urlscan.io logo urlscan.io
SecurityTrails logo

citadelbanking-recover-account.ns01.us Open in urlscan Pro
198.98.48.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://citadelbanking-recover-account.ns01.us/
Effective URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c...
Submission Tags: @ecarlesi threat phishing #citadel Search All
Submission: On September 05 via api from IT — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 3 countries across 48 domains to perform 118 HTTP transactions. The main IP is 198.98.48.120, located in Staten Island, United States and belongs to PONYNET, US. The main domain is citadelbanking-recover-account.ns01.us.
TLS certificate: Issued by R3 on September 5th 2023. Valid for: 3 months.
This is the only time citadelbanking-recover-account.ns01.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23 198.98.48.120 53667 (PONYNET)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 3 2607:f8b0:400... 15169 (GOOGLE)
2 208.89.12.153 11054 (LIVEPERSON)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
14 34.120.154.120 396982 (GOOGLE-CL...)
1 18.67.60.119 16509 (AMAZON-02)
3 3.22.29.254 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 192.0.63.252 62659 (Q2HOLDINGS)
2 2a03:2880:f00... 32934 (FACEBOOK)
4 23.222.5.139 20940 (AKAMAI-ASN1)
2 2a04:4e42:600... 54113 (FASTLY)
3 2620:1ec:bdf::40 8075 (MICROSOFT...)
2 151.101.193.140 54113 (FASTLY)
2 208.89.12.91 11054 (LIVEPERSON)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:1408:8c0... 20940 (AKAMAI-ASN1)
2 44.238.137.106 16509 (AMAZON-02)
3 20.114.189.70 8075 (MICROSOFT...)
2 3.162.3.126 16509 (AMAZON-02)
4 34.85.242.117 396982 (GOOGLE-CL...)
1 2600:9000:20a... 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2 2a03:2880:f10... 32934 (FACEBOOK)
2 208.89.12.87 11054 (LIVEPERSON)
22 24 34.150.170.96 396982 (GOOGLE-CL...)
2 2 2600:9000:269... 16509 (AMAZON-02)
1 192.0.77.40 2635 (AUTOMATTIC)
1 199.127.204.171 26120 (RHYTHMONE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 18.160.18.55 16509 (AMAZON-02)
1 1 2600:9000:215... 16509 (AMAZON-02)
1 1 2600:9000:250... 16509 (AMAZON-02)
1 3.163.101.59 16509 (AMAZON-02)
1 162.248.18.37 62713 (AS-PUBMATIC)
1 38.98.139.150 26558 (FREEWHEEL)
2 3 2600:1901:0:8... 15169 (GOOGLE)
3 4 34.200.65.202 14618 (AMAZON-AES)
1 2 52.0.156.250 14618 (AMAZON-AES)
1 44.213.2.100 14618 (AMAZON-AES)
1 184.28.136.218 16625 (AKAMAI-AS)
1 2 54.86.123.255 14618 (AMAZON-AES)
1 2 63.251.114.182 32475 (SINGLEHOP...)
2 2 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 1 142.250.31.155 15169 (GOOGLE)
1 2 68.67.160.114 29990 (ASN-APPNEX)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
2 2 172.253.63.154 15169 (GOOGLE)
118 49
23    198.98.48.120 (Staten Island, United States)

ASN53667 (PONYNET, US)
citadelbanking-recover-account.ns01.us
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    208.89.12.153 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lptag.liveperson.net
lptag.liveperson.net
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
14    34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com
lpcdn.lpsnmedia.net
1    18.67.60.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-60-119.iad89.r.cloudfront.net
js.adsrvr.org
3    3.22.29.254 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-29-254.us-east-2.compute.amazonaws.com
bs.serving-sys.com
1    2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4004:c0b::63 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    192.0.63.252 (United States)

ASN62659 (Q2HOLDINGS, US)
cdn1.onlineaccess1.com
2    2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    23.222.5.139 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-5-139.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    208.89.12.91 (United States)

ASN11054 (LIVEPERSON, US)
accdn.lpsnmedia.net
4    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2600:1408:8c00::172e:9649 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    44.238.137.106 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-137-106.us-west-2.compute.amazonaws.com
ads.nextdoor.com
flask.nextdoor.com
3    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
2    3.162.3.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-126.yul62.r.cloudfront.net
tags.crwdcntrl.net
4    34.85.242.117 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.242.85.34.bc.googleusercontent.com
i.simpli.fi
1    2600:9000:20aa:9600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
24    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
2    2600:9000:269f:b200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
www.tumblr.com
1    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4280:747a:cfb3:5355:825e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    18.160.18.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-55.iad12.r.cloudfront.net
aa.agkn.com
1    2600:9000:215f:f000:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    2600:9000:2509:2000:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    3.163.101.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-163-101-59.atl58.r.cloudfront.net
sync1.intentiq.com
1    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    38.98.139.150 (Chicago, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
pbid.pro-market.net
4    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
1    44.213.2.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-2-100.compute-1.amazonaws.com
sync.bfmio.com
1    184.28.136.218 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-136-218.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    54.86.123.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-123-255.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
www.googleadservices.com
2    68.67.160.114 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
28 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 3548
um.simpli.fi — Cisco Umbrella Rank: 791
19 KB
23 ns01.us
citadelbanking-recover-account.ns01.us
3 MB
16 lpsnmedia.net
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3870
accdn.lpsnmedia.net — Cisco Umbrella Rank: 3632
667 KB
7 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1551
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2640
49 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
www.linkedin.com — Cisco Umbrella Rank: 625
px4.ads.linkedin.com — Cisco Umbrella Rank: 6371
6 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 900
t.clarity.ms — Cisco Umbrella Rank: 7691
28 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 374
16 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
4 KB
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1363
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
791 B
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 809
bcp.crwdcntrl.net — Cisco Umbrella Rank: 776
37 KB
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2237
36 KB
4 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3685
va.v.liveperson.net — Cisco Umbrella Rank: 4073
119 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2328
pbid.pro-market.net — Cisco Umbrella Rank: 7450
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
627 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 478
512 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
2 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 395
832 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 857
1 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1585
2 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1117
sync1.intentiq.com — Cisco Umbrella Rank: 2963
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 527
d.agkn.com — Cisco Umbrella Rank: 719
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 473
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 388
730 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 753
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
603 B
2 nextdoor.com
ads.nextdoor.com — Cisco Umbrella Rank: 6716
flask.nextdoor.com — Cisco Umbrella Rank: 6338
4 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 760
9 KB
2 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1523
712 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1344
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
93 KB
2 onlineaccess1.com
cdn1.onlineaccess1.com — Cisco Umbrella Rank: 18587
143 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
773 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 149
571 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 729
634 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 584
445 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1567
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 537
608 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 895
514 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6043
175 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 561
187 B
1 tumblr.com
www.tumblr.com — Cisco Umbrella Rank: 9012
1005 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 881
374 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
108 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
912 B
1 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1489
insight.adsrvr.org Failed
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 733
30 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 mdhv.io Failed
jelly.mdhv.io Failed
118 48
Domain Requested by
24 um.simpli.fi 22 redirects citadelbanking-recover-account.ns01.us
23 citadelbanking-recover-account.ns01.us 2 redirects citadelbanking-recover-account.ns01.us
code.jquery.com
14 lpcdn.lpsnmedia.net citadelbanking-recover-account.ns01.us
lptag.liveperson.net
5 bat.bing.com citadelbanking-recover-account.ns01.us
www.googletagmanager.com
bat.bing.com
4 px.ads.linkedin.com 3 redirects citadelbanking-recover-account.ns01.us
4 i.simpli.fi secure-ds.serving-sys.com
i.simpli.fi
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 secure-ds.serving-sys.com citadelbanking-recover-account.ns01.us
secure-ds.serving-sys.com
3 ups.analytics.yahoo.com 2 redirects citadelbanking-recover-account.ns01.us
3 t.clarity.ms www.clarity.ms
3 www.clarity.ms bat.bing.com
www.clarity.ms
3 www.google.com citadelbanking-recover-account.ns01.us
3 bs.serving-sys.com citadelbanking-recover-account.ns01.us
secure-ds.serving-sys.com
3 googleads.g.doubleclick.net 1 redirects citadelbanking-recover-account.ns01.us
www.googletagmanager.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects citadelbanking-recover-account.ns01.us
2 ib.adnxs.com 1 redirects citadelbanking-recover-account.ns01.us
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects citadelbanking-recover-account.ns01.us
2 bcp.crwdcntrl.net 1 redirects citadelbanking-recover-account.ns01.us
2 loadm.exelator.com 1 redirects citadelbanking-recover-account.ns01.us
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects citadelbanking-recover-account.ns01.us
2 eb2.3lift.com 1 redirects citadelbanking-recover-account.ns01.us
2 s.ad.smaato.net 2 redirects
2 va.v.liveperson.net lpcdn.lpsnmedia.net
2 www.facebook.com 1 redirects citadelbanking-recover-account.ns01.us
2 tags.crwdcntrl.net secure-ds.serving-sys.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 accdn.lpsnmedia.net lpcdn.lpsnmedia.net
2 alb.reddit.com citadelbanking-recover-account.ns01.us
2 www.redditstatic.com citadelbanking-recover-account.ns01.us
www.googletagmanager.com
2 connect.facebook.net citadelbanking-recover-account.ns01.us
connect.facebook.net
2 cdn1.onlineaccess1.com citadelbanking-recover-account.ns01.us
2 lptag.liveperson.net citadelbanking-recover-account.ns01.us
1 pixel.rubiconproject.com citadelbanking-recover-account.ns01.us
1 www.googleadservices.com 1 redirects
1 pippio.com 1 redirects
1 stags.bluekai.com citadelbanking-recover-account.ns01.us
1 sync.bfmio.com citadelbanking-recover-account.ns01.us
1 pbid.pro-market.net citadelbanking-recover-account.ns01.us
1 cms.analytics.yahoo.com 1 redirects
1 ads.stickyadstv.com citadelbanking-recover-account.ns01.us
1 image2.pubmatic.com citadelbanking-recover-account.ns01.us
1 sync1.intentiq.com citadelbanking-recover-account.ns01.us
1 sync.intentiq.com 1 redirects
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com citadelbanking-recover-account.ns01.us
1 sync.1rx.io citadelbanking-recover-account.ns01.us
1 www.tumblr.com citadelbanking-recover-account.ns01.us
1 flask.nextdoor.com citadelbanking-recover-account.ns01.us
1 px4.ads.linkedin.com citadelbanking-recover-account.ns01.us
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 ads.nextdoor.com www.googletagmanager.com
1 www.googletagmanager.com citadelbanking-recover-account.ns01.us
1 fonts.googleapis.com citadelbanking-recover-account.ns01.us
1 js.adsrvr.org citadelbanking-recover-account.ns01.us
1 code.jquery.com citadelbanking-recover-account.ns01.us
0 sync.search.spotxchange.com Failed citadelbanking-recover-account.ns01.us
0 jelly.mdhv.io Failed citadelbanking-recover-account.ns01.us
secure-ds.serving-sys.com
0 insight.adsrvr.org Failed citadelbanking-recover-account.ns01.us
118 63

