788605?AQB=1&ndh=1&pf=1&callback=s_c_il[6].doPostbacks&et=1&t=10%2F0%2F2020%2017%3A6%3A43%205%20-60&d.&nsid=0&jsonv=1&.d&mid=29626002546023286550658785345795002800&aamlh=6&ce=UTF-8&ns=citizensbank&pageName=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F&g=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F%23%2Fprelanding%3Fnext%3D%252Flanding%26route%3D%252Flanding&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=D%3Dv8&c7=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F&v7=New&v8=11%3A06%20AM%7CFriday&c9=D%3Dv7&v9=CTZ&c10=D%3Dv10&v10=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F&c11=D%3Dv11&v11=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F%23%2Fprelanding%3Fnext%3D%252Flanding%26route%3D%252Flanding&c12=D%3Dv12&v12=%2Ff%2F&c13=D%3Dv13&v13=specifi.citizensbankonline.com&c14=D%3Dv18&v14=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F&c15=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F&v18=.COM&v19=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F&v26=%3A&v32=30017724931606555290689416715325702486&c75=VisitorAPI%20Present&v82=Legacy%20Site&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=4C3B0C3755C3822E7F000101%40AdobeOrg&AQE=1

Requested by

Host: specifi.citizensbankonline.com
URL: https://specifi.citizensbankonline.com/f/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.31.119 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-15-188-31-119.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://specifi.citizensbankonline.com/f/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-aam-tid: +6zjDJJoT7Y=
date: Fri, 10 Jan 2020 16:06:43 GMT
x-content-type-options: nosniff
x-c: master-1061.Iecc33a.M0-311
p3p: CP="This is not a P3P policy"
status: 200
content-length: 3465
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v057-066663ef2.edge-irl1.demdex.com 5.64.3.20200108083203 5ms (+0ms)
pragma: no-cache
last-modified: Sat, 11 Jan 2020 16:06:43 GMT
server: jag
xserver: anedge-5fc496b8d4-wjpkx
etag: 3390173171076661248-4613417061631814107
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 09 Jan 2020 16:06:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d7e8o9i11vi0c.cloudfront.net
URL: https://d7e8o9i11vi0c.cloudfront.net/f/snapengage.html?for=https_specifi_citizensbankonline_com_f_

Domain: snowplow.sigfig.com
URL: https://snowplow.sigfig.com/i?e=pv&page=%2Fprelanding%3Fnext%3D%252Flanding%26route%3D%252Flanding&dtm=1578672403037&tid=391678&vp=1600x1200&ds=1600x1200&vid=1&duid=bbfc7dec11652b7f&p=web&tv=js-1.0.0&fp=462344149&aid=webApp&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F

Domain: sigfig.sc.omtrdc.net
URL: https://sigfig.sc.omtrdc.net/id?d_visid_ver=2.4.0&d_fieldgroup=A&mcorgid=2DA155B058A1AEEB0A495E4F%40AdobeOrg&mid=30017724931606555290689416715325702486&ts=1578672403157

Domain: heapanalytics.com
URL: https://heapanalytics.com/h?a=3697063019&u=0801601917966162&v=6483569720571180&s=8373128688428087&b=web&tv=4.0&z=0&g=%23%2Fprelanding%3Fnext%3D%252Flanding%26route%3D%252Flanding&h=%2Ff%2F&d=specifi.citizensbankonline.com&t=Introducing%20SpeciFi%20digital%20advisor%20%7C%20Citizens%20Investment%20Services&ts=1578672403161&st=1578672403162

Domain: ekr.zdassets.com
URL: https://ekr.zdassets.com/compose/web_widget/sonora.zendesk.com