This site contains links to these domains. Also see Links.

Domain
www.citadelbanking.com
online.citadelbanking.com
Subject Issuer Validity Valid
citadelbanking-recover-account.ns01.us
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-02-07 -
2024-02-07		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA		 2023-01-09 -
2024-01-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2022-11-22 -
2023-12-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
onlineaccess1.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-14 -
2023-09-12		 3 months crt.sh
secure-ds.serving-sys.com
R3		 2023-07-11 -
2023-10-09		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-02-28		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-09 -
2024-03-08		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
nextdoor.com
Amazon RSA 2048 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-01-10 -
2024-01-10		 a year crt.sh

This page contains 10 frames:

Primary Page: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Frame ID: 3F68F910A7A63928482DDA3A687EDFAA
Requests: 85 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 70CA0C2012429D4DE6F0D00AABD31754
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2byx6v5&ref=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx%23%2Flogin&upid=18b1cnl&upv=1.1.0
Frame ID: FC4C3D729CC255738CEAD9A028F32C49
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/c/10619/lt.min.js
Frame ID: C252255EA2F14C95A73165F1CF87D2F3
Requests: 1 HTTP requests in this frame

Frame: https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052
Frame ID: CD67CC6B7F5AFA16DA02205B2F798B69
Requests: 25 HTTP requests in this frame

Frame: https://jelly.mdhv.io/v1/star.gif?pid=jURnbr8zBG8MWtyMLPHqJv4oCeBc&src=mh&evt=hi
Frame ID: 9DE0D439FCCD0747A652887AD5FC1199
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&site=71465649&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: C96946A6214486A80415262EF9B9480B
Requests: 1 HTTP requests in this frame

Frame: https://jelly.mdhv.io/v1/star.gif?pid=jURnbr8zBG8MWtyMLPHqJv4oCeBc&src=mh&evt=hi
Frame ID: 465F3DBE02BFB26859EA6EE0E4EA73A2
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/c/10619/lt.min.js
Frame ID: 2924D3A378FEBE77AB2A935422445179
Requests: 1 HTTP requests in this frame

Frame: https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052
Frame ID: 5C567EA3E11E2B16C44D0B56E7672A79
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Citadel FCU

Page URL History Show full URLs

  1. http://citadelbanking-recover-account.ns01.us/ HTTP 301
    https://citadelbanking-recover-account.ns01.us/ HTTP 302
    https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

76 %
HTTPS

34 %
IPv6

48
Domains

63
Subdomains

49
IPs

3
Countries

4685 kB
Transfer

8486 kB
Size

76
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://citadelbanking-recover-account.ns01.us/ HTTP 301
    https://citadelbanking-recover-account.ns01.us/ HTTP 302
    https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4031716%26time%3D1693925294613%26url%3Dhttps%253A%252F%252Fcitadelbanking-recover-account.ns01.us%252Flogin.php%253Fbadge%253D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&cookiesTest=true&liSync=true&e_ipv6=AQLp3RJiVL2LOgAAAYpl0MO4kFQqI9GOhngKgJBTfWX4NVAv9aIRhmE4SZl_qJxVcNFTYlw
Request Chain 85
  • https://www.facebook.com/tr/?id=688706377929917&ev=PageView&dl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&rl=&if=false&ts=1693925294634&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=28&fbp=fb.1.1693925294630.1527733009&cs_est=true&pm=1&hrl=70d299&it=1693925294438&coo=false&cs_cc=1&cas=3925771287484067%2C3162681917134808&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?cas=3925771287484067%2C3162681917134808&coo=false&cs_cc=1&cs_est=true&dl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&ec=0&ev=PageView&fbp=fb.1.1693925294630.1527733009&hrl=70d299&id=688706377929917&if=false&it=1693925294438&o=28&pm=1&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1693925294634&v=2.9.125
Request Chain 93
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F1684AF103944506B17A5ACB6D56C78F&cookieCheck=1 HTTP 302
  • https://www.tumblr.com/ads-user-sync?partner=smaato&uid=7b20aa7f35&gdpr=0&gdpr_consent=
Request Chain 94
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/F1684AF103944506B17A5ACB6D56C78F
Request Chain 95
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=F1684AF103944506B17A5ACB6D56C78F&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=F1684AF103944506B17A5ACB6D56C78F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 96
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=F1684AF103944506B17A5ACB6D56C78F
Request Chain 97
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F1684AF103944506B17A5ACB6D56C78F
Request Chain 98
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1693925295911&ip=38.132.118.67&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212810604630007656666 HTTP 302
  • https://um.simpli.fi/aa_px?sk=212810604630007656666 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 99
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1684AF103944506B17A5ACB6D56C78F&ckls=true&ci=vfA5bLLJZK&nc=false&trid=525672702
Request Chain 100
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F1684AF103944506B17A5ACB6D56C78F
Request Chain 101
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=F1684AF103944506B17A5ACB6D56C78F
Request Chain 102
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=F1684AF103944506B17A5ACB6D56C78F;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=F1684AF103944506B17A5ACB6D56C78F;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-rv2IVrFE2pRanSrOrIyKncqsyIK2UEThDt0-~A
Request Chain 103
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=F1684AF103944506B17A5ACB6D56C78F&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=F1684AF103944506B17A5ACB6D56C78F&j=0&xl8blockcheck=1
Request Chain 104
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1684AF103944506B17A5ACB6D56C78F&verify=true
Request Chain 105
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=F1684AF103944506B17A5ACB6D56C78F
Request Chain 106
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=F1684AF103944506B17A5ACB6D56C78F
Request Chain 107
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=F1684AF103944506B17A5ACB6D56C78F
Request Chain 108
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=F1684AF103944506B17A5ACB6D56C78F&dnr=1
Request Chain 109
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=F1684AF103944506B17A5ACB6D56C78F HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogRjE2ODRBRjEwMzk0NDUwNkIxN0E1QUNCNkQ1NkM3OEYQABoNCLD_3KcGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2f0678cb24c0d0e2653d09b5393e62f485ee5936033e0c17037c359d0bd2fece791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2f0678cb24c0d0e2653d09b5393e62f485ee5936033e0c17037c359d0bd2fece791426b5417dce21&rand=09802788
Request Chain 110
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1693925295549&cv=7&fst=1693925295549&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1298405272&cv=7&fst=1693925295549&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rz_3ZOe0LfiqoPMP8OunyAw&sscte=1&crd=CKG4sQI&pscrd=IhMIp8idvNuTgQMVeBVoCB3w9QnJ HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1298405272&cv=7&fst=1693925295549&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=IhMIp8idvNuTgQMVeBVoCB3w9QnJ&is_vtc=1&ocp_id=rz_3ZOe0LfiqoPMP8OunyAw&cid=CAQSKQBpAlJW6b2XFB68WJMIy_cN_gdDU7lwDXrcXwgBRsZn2x4oKHOnT53X&random=1393597064
Request Chain 111
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=F1684AF103944506B17A5ACB6D56C78F
Request Chain 112
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=F1684AF103944506B17A5ACB6D56C78F HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF1684AF103944506B17A5ACB6D56C78F
Request Chain 113
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F1684AF103944506B17A5ACB6D56C78F&expires=365
Request Chain 114
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=F1684AF103944506B17A5ACB6D56C78F
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPAf0KJZnQ6AMhdFUeZmIOE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F1684AF103944506B17A5ACB6D56C78F HTTP 302
  • https://um.simpli.fi/g_match?id=

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
citadelbanking-recover-account.ns01.us/
Redirect Chain
  • http://citadelbanking-recover-account.ns01.us/
  • https://citadelbanking-recover-account.ns01.us/
  • https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
434 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a305f8d5ac4e7fa432be7ca8098fc8e75ea712e227c9cafe0422129e7308637f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 14:48:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 14:48:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Pragma
no-cache
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
q2-tecton-theme.css
citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/ 		29 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-theme.css
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d4628708699f65539acf57ac596d235a4cc583c12560a27751155b283f2068ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:12 GMT
Last-Modified
Fri, 05 May 2023 05:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a02-75fe"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30206
app.css
citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/ 		120 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/app.css
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2a45a3cfd0b0fa8af0a445e99410dd268776248b26367ca24f017ecb3e7ed1c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a02-1dfd0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
122832
highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2f4f4e3dc0856bd0f5ba0fc25f6597869952556f9c40f4e1b3877d8fe8b587a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a02-152e81"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1388161
base.css
citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/ 		78 B
322 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/base.css
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c9e9ab1c11be0da2ea654af9e97f98228f5ee24f50fb00ad2a37e27f86a3b86c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a04-4e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78
theme-q2-3be9eb26fb212138080388cf113f7fcd.css
citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/theme-q2-3be9eb26fb212138080388cf113f7fcd.css
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
13b29e90471ae30c4d4b24b454d3346829420009d73df825b8397dec0154424f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a04-14a937"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1354039
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
surrogate-control
max-age=315360000;hw-h2proxy
vary
Accept-Encoding
x-hw
1693925293.cdn4-pxy205-mia02.mi1.evs,1693925293.cds223.mi1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000,public
accept-ranges
bytes
content-length
30875
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950291671/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950291671/?random=1683222834779&cv=11&fst=1683222834779&bg=ffffff&guid=ON&async=1&gtm=45He3510&u_w=1366&u_h=768&url=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx&ref=https%3A%2F%2Fwww.citadelbanking.com%2F&hn=www.googleadservices.com&frm=0&tiba=Citadel%20FCU&auid=693226790.1683222814&uaa=x86&uab=64&uafvl=Chromium%3B112.0.5615.138%7CGoogle%2520Chrome%3B112.0.5615.138%7CNot%253AA-Brand%3B99.0.0.0&uamb=0&uap=Windows&uapv=12.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49ccc7d7a3b0cf319d72aa6e27b75c50bceff970084c55badba33661c227304b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tecton-590048df214033d1c1591d552a32c9af.css
citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
66967be43a8a35aee96fd630e243242bb1a0ce28e4bdfb4704381e64a558f3e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a04-2404"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9220
.jsonp
lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/ 		308 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
ws /
Resource Hash
424fec8c61f2e45521482db72fce793b13ceae58e85698eaa12a041bfb9b471e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
134605299.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134605299.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
35321f2739b2957e42732473b426989a2357070ee0312c8222cb1e5828b471d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 05 Sep 2023 14:48:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D42FCDB08E004257851C60017606AA2C Ref B: MIAEDGE1506 Ref C: 2023-09-05T14:48:13Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
br
x-guploader-uploadid
ADPycdsbu3kgUHKe2Wp0ujRbcL_N1-wae9TER-XfYKvJDjToZlF1Xx1-8wYaCOcbEeA82G7EIqEPJoSCEF1k-ReNe4OCWw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Sat, 17 Jun 2023 16:22:59 GMT
server
UploadServer
etag
W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary
Accept-Encoding
x-goog-generation
1687018979345736
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
public,max-age=3600
x-goog-stored-content-length
40455
accept-ranges
none
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		88 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
br
x-guploader-uploadid
ADPycdspXB4yi4savdWkKfnZiSFiO0ZLnEKbIeuxeRTDg3q-JC3FP7yPOVmOrMI7lDPfD80JbhPUnFLeYFXmHgzU6rO0jPDnh4NL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Sat, 17 Jun 2023 16:22:59 GMT
server
UploadServer
etag
W/"8f52a626981f930e71e87f22a5f0080d"
vary
Accept-Encoding
x-goog-generation
1687018979574643
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=D9Dodw==, md5=j1KmJpgfkw5x6H8ipfAIDQ==
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
public,max-age=3600
x-goog-stored-content-length
90535
accept-ranges
none
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		92 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
br
x-guploader-uploadid
ADPycdswKuaHvxfQI8dgM9088hbYNFJ8U_W264pfGZPeyERT7UV4IYxdsyc-A9n6p6ZvwSZGs3jaLdSSN3TbrwL39E89-A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Sat, 17 Jun 2023 16:22:59 GMT
server
UploadServer
etag
W/"d32e789b3183ed4536dc36e4cabf74ec"
vary
Accept-Encoding
x-goog-generation
1687018979737136
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=JX6E+w==, md5=0y54mzGD7UU23Dbkyr907A==
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
public,max-age=3600
x-goog-stored-content-length
93955
accept-ranges
none
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
br
x-guploader-uploadid
ADPycdsgiU6ZBBJpFWi4V-v_SSuF9BabIHtS4BAW5Z6NpJL6jmvgdT-gTr38GDX-Wki9ym-xJMUK83Xm_rEonqwuDi6_9VrY4B9n
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Sat, 17 Jun 2023 16:22:59 GMT
server
UploadServer
etag
W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary
Accept-Encoding
x-goog-generation
1687018979285447
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
public,max-age=3600
x-goog-stored-content-length
7866
accept-ranges
none
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		976 KB
237 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ee154a894141cd3c4b00a7538eaba115b66356dadc2f72425a72b6b6ba395a7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
br
x-guploader-uploadid
ADPycdu-aDUgYtgOgrOp9vXyrlqAu9MBNDokklNfuLEEI8IPP0wz8gb8iRQNa7dyTnu9YEzAwrqwVhwLinwpVYsnLkCuaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Sat, 17 Jun 2023 16:22:59 GMT
server
UploadServer
etag
W/"e14121e1120a46de140ce3d55dbec5b2"
vary
Accept-Encoding
x-goog-generation
1687018979791126
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=zA1O8g==, md5=4UEh4RIKRt4UDOPVXb7Fsg==
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
public,max-age=3600
x-goog-stored-content-length
999172
accept-ranges
none
q2-pendo.js
citadelbanking-recover-account.ns01.us/cdn/pendo/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/pendo/q2-pendo.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cfcda23f40606a339333dbff71f899be62524a7fdbbcd34311eb007be50777a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a0c-1ede"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7902
q2-tecton-elements.esm.js
citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/q2-tecton-elements.esm.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
00d1281b630443e4d7d54eb4120f6b00f10a6bc7f9a68636c3b3e19e6f012f34

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a0e-318e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12686
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-60-119.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 13:55:23 GMT
Content-Encoding
gzip
Via
1.1 615f410a3a080a335933e9fa08c15260.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD89-P1
Age
3171
ETag
W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
mT9iceVuguMU18di0dX-nshbOtCyVAoyZusl_y9ReXZQMuYC5kewKA==
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134605299&tm=gtm002&Ver=2&mid=db6d6937-00c8-4deb-86df-4d35ac3bdca2&sid=978a3c60eaa411edbd2f55eb9cd6dae4&vid=978a44d0eaa411ed804713a4cc1839e8&vids=0&msclkid=N&uach=pv%3D12.0.0&pi=918639831&lg=en-US&sw=1366&sh=768&sc=24&tl=Citadel%20FCU&p=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx&r=https%3A%2F%2Fwww.citadelbanking.com%2F&lt=3025&evt=pageLoad&sv=1&rn=193761
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 14:48:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B8DBE5B95E044A81930620434EE28CA6 Ref B: MIAEDGE1506 Ref C: 2023-09-05T14:48:13Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
Serving
bs.serving-sys.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073743235&dispType=js&sync=0&sessionid=8705209511755035516&pageurl=$$https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx$$&activityValues=$$Session%3D1803009043109511066$$&ns=0&rnd=5867917631420261&referrer=$$https%3A%2F%2Fwww.citadelbanking.com%2F$$&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.29.254 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-29-254.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3489fd639e07b4fdcd8e7195a578ae7b9f017c5327fa121fafc11dac3cea6fea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
841
expires
Sun, 05-Jun-2005 22:00:00 GMT
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 13:49:13 GMT
content-encoding
br
age
3540
x-guploader-uploadid
ADPycdtPz9cLnfn7dWWl_Rp-NhHKp-Mfv2dI-6irfJhzqo-qWq7ZEFVu7dbIZKgYQGwcceWZxo_c6xOAcLsC_ZgLPnaaSm0xYdI-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13399
last-modified
Sat, 17 Jun 2023 09:58:12 GMT
server
UploadServer
etag
W/"c45eeed74a24f46b0e7a5c5faaae4731"
vary
Accept-Encoding
x-goog-generation
1686995892942818
x-goog-hash
crc32c=s01eVg==, md5=xF7u10ok9GsOelxfqq5HMQ==
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
public,max-age=3600
x-goog-stored-content-length
38358
accept-ranges
none
content-type
application/javascript
ncua_logo_small-b690f247c19ea4970c9d08b2b479f16a.png
citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/images/ncua_logo_small-b690f247c19ea4970c9d08b2b479f16a.png
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e0553d5e1f49291bd1730745a95e155e6951aebb077378914eb2816b059a6448