Domain: t.a3cloud.net
URL: https://t.a3cloud.net/AM-141554/tag.js?nm=am

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.citizensbankonline.com/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Fspecifi.citizensbankonline.com%2Ff%2F%2523%2Fprelanding%253Fnext%253D%25252Flanding%2526route%253D%25252Flanding%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
			.citizensbankonline.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	(Line 2) Message: [PARENT] Got unhandled postMessage: ---destpub-to-parent---canSetThirdPartyCookies\|true
console-api	log	(Line 2) Message: Error, missing Report Suite ID in AppMeasurement initialization
console-api	warning	(Line 2) Message: [PARENT] Got unhandled postMessage: ---destpub-to-parent---canSetThirdPartyCookies\|true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
assets.zendesk.com
cdn.heapanalytics.com
citizensbank.demdex.net
cm.everesttech.net
d7e8o9i11vi0c.cloudfront.net
dpm.demdex.net
ekr.zdassets.com
heapanalytics.com
nexus.ensighten.com
sigfig.demdex.net
sigfig.sc.omtrdc.net
smetrics.citizensbank.com
snowplow.sigfig.com
specifi.citizensbankonline.com
static.zdassets.com
stats.g.doubleclick.net
t.a3cloud.net
www.google-analytics.com
www.googletagmanager.com
www3.citizensbankonline.com
d7e8o9i11vi0c.cloudfront.net
ekr.zdassets.com
heapanalytics.com
sigfig.sc.omtrdc.net
snowplow.sigfig.com
t.a3cloud.net
104.108.36.219
104.16.131.233
104.18.70.113
104.18.71.113
13.224.197.218
143.204.100.16
15.188.31.119
18.197.253.20
2a00:1450:4001:816::200e
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9b
52.30.105.51
54.77.236.71
63.35.240.22
66.117.28.86
95.100.197.46
0833aca37f860167e285f05917d3381fe3ebaf5c842b4f1ea40d08bdadb8f963
0cfc07e61d90f6c7157f1bfa9a75219ca469418243c3e6a103f4e39f00b68917
0d5d7a3e039ee5c0a22e4f5f11aaaf1cb0d62f7e557fb26d475681dc053761e1
13b7433ac21439b5177af4c33db54a8dd85663a5dc59f8d62fce7fb5321af40c
25162608debeb84499c8c4816be33a554ef62a3f1758bddaab7bab7dcdc31a08
2bfbda60590f5ff2b68cf3a5b445ad75b365aaed3eef4e7c8ba65b4317c9abee
31f57ae25f7c0223aad8d0003c44b09f27346d5429cbb5e946a59a8f1592b96b
38cb55e6edf48c58cba0dbaf33593eeab93c9d1d1432e3c2814369e7c8f2c6c4
3991c7d534c427b4040fee8914e949228fa98653410580400ac846d10ffa78b8
47277aea36e67ab0937c5b60c08810317e5765b97ceb0bd11b2b01a58d00e4f5
52271372a653ca264ee154d7af65a0b9bda6d606949ca383155e911ab0f5d617
5c01b89f1421c7720b62d3c22bcdbcc1f94766add7c10aea03a67f850a79975c
68ef14094971c85cb858a14229b66434ba058647685e7995efeb003907843680
691afec73ad5f1f2188a263fa3323de74015b411eaa39c6f2738d8adfd9d3043
695fcf3151a601d1ec094d820b13e09f7a456bdb3fa3dff27c12e203d4e87578
7a6634f8007e34cc9542574eba5c7280b8aa62d44b6f0c1f078ba0845eec436f
8090be467cfd4a5bb3e39da9b8164513175deede5f7fbc87f6bdbdd3ac123ebd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835b385593b503275f5d92ca7b7658391c8cb74e21d22d5c5b0494aeaa506a5f
8f0e9caf990d535e56d1c34c1b4aa37b934afa98713136875a1bda9139af47e6
af96a73d8c60e1d7f3d17e1924881e983d597a2df83639ca0228c7d8931693ab
b51e42f7926a59dcc2d2d09afb98000ce1b61e1e7f0886e93a1454774d170f46
bdf850bd72306e87bd6bf1476ffa01b268749b5d4117acc7e411e11476b7daea
c6757a73b6eb4e333af4a80ffddb38a7599b0cdc8bee64d8d0954b4187a1edf3
cda0755acef70c84d08ecbbaa828d9347366ecf5791d5951997924315cd5b9a4
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd9b46d8732d9cb5706300427219e8bb526a29a5f52d3f617baa0c49a209fd12
ded53dcf9e522208416dfa416f55514ce791ec0c2d86c0d2b29d8ac02310113a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea94e714fa4b4d1304900fd4c5fb6c9be9cad90a0c8d437afa535b3804633aa6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b903b928cd5a9f18c7feba410b3c4d92362fde5ea19d6ce4e3fac7200f25a

www3.citizensbankonline.com Open in urlscan Pro 104.108.36.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

87 %HTTPS

19 %IPv6

16 Domains

21 Subdomains

15 IPs

7 Countries

1563 kBTransfer

5775 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www3.citizensbankonline.com Open in urlscan Pro
104.108.36.219 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

87 %
HTTPS

19 %
IPv6

16
Domains

21
Subdomains

15
IPs

7
Countries

1563 kB
Transfer

5775 kB
Size

2
Cookies

46 HTTP transactions
0 data transactions