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a02-f54"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3924
css
fonts.googleapis.com/ 		3 KB
912 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis:300,400,500&display=swap
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abba7247f0ef6bdb47970b488883dc3a4757d62903501436984f237906e9203b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 13:24:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 14:48:13 GMT
/
www.google.com/pagead/1p-user-list/950291671/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/950291671/?random=1683222834779&cv=11&fst=1683219600000&bg=ffffff&guid=ON&async=1&gtm=45He3510&u_w=1366&u_h=768&url=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx&ref=https%3A%2F%2Fwww.citadelbanking.com%2F&frm=0&tiba=Citadel%20FCU&fmt=3&is_vtc=1&random=1081263883&rmt_tld=0&ipr=y
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::63 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		411 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5993b6c76709eba4328dada0852fd769c52596e515dcf892dace75dd01066985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110639
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Sep 2023 14:48:14 GMT
ember-template-compiler.js
citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/ 		349 KB
349 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/ember-template-compiler.js?_=1693925293870
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5eb0a8bf4778c5e21b4c42e0bce39184746ffe6537871c6f3c80919e6142c275

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://citadelbanking-recover-account.ns01.us/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a0e-574ea"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
357610
pendo-2.110.2_a.js
cdn1.onlineaccess1.com/cdn/static/q2-pendo/ 		430 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.onlineaccess1.com/cdn/static/q2-pendo/pendo-2.110.2_a.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/pendo/q2-pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.63.252 , United States, ASN62659 (Q2HOLDINGS, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80839a5e252a2bfccb67fd501dc5675e3300b7a4ca74406d6a37ef7ce7c50de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 16:21:43 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
etag
W/"64835197-6b94f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
timing-allow-origin
*
access-control-allow-headers
*
cf-ray
801f459f8b2567b7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Sep 2023 14:48:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
/F/GH4yRnTuhJ3Y8xf/deo3szMuJZT5yy42DyoKsX0kwCwH3xaK0OWSEpOolewjbRvkxHNB87gCbtj/S6eo6Eg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.139 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-139.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2ca9b16cf6f36ce0ea89f5ab98181eb2628ed9c214921af33e281b85a3efaaf7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2023 14:39:07 GMT
server
AmazonS3
x-amz-request-id
Q3SDHVHBKQA7C28Q
x-amz-cf-pop
JFK52-P1
etag
"96382cdc41be13b5fb94b870287ad6fe"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
0xGfLi0o0o7YxyqsKVRnbyqFiWTjHnE5O7nZ_wNHjAJdHs-BVtTqeQ==
x-amz-id-2
1pzeF8BRTVD8iXZHF73nmGvT3s676rmrPISXSq1PSfIvUF57svZ6cJkEp6vVanp9HGxuM6BVx7Q=
content-length
21733
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 70CA 		39 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age
2963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
br
content-length
13676
content-type
text/html
date
Tue, 05 Sep 2023 13:58:50 GMT
etag
W/"c324135b527679ce95ee8393a719af9d"
last-modified
Sat, 17 Jun 2023 09:58:13 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1686995892984320
x-goog-hash
crc32c=Au+7sg== md5=wyQTW1J2ec6V7oOTpxmvnQ==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
39463
x-guploader-uploadid
ADPycdt-NDwM9JvrqE_7E5gcl_qYXhNILophrl9d5BSOBrusMq-o1iPUzazY1tsUPg_lte3pkKG4yxYeI0Dfu7NmIwoJHO6_2vqR
tag.js
lptag.liveperson.net/tag/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=71465649
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
ws /
Resource Hash
07c2ef0fac89b65b6f0877cb66f64a74469b2ad8759bf41097a8c76b8ff782bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 22 Aug 2023 10:45:27 GMT
server
ws
etag
"64e491c7-2494"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
9364
p-f844ee08.js
citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/p-f844ee08.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3f749d60188fe2e7fbb9959fabb7dc00a62a45bb1f0dd2b7764e24f34ef75b41

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a0e-5b4a"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23370
p-ad63be1e.js
citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/tecton/v1.8.7/q2-tecton-elements/q2-tecton-elements/p-ad63be1e.js
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1ed8fdc986ec25860aca0e4d79dc21a0508cf7b2ee69cf8eb45721539d99c01

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a0e-833"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2099
up
insight.adsrvr.org/track/ Frame FC4C 		0
0
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
logo_large-b9d56583bd20afb2c2fd585c304d8fe2.png
cdn1.onlineaccess1.com/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/images/logos/ 		11 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.onlineaccess1.com/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/images/logos/logo_large-b9d56583bd20afb2c2fd585c304d8fe2.png
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/theme-q2-3be9eb26fb212138080388cf113f7fcd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.63.252 , United States, ASN62659 (Q2HOLDINGS, US),
Reverse DNS
Software
cloudflare /
Resource Hash
826f4907a40c5811a9ceacc94e00a75cad0b9761abb9e24f4af566fe1bd9ed7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 14:15:52 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
etag
W/"644a8398-2c09"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
timing-allow-origin
*
access-control-allow-headers
*
cf-ray
801f459f8b2467b7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
OpenSans-Regular.woff
citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/ 		106 B
364 B 		Font
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Regular.woff
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
67bb5ea879197749b358d19227bbd5163e3e716b5639a1dd5e3ab9f5682d3eb9

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a02-6a"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106
OpenSans-Semibold.woff
citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/ 		107 B
365 B 		Font
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Semibold.woff
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e81f7bc551d1536936fba9fa924fd345ef199720ed67a3ca7c6b02ad0cf5efa3

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:13 GMT
Last-Modified
Fri, 05 May 2023 05:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a02-6b"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107
134605299
www.clarity.ms/tag/uet/ 		1022 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/134605299
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/134605299.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bfcd145340690dfd04eff4952c54ba715d6f81a106256245099d027f714fa2af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
-1
date
Tue, 05 Sep 2023 14:48:14 GMT
x-azure-ref
20230905T144814Z-r80rnuk14d57rcg815xt2htk3n0000000bk0000000017g8n
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1022
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
OpenSans-Regular.ttf
citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Regular.ttf
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:14 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
OpenSans-Semibold.ttf
citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Semibold.ttf
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/tecton-590048df214033d1c1591d552a32c9af.css
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:14 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1693925294029&id=t2_v5ag9w85&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=bcea43f1-b3ba-46f8-9293-eeba85223dba&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
OpenSans-Semibold.woff
citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Semibold.woff
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:14 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
OpenSans-Regular.woff
citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/ 		139 B
397 B 		Font
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.woff
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d18a57b29db8a08ba71ad132233d6b0f20b3b5c3e60522d355136a8a095e52d0

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:14 GMT
Last-Modified
Fri, 05 May 2023 05:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"64549a02-8b"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
139
/
accdn.lpsnmedia.net/api/account/71465649/configuration/setting/accountproperties/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/71465649/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
e993792999076dbdec72a33c6e816a85a6c8a4daafd344f44da4fcd1a935b8b8
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 05 Sep 2023 14:48:47 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ui-framework.js?version=10.30.1.0-release_5605
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:45:43 GMT
content-encoding
br
age
252151
x-guploader-uploadid
ADPycduZPxt1Zx0n_cHCvAPipVHrpLYhW-Z8Y0XfTckgVou_5qDApeU9B7R5JLHyjNyn4S_qvE9HX6vKVYPsKR4vzV5pX2Jl_xy7
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12456
last-modified
Fri, 25 Aug 2023 01:06:22 GMT
server
UploadServer
etag
W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary
Accept-Encoding
x-goog-generation
1692925582165392
x-goog-hash
crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
max-age=31536000,public
x-goog-stored-content-length
40455
accept-ranges
none
content-type
application/javascript
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/UMSClientAPI.min.js?version=10.30.1.0-release_5605
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ee01d15ad37daf31ddfb93ff91c06dbb583e5b9c58d6a3d868ec8d66c889bc39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:45:43 GMT
content-encoding
br
age
252151
x-guploader-uploadid
ADPycdta1UsRuJkpOcpmC0LRue59kDT6Bzs99CcdIZFaf0o4vM5EjwKt9xEoqgAol5GhxUQ6IVkOIQ2TMpW8meSi9Mafr999pLhP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25453
last-modified
Fri, 25 Aug 2023 01:06:22 GMT
server
UploadServer
etag
W/"0ff5f09769ba7197844be8db03827b08"
vary
Accept-Encoding
x-goog-generation
1692925582079005
x-goog-hash
crc32c=VCkrzg==, md5=D/Xwl2m6cZeES+jbA4J7CA==
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
max-age=31536000,public
x-goog-stored-content-length
92694
accept-ranges
none
content-type
application/javascript
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 		92 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/lpChatV3.min.js?version=10.30.1.0-release_5605
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:45:43 GMT
content-encoding
br
age
252151
x-guploader-uploadid
ADPycdtuchNloszsPJbydkEt4erX-HvkNBYjvz3-QjezHH7glyX9Ij_FG38HBbMQmIj-K-sYzqqnMR2tB2Hke_crJNtVGQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26334
last-modified
Fri, 25 Aug 2023 01:06:22 GMT
server
UploadServer
etag
W/"1b9875038c28f82d87ab6ea5ec9c7ef1"
vary
Accept-Encoding
x-goog-generation
1692925582081337
x-goog-hash
crc32c=RKdNnA==, md5=G5h1A4wo+C2Hq26l7Jx+8Q==
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
max-age=31536000,public
x-goog-stored-content-length
94041
accept-ranges
none
content-type
application/javascript
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/surveylogicinstance.min.js?version=10.30.1.0-release_5605
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:45:43 GMT
content-encoding
br
age
252151
x-guploader-uploadid
ADPycdvlP_IuIYX7Z2CT0cKosUIQBUQ6loJiISIJEk0t9mCWj8yxOlgE3Tdk_RUh73jSRyGpzXN-DzA4OgAe3baY53KUZ6-wspt3
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2379
last-modified
Fri, 25 Aug 2023 01:06:22 GMT
server
UploadServer
etag
W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary
Accept-Encoding
x-goog-generation
1692925582263082
x-goog-hash
crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
max-age=31536000,public
x-goog-stored-content-length
7866
accept-ranges
none
content-type
application/javascript
zones
accdn.lpsnmedia.net/api/account/71465649/configuration/le-campaigns/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/71465649/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
2429e64dccee800df3e59a1861294ef4f54ce6f9e6c6496a207c894d6b58e851
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 05 Sep 2023 14:48:47 GMT
clarity.js
www.clarity.ms/s/0.7.10/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/134605299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
br
last-modified
Sun, 03 Sep 2023 09:54:41 GMT
etag
W/"0x8DBAC63CB8CA026"
vary
Accept-Encoding
x-azure-ref
20230905T144814Z-r80rnuk14d57rcg815xt2htk3n0000000bk0000000017g96
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0c89f93f-c01e-0082-7e6d-de6f65000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 		999 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/desktopEmbedded.js?version=10.30.1.0-release_5605
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e06f7140273b0fe1887c41528b4343ccb90e4f65f722869edd5fd8ec8e991459

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:45:43 GMT
content-encoding
br
age
252151
x-guploader-uploadid
ADPycdtjj8wcakv6uxMNvjs7lzDRfvA65izDH2LiZuJrLxnjNcYGIxbJnu_JeidVZexth0967-QESUQlV1hu_INe82zaAoQNTb5k
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247912
last-modified
Fri, 25 Aug 2023 01:06:22 GMT
server
UploadServer
etag
W/"e4a9484321f3bfad0d26ac8190ce10c2"
vary
Accept-Encoding
x-goog-generation
1692925582775638
x-goog-hash
crc32c=IS4lQw==, md5=5KlIQyHzv60NJqyBkM4Qwg==
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
max-age=31536000,public
x-goog-stored-content-length
1022822
accept-ranges
none
content-type
application/javascript
OpenSans-Semibold.ttf
citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Semibold.ttf
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:14 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
OpenSans-Regular.ttf
citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.ttf
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.98.48.120 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/highcontrast-a5e44f00cc4b224a73d408a5967fbf7c.css
Origin
https://citadelbanking-recover-account.ns01.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 14:48:14 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
1073743235
secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/ 		2 KB
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/1073743235
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.139 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-139.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6d54a86d4c9175b78d098370bba18634b0366d8c047bb49cfe0df9ca5439470a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
D99PwiwxsBo2ly_ZqiJL5gvtv.IhrZlW
content-encoding
gzip
date
Tue, 05 Sep 2023 14:48:14 GMT
last-modified
Mon, 12 Jun 2023 15:12:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
etag
"4c66c6237100b8b004cf8a6125c3e3e3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=87
accept-ranges
bytes
x-amz-cf-id
KYzr68XsJ7NQ9yTO2HZX3rhXgiK3ILCqsHkRdIfFBNDqO75EX-8DSw==
content-length
585
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950291671/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950291671/?random=1693925294315&cv=11&fst=1693925294315&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&hn=www.googleadservices.com&frm=0&tiba=Citadel%20FCU&auid=345845721.1693925294&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ec1cb08bc93a4e272c5606043dad60227e370499b829e93799634ffb2f7de8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2312.js
script.crazyegg.com/pages/scripts/0084/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0084/2312.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2c106f284c1e6556e26e313208730fd31cc3aa4ef97d951bee19baea55a85c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
111877
cf-polished
origSize=6004
ce-version
11.5.121
cf-bgj
minify
last-modified
Mon, 04 Sep 2023 07:43:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
801f45a2190b257d-MIA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:8c00::172e:9649 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=82493
accept-ranges
bytes
content-length
3822
bat.js
bat.bing.com/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 05 Sep 2023 14:48:13 GMT
last-modified
Fri, 28 Jul 2023 18:19:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 80C02E07B1FD4D68B777D08E45978CA9 Ref B: MIAEDGE1506 Ref C: 2023-09-05T14:48:14Z
etag
"806f3b1280c1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12469
pixel.js
www.redditstatic.com/ads/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
ndp.js
ads.nextdoor.com/public/pixel/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.nextdoor.com/public/pixel/ndp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6HFGV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.137.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-137-106.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
4db51950bb9fdd01735b89f5d77793fac82b83033dd2d61fadaa89ce412cd139
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-security-policy
frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding
gzip
last-modified
Thu, 31 Aug 2023 20:35:31 GMT
server
istio-envoy
etag
W/"64f0f993-1c84"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
4
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.139 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-139.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2ca9b16cf6f36ce0ea89f5ab98181eb2628ed9c214921af33e281b85a3efaaf7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
last-modified
Wed, 23 Aug 2023 14:39:07 GMT
server
AmazonS3
x-amz-request-id
Q3SDHVHBKQA7C28Q
x-amz-cf-pop
JFK52-P1
etag
"96382cdc41be13b5fb94b870287ad6fe"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
0xGfLi0o0o7YxyqsKVRnbyqFiWTjHnE5O7nZ_wNHjAJdHs-BVtTqeQ==
x-amz-id-2
1pzeF8BRTVD8iXZHF73nmGvT3s676rmrPISXSq1PSfIvUF57svZ6cJkEp6vVanp9HGxuM6BVx7Q=
content-length
21733
rp.gif
alb.reddit.com/ 		42 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1693925294323&id=t2_v5ag9w85&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=bcea43f1-b3ba-46f8-9293-eeba85223dba&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
collect
t.clarity.ms/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://citadelbanking-recover-account.ns01.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://citadelbanking-recover-account.ns01.us
Date
Tue, 05 Sep 2023 14:48:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Serving
bs.serving-sys.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073743235&dispType=js&sync=0&sessionid=5672532731720040804&pageurl=$$https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1$$&activityValues=$$Session%3D2080257040277930555$$&ns=0&rnd=3835972950&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.29.254 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-29-254.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e9b5de2763d0573db70a79cd2c4fe3fbe3f71b8d5181d216692eb2070f482b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
844
expires
Sun, 05-Jun-2005 22:00:00 GMT
688706377929917
connect.facebook.net/signals/config/ 		167 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/688706377929917?v=2.9.125&r=stable&domain=citadelbanking-recover-account.ns01.us
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e662b1fbcedf78ff964580d24339d13138541d63904f1046df7606cbe313dc28
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Sep 2023 14:48:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
vtbyHhYFRCjLXW5lYAfqRy7G7DgPEQNLCk8r/0AH4hhvtTLaM5kwchI6LwREPyFXwV0dF7JVjOjRmC9Auqc9hQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
134605299.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134605299.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
35321f2739b2957e42732473b426989a2357070ee0312c8222cb1e5828b471d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 05 Sep 2023 14:48:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0E8BBD71F3544E42BBDDE5F8D2DEE18A Ref B: MIAEDGE1506 Ref C: 2023-09-05T14:48:14Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134605299&tm=gtm002&Ver=2&mid=d12257d4-a86a-437a-8d11-f2fbcbc40b26&sid=3e0520c04bfb11eeaf6c3b4b7048358f&vid=3e055e404bfb11ee927acb82522180a2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Citadel%20FCU&p=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&r=&lt=2010&evt=pageLoad&sv=1&rn=744664
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 14:48:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5DE0047CACCF4CADB3238AD36F127938 Ref B: MIAEDGE1506 Ref C: 2023-09-05T14:48:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
1073743235
secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/ 		2 KB
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/1073743235
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.139 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-139.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6d54a86d4c9175b78d098370bba18634b0366d8c047bb49cfe0df9ca5439470a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
D99PwiwxsBo2ly_ZqiJL5gvtv.IhrZlW
content-encoding
gzip
date
Tue, 05 Sep 2023 14:48:14 GMT
last-modified
Mon, 12 Jun 2023 15:12:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
etag
"4c66c6237100b8b004cf8a6125c3e3e3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=87
accept-ranges
bytes
x-amz-cf-id
KYzr68XsJ7NQ9yTO2HZX3rhXgiK3ILCqsHkRdIfFBNDqO75EX-8DSw==
content-length
585
citadelbanking-recover-account.ns01.us.json
script.crazyegg.com/pages/data-scripts/0084/2312/site/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0084/2312/site/citadelbanking-recover-account.ns01.us.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0084/2312.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992bf193da41c2d52c1d8f70864b625a3720103ddcf56990736ba42e1e18796d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Sep 2023 14:48:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.121
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
801f45a2c9044c06-MIA
content-length
2400
/
www.google.com/pagead/1p-user-list/950291671/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/950291671/?random=1693925294315&cv=11&fst=1693922400000&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&frm=0&tiba=Citadel%20FCU&fmt=3&is_vtc=1&random=2274402465&rmt_tld=0&ipr=y
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::63 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/10619/ Frame C252 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/10619/lt.min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-126.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d43dd1d62d812cd57c0457fa0012d2ac274aea11741326e6c512af1e6bdd4f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:36:12 GMT
content-encoding
gzip
via
1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
last-modified
Fri, 09 Jun 2023 21:00:12 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
83523
etag
W/"ae4e10aab27d2a567fb2af9510a6b883"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
pfZbv0lI_HluCsRcu3P2945HLdErBHovKJz2sb2vjqdEMRHR4nJ06w==
dpx.js
i.simpli.fi/ Frame CD67 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.85.242.117 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.242.85.34.bc.googleusercontent.com
Software
/
Resource Hash
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3095
x-request-id
F4IIFKhV0yX2-UR_zyrG
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
star.gif
jelly.mdhv.io/v1/ Frame 9DE0 		0
0
Serving
bs.serving-sys.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073743235&dispType=js&sync=0&sessionid=3249448982390470544&pageurl=$$https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1$$&activityValues=$$Session%3D3309823245919475410$$&ns=0&rnd=2377474170&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.29.254 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-29-254.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e14d6a697fc7454cb825a0347aa1c6eefab8e2090133952595dec592b727b87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
844
expires
Sun, 05-Jun-2005 22:00:00 GMT
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame C969 		39 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&site=71465649&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Request headers

Referer
https://citadelbanking-recover-account.ns01.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age
2964
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
br
content-length
13676
content-type
text/html
date
Tue, 05 Sep 2023 13:58:50 GMT
etag
W/"c324135b527679ce95ee8393a719af9d"
last-modified
Sat, 17 Jun 2023 09:58:13 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1686995892984320
x-goog-hash
crc32c=Au+7sg== md5=wyQTW1J2ec6V7oOTpxmvnQ==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
39463
x-guploader-uploadid
ADPycdt-NDwM9JvrqE_7E5gcl_qYXhNILophrl9d5BSOBrusMq-o1iPUzazY1tsUPg_lte3pkKG4yxYeI0Dfu7NmIwoJHO6_2vqR
134605299
www.clarity.ms/tag/uet/ 		1022 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/134605299
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/134605299.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bfcd145340690dfd04eff4952c54ba715d6f81a106256245099d027f714fa2af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
-1
date
Tue, 05 Sep 2023 14:48:14 GMT
x-azure-ref
20230905T144814Z-r80rnuk14d57rcg815xt2htk3n0000000bk0000000017gb9
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1022
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:8c00::172e:9649 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=14964
accept-ranges
bytes
content-length
4862
star.gif
jelly.mdhv.io/v1/ Frame 465F 		0
0
lt.min.js
tags.crwdcntrl.net/lt/c/10619/ Frame 2924 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/10619/lt.min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-126.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d43dd1d62d812cd57c0457fa0012d2ac274aea11741326e6c512af1e6bdd4f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:36:12 GMT
content-encoding
gzip
via
1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
last-modified
Fri, 09 Jun 2023 21:00:12 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
83523
etag
W/"ae4e10aab27d2a567fb2af9510a6b883"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
T02hAPjXYrvnjpI9Fq569QgohN0mgeV1Kb_AllKeLRC4DBXty3GPrw==
dpx.js
i.simpli.fi/ Frame 5C56 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073743235
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.85.242.117 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.242.85.34.bc.googleusercontent.com
Software
/
Resource Hash
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3095
x-request-id
F4IIFKhYZ0zZxKNczipH
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/4031716/domain/citadelbanking-recover-account.ns01.us/ 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4031716/domain/citadelbanking-recover-account.ns01.us/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20aa:9600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://citadelbanking-recover-account.ns01.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:46:52 GMT
content-encoding
gzip
via
1.1 a97d638d4e395a6f27b927572cf3bfda.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
82
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
gFqgRvAota4z-r3xOPOOksHrq5o7r92thcfIQBXdqY3N1v-eVhKutA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4031716%26time%3D1693925294613%26url%3Dhttps%253A%252F%252Fcitadelbanking-recover...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da9...
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&cookiesTest=true&liSync=true&e_ipv6=AQLp3RJiVL2LOgAAAYpl0MO4kFQqI9GOhngKgJBTfWX4NVAv9aIRhmE4SZl_qJxVcNFTYlw
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 81C1583C2CCF40508317CE70E1FCF002 Ref B: MIAEDGE1410 Ref C: 2023-09-05T14:48:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEnbd+60EhsDUtWWnMLg==

Redirect headers

date
Tue, 05 Sep 2023 14:48:14 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E7A7751F06F64F96A98389FD712C30ED Ref B: MIAEDGE1317 Ref C: 2023-09-05T14:48:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4031716&time=1693925294613&url=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&cookiesTest=true&liSync=true&e_ipv6=AQLp3RJiVL2LOgAAAYpl0MO4kFQqI9GOhngKgJBTfWX4NVAv9aIRhmE4SZl_qJxVcNFTYlw
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEnbd8YpOiV0Cw8++9Jw==
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/71465649/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:00:22 GMT
content-encoding
br
age
2872
x-guploader-uploadid
ADPycdv9J3mlQXUDys7Gihz0qN6hX_BL3wAKBadq-ZK8T7aEs-ApkTGdRJofwzxuxwztD5dd1WAeKEHDoy7dpC9dVPCdLg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13407
last-modified
Sat, 17 Jun 2023 09:58:12 GMT
server
UploadServer
etag
W/"c45eeed74a24f46b0e7a5c5faaae4731"
vary
Accept-Encoding
x-goog-generation
1686995892942818
x-goog-hash
crc32c=s01eVg==, md5=xF7u10ok9GsOelxfqq5HMQ==
access-control-allow-origin
*
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control
public,max-age=3600
x-goog-stored-content-length
38358
accept-ranges
none
content-type
application/javascript
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=688706377929917&ev=PageView&dl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&rl=&if=false&ts=1693925294634&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=28&fbp=fb...
  • https://www.facebook.com/tr/?cas=3925771287484067%2C3162681917134808&coo=false&cs_cc=1&cs_est=true&dl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&ec=0&ev=PageView&fbp=fb.1.1693925294630.15...
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?cas=3925771287484067%2C3162681917134808&coo=false&cs_cc=1&cs_est=true&dl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&ec=0&ev=PageView&fbp=fb.1.1693925294630.1527733009&hrl=70d299&id=688706377929917&if=false&it=1693925294438&o=28&pm=1&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1693925294634&v=2.9.125
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 05 Sep 2023 14:48:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
content-type
text/plain
location
/tr/?cas=3925771287484067%2C3162681917134808&coo=false&cs_cc=1&cs_est=true&dl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us&ec=0&ev=PageView&fbp=fb.1.1693925294630.1527733009&hrl=70d299&id=688706377929917&if=false&it=1693925294438&o=28&pm=1&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1693925294634&v=2.9.125
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
b2625509b46b716ab8df67870a7d87b8.js
script.crazyegg.com/pages/versioned/common-scripts/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/b2625509b46b716ab8df67870a7d87b8.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0084/2312.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc9a4bdde5c48a39cabd8840dec8bd11281dcdd167cf4440f383f01ad3ab123

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 15:03:06 GMT
server
cloudflare
age
346189
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
801f45a39bee257d-MIA
content-length
31312
71465649
va.v.liveperson.net/api/js/ 		231 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/71465649?&cb=lpCb77358x79493&t=sp&ts=1693925294087&pid=7538267816&tid=9092025837&pt=Citadel%20FCU&u=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
00c3d7dbb2cfaf52edcf086de98e3a1c9cc795f94e412c8fae93029e7ca177fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
citadelbanking-recover-account.ns01.us.json
script.crazyegg.com/pages/data-scripts/0084/2312/sampling/ 		242 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0084/2312/sampling/citadelbanking-recover-account.ns01.us.json?t=470534
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/b2625509b46b716ab8df67870a7d87b8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc809483fffc75dae95888a92206e7487a5a87cdd6cd5f2d8a7f7b58ec11357e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Sep 2023 14:48:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.121
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
801f45a3faef4c06-MIA
content-length
178
pixel
flask.nextdoor.com/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flask.nextdoor.com/pixel?pid=1fa3ad06-e4b3-40b4-b4b1-1da7a3bcc1fb&vrs=7.1&ev=PAGE_VIEW&pl=https%3A%2F%2Fcitadelbanking-recover-account.ns01.us%2Flogin.php%3Fbadge%3D7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1&ndclid=&ndclid_src=0&rf=&sem=&tm=1&iid=1880df1e-bbe1-4c56-a3ec-f607f3dc9ba0&pageid=8bbc7fc2-5bad-4e2b-be1b-151fc53d15be&sessionid=3155f9d2-959f-4705-84c8-84531e927eb6
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.137.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-137-106.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:14 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
context-id
b129ea07-ed06-475e-b621-3933eb78d29d
71465649
va.v.liveperson.net/api/js/ 		110 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/71465649?sid=xE-HQg8XTaCWAPnhp_-5HA&cb=lpCb68311x9115&t=pl&ts=1693925294642&pid=7538267816&tid=9092025837&vid=E2YjNmZTNiNzY4ZGY0MmYx
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fonline.citadelbanking.com&site=71465649&force=1&env=prod&accdn=accdn.lpsnmedia.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
3b4f4a4932afc89a20697d3396d5d07159b65fc2fa72e29a25cb786da6cb182b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
collect
t.clarity.ms/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://citadelbanking-recover-account.ns01.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://citadelbanking-recover-account.ns01.us
Date
Tue, 05 Sep 2023 14:48:15 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
p
i.simpli.fi/ Frame CD67 		809 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=&cb=sifi_att_1271794597506671._hp
Requested by
Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.85.242.117 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.242.85.34.bc.googleusercontent.com
Software
/
Resource Hash
527143206799bb2eb99e1c69ea0bdd3b8b012795adc338f9023d760d14121ab6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
ads-user-sync
www.tumblr.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F1684AF103944506B17A5ACB6D56C78F
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F1684AF103944506B17A5ACB6D56C78F&cookieCheck=1
  • https://www.tumblr.com/ads-user-sync?partner=smaato&uid=7b20aa7f35&gdpr=0&gdpr_consent=
70 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=7b20aa7f35&gdpr=0&gdpr_consent=
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-nVj6qGSXazUSUvI5S4PpoOE'; object-src 'none'; worker-src blob:; base-uri 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nc
mia 1
date
Tue, 05 Sep 2023 14:48:16 GMT
content-security-policy
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-nVj6qGSXazUSUvI5S4PpoOE'; object-src 'none'; worker-src blob:; base-uri 'self';
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; preload
x-frame-options
deny
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
content-type
image/png
x-rid
5d4a0e3f7597b0918c595539cc736bf6
content-length
70
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

date
Tue, 05 Sep 2023 14:48:16 GMT
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=7b20aa7f35&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
PIGjyOuxLUhwpeYAgyyhCFKFGGNP9L-gDAqR8l8v-K3FH2czu0vKLA==
F1684AF103944506B17A5ACB6D56C78F
sync.1rx.io/usersync/simplifi/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/F1684AF103944506B17A5ACB6D56C78F
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/simplifi/F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 14:48:15 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0

Redirect headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.1rx.io/usersync/simplifi/F1684AF103944506B17A5ACB6D56C78F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Sep 2023 14:48:15 GMT
xuid
eb2.3lift.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=F1684AF103944506B17A5ACB6D56C78F&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=F1684AF103944506B17A5ACB6D56C78F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=F1684AF103944506B17A5ACB6D56C78F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 05 Sep 2023 14:48:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7969&xuid=F1684AF103944506B17A5ACB6D56C78F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date
Tue, 05 Sep 2023 14:48:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
simplifi.partners.tremorhub.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=F1684AF103944506B17A5ACB6D56C78F
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
2600:1f18:612b:4280:747a:cfb3:5355:825e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 05 Sep 2023 14:48:15 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=F1684AF103944506B17A5ACB6D56C78F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Sep 2023 14:48:15 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F1684AF103944506B17A5ACB6D56C78F
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F1684AF103944506B17A5ACB6D56C78F
95 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F1684AF103944506B17A5ACB6D56C78F
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F1684AF103944506B17A5ACB6D56C78F
  • https://d.agkn.com/pixel/10751/?che=1693925295911&ip=38.132.118.67&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212810604630007656666
  • https://um.simpli.fi/aa_px?sk=212810604630007656666
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Tue, 05 Sep 2023 14:48:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1684AF103944506B17A5ACB6D56C78F
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1684AF103944506B17A5ACB6D56C78F&ckls=true&ci=vfA5bLLJZK&nc=false&trid=525672702
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1684AF103944506B17A5ACB6D56C78F&ckls=true&ci=vfA5bLLJZK&nc=false&trid=525672702
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
3.163.101.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-163-101-59.atl58.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:16 GMT
via
1.1 db4cd3ca469cef8285f715a91c8d304e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
ATL58-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
albLMa_Qed4u-7DtOhREerZTfVIOuwHN4npEpAT3VcDodRjwNDKizw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:16 GMT
via
1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1684AF103944506B17A5ACB6D56C78F&ckls=true&ci=vfA5bLLJZK&nc=false&trid=525672702
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
9Cfiuqaq9nxmWulieTinsf4EYJMj3WcZFrBcD7gJfpESldeDJh_ywg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F1684AF103944506B17A5ACB6D56C78F
42 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 05 Sep 2023 14:48:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F1684AF103944506B17A5ACB6D56C78F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Sep 2023 14:48:15 GMT
user-registering
ads.stickyadstv.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=F1684AF103944506B17A5ACB6D56C78F
43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Server
38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 14:48:16 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693925296287010-480

Redirect headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=F1684AF103944506B17A5ACB6D56C78F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Sep 2023 14:48:15 GMT
engine
pbid.pro-market.net/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=F1684AF103944506B17A5ACB6D56C78F;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=F1684AF103944506B17A5ACB6D56C78F;mimetype=img;sr
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-rv2IVrFE2pRanSrOrIyKncqsyIK2UEThDt0-~A
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-rv2IVrFE2pRanSrOrIyKncqsyIK2UEThDt0-~A
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:15 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

location
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-rv2IVrFE2pRanSrOrIyKncqsyIK2UEThDt0-~A
date
Tue, 05 Sep 2023 14:48:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
loadm.exelator.com/load/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=F1684AF103944506B17A5ACB6D56C78F&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=F1684AF103944506B17A5ACB6D56C78F&j=0&xl8blockcheck=1
0
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=F1684AF103944506B17A5ACB6D56C78F&j=0&xl8blockcheck=1
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 05 Sep 2023 14:48:16 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=F1684AF103944506B17A5ACB6D56C78F&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
sync
ups.analytics.yahoo.com/ups/55964/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1684AF103944506B17A5ACB6D56C78F
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1684AF103944506B17A5ACB6D56C78F&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1684AF103944506B17A5ACB6D56C78F&verify=true
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1684AF103944506B17A5ACB6D56C78F&verify=true
date
Tue, 05 Sep 2023 14:48:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.bfmio.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=F1684AF103944506B17A5ACB6D56C78F
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Server
44.213.2.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-2-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 05 Sep 2023 14:48:15 GMT

Redirect headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=F1684AF103944506B17A5ACB6D56C78F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Sep 2023 14:48:15 GMT
29931
stags.bluekai.com/site/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=F1684AF103944506B17A5ACB6D56C78F
62 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
184.28.136.218 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 05 Sep 2023 14:48:16 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=F1684AF103944506B17A5ACB6D56C78F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Sep 2023 14:48:15 GMT
tpid=F1684AF103944506B17A5ACB6D56C78F
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F1684AF103944506B17A5ACB6D56C78F
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=F1684AF103944506B17A5ACB6D56C78F
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
54.86.123.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-123-255.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.224
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=F1684AF103944506B17A5ACB6D56C78F
cache-control
no-cache
x-server
10.40.33.74
content-length
0
expires
0
merge
ce.lijit.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=F1684AF103944506B17A5ACB6D56C78F
  • https://ce.lijit.com/merge?pid=2&3pid=F1684AF103944506B17A5ACB6D56C78F&dnr=1
43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=F1684AF103944506B17A5ACB6D56C78F&dnr=1
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 14:48:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 14:48:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=F1684AF103944506B17A5ACB6D56C78F&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
db_sync
px.ads.linkedin.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=F1684AF103944506B17A5ACB6D56C78F
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogRjE2ODRBRjEwMzk0NDUwNkIxN0E1QUNCNkQ1NkM3OEYQABoNCLD_3KcGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2f0678cb24c0d0e2653d09b5393e62f485ee5936033e0c17037c359d0bd2fece791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2f0678cb24c0d0e2653d09b5393e62f485ee5936033e0c17037c359d0bd2fece791426b5417dce21&rand=09802788
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2f0678cb24c0d0e2653d09b5393e62f485ee5936033e0c17037c359d0bd2fece791426b5417dce21&rand=09802788
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 04140F4CD8FD49FCAC477C244A8BF9E9 Ref B: MIAEDGE1317 Ref C: 2023-09-05T14:48:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEnbeSNC0fbAkJ6gvwSg==

Redirect headers

date
Tue, 05 Sep 2023 14:48:16 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2f0678cb24c0d0e2653d09b5393e62f485ee5936033e0c17037c359d0bd2fece791426b5417dce21&rand=09802788
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.google.com/pagead/1p-conversion/1026675585/ Frame CD67
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1693925295549&cv=7&fst=1693925295549&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1298405272&cv=7&fst=1693925295549&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1298405272&cv=7&fst=1693925295549&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=1298405272&cv=7&fst=1693925295549&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=IhMIp8idvNuTgQMVeBVoCB3w9QnJ&is_vtc=1&ocp_id=rz_3ZOe0LfiqoPMP8OunyAw&cid=CAQSKQBpAlJW6b2XFB68WJMIy_cN_gdDU7lwDXrcXwgBRsZn2x4oKHOnT53X&random=1393597064
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H3
Server
2607:f8b0:4004:c0b::63 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=1298405272&cv=7&fst=1693925295549&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=IhMIp8idvNuTgQMVeBVoCB3w9QnJ&is_vtc=1&ocp_id=rz_3ZOe0LfiqoPMP8OunyAw&cid=CAQSKQBpAlJW6b2XFB68WJMIy_cN_gdDU7lwDXrcXwgBRsZn2x4oKHOnT53X&random=1393597064
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=F1684AF103944506B17A5ACB6D56C78F
0
0
bounce
ib.adnxs.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=F1684AF103944506B17A5ACB6D56C78F
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF1684AF103944506B17A5ACB6D56C78F
43 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:16 GMT
an-x-request-uuid
78748623-29e8-4857-a1de-2d0771d7cc64
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.67; 38.132.118.67; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:16 GMT
an-x-request-uuid
eaf7a291-2176-4f00-9ee5-e6fce4870bbf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF1684AF103944506B17A5ACB6D56C78F
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.67; 38.132.118.67; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F1684AF103944506B17A5ACB6D56C78F&expires=365
42 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F1684AF103944506B17A5ACB6D56C78F&expires=365
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F1684AF103944506B17A5ACB6D56C78F&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Sep 2023 14:48:15 GMT
sd
us-u.openx.net/w/1.0/ Frame CD67
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=F1684AF103944506B17A5ACB6D56C78F
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=F1684AF103944506B17A5ACB6D56C78F
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=F1684AF103944506B17A5ACB6D56C78F
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=F1684AF103944506B17A5ACB6D56C78F
date
Tue, 05 Sep 2023 14:48:16 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/ Frame CD67
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPAf0KJZnQ6AMhdFUeZmIOE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F1684AF103944506B17A5ACB6D56C78F
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Requested by
Host: citadelbanking-recover-account.ns01.us
URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 04 Sep 2023 14:48:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 14:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
i.simpli.fi/ Frame 5C56 		45 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=&cb=sifi_att_1271794597506671._hp
Requested by
Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=48964&action=100&segment=citadelbanksitelal&m=1&sifi_tuid=25052
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.85.242.117 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.242.85.34.bc.googleusercontent.com
Software
/
Resource Hash
e116e9fe6f09dc2804a7f96a734ef5469c1ba6e12f39fecf2eb85f87d62dcc91
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citadelbanking-recover-account.ns01.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 05 Sep 2023 14:48:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
collect
t.clarity.ms/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://citadelbanking-recover-account.ns01.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://citadelbanking-recover-account.ns01.us
Date
Tue, 05 Sep 2023 14:48:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
insight.adsrvr.org
URL
https://insight.adsrvr.org/track/up?adv=2byx6v5&ref=https%3A%2F%2Fonline.citadelbanking.com%2FCitadelOLB%2Fuux.aspx%23%2Flogin&upid=18b1cnl&upv=1.1.0
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v1/star.gif?pid=jURnbr8zBG8MWtyMLPHqJv4oCeBc&src=mh&evt=hi
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v1/star.gif?pid=jURnbr8zBG8MWtyMLPHqJv4oCeBc&src=mh&evt=hi
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=F1684AF103944506B17A5ACB6D56C78F

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture string| LOGON_errorReturnCode string| LOGON_httpStatusCode string| LOGON_externalLogonName object| Q2_CONFIG string| Q2_VERSIONED_CUSTOMER_URL string| Q2_VERSIONED_URL string| Q2_PRODUCTION_TAG function| $ function| jQuery function| _typeof function| _extends function| wea function| tea function| check function| ready boolean| registeredPatch function| register object| dataLayer object| lpTag string| uuxVersion number| customerNumber string| apiKey object| additionalApiKeys boolean| includePII object| pendoInitialize function| initPendo function| updatePendo function| checkMenu function| firstNavEventHandler boolean| registered boolean| inited object| pendo function| fbq function| _fbq object| versaTagObj function| ttd_dom_ready function| TTDUniversalPixelApi function| rdt function| createFrameworkGlobals object| liveperson object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| __sc_import_q2_tecton_elements object| lpTaglogListeners object| proxyless object| lpMTagConfig function| clarity function| gtag undefined| clarityuetq undefined| oneTagObj function| ebDecode object| bsResponseObj object| ajax object| instance object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| __core-js_shared__ object| lpIntlTelInputUtils object| lpIntlTelInputGlobals object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| GooglebQhCsO string| _linkedin_data_partner_id function| ndp function| UET function| UET_init function| UET_push object| ueto_4d3b63b586 object| uetq boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| process function| lintrk boolean| _already_called_lintrk string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API

76 Cookies

Domain/Path Name / Value
citadelbanking-recover-account.ns01.us/ Name: PHPSESSID
Value: 84nbdl0ssl3e2v02ir4qa495sv
.bing.com/ Name: MUID
Value: 0AF7BC70FD866DFD3C99AFF3FC166C1B
.bat.bing.com/ Name: MR
Value: 0
.ns01.us/ Name: _rdt_uuid
Value: 1693925294028.bcea43f1-b3ba-46f8-9293-eeba85223dba
www.clarity.ms/ Name: CLID
Value: 2f4a4b610081426791b47f62e4c7670e.20230905.20240904
cdn1.onlineaccess1.com/ Name: __cflb
Value: 02DiuDJZwTATiSnybBeVDKjTCUZYfphxG65ZYHaeX8WaU
.onlineaccess1.com/ Name: __cfruid
Value: 424072dc905b538eb41b20b2829f4ab625fc2a1f-1693925294
.serving-sys.com/ Name: ActivityInfo2
Value: 0037V2Ejk0_
.ns01.us/ Name: _clck
Value: 1yjumgb|2|fer|0|1343
.ns01.us/ Name: _gcl_au
Value: 1.1.345845721.1693925294
.ns01.us/ Name: _uetsid
Value: 3e0520c04bfb11eeaf6c3b4b7048358f
.ns01.us/ Name: _uetvid
Value: 3e055e404bfb11ee927acb82522180a2
.doubleclick.net/ Name: IDE
Value: AHWqTUltCOQRJ1-8ynYKwEsL4zCyAJtfD0Hfndeh_OcGCjc9Rs5tTWqw38SGstJE
.serving-sys.com/ Name: u2
Value: 140eca6d-44e9-4e1a-b914-f9f82e00347e4Ol07g
bs.serving-sys.com/ Name: OT_1073743235
Value: 3
.serving-sys.com/ Name: OT2
Value: 1000m33thm
.ns01.us/ Name: _fbp
Value: fb.1.1693925294630.1527733009
.simpli.fi/ Name: suid
Value: F1684AF103944506B17A5ACB6D56C78F
.ns01.us/ Name: session_id
Value: 3155f9d2-959f-4705-84c8-84531e927eb6
.ns01.us/ Name: _clsk
Value: ai837x|1693925294742|1|1|t.clarity.ms/collect
.ns01.us/ Name: lotame_domain_check
Value: ns01.us
citadelbanking-recover-account.ns01.us/ Name: ln_or
Value: eyI0MDMxNzE2IjoiZCJ9
.ns01.us/ Name: cebs
Value: 1
.ns01.us/ Name: _ce.s
Value: v~a28bd2789d398fd12364180a34a3cc7c4dbd9953~lcw~1693925294806~vpv~0~lcw~1693925294806
.linkedin.com/ Name: li_sugr
Value: c191db3e-469c-40a1-ab2e-f952529fb43b
.linkedin.com/ Name: bcookie
Value: "v=2&c7822371-00c5-45f4-8146-621046b98b8e"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3004:u=1:x=1:i=1693925294:t=1694011694:v=2:sig=AQFRiLdLWj9K8qN0qRhDjOo-4ED036eF"
.facebook.com/ Name: fr
Value: 0FrcNGd87YPnJE4Ch..Bk9z-u...1.0.Bk9z-u.
.linkedin.com/ Name: UserMatchHistory
Value: AQJuu-jq2oa6mwAAAYpl0MMR2bzpYHakNDgQ7iRrV9R6lQgF5INCx9VW_HQhelQbIu_tLyCXDcQgMg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQL91W1RjkpYbQAAAYpl0MMRLnc7DuJl2a8W3XAgCi08XA8SqQ9AYpsuMwBDFgQVHwUQr-YujK0D2TFvQzii7w
.ns01.us/ Name: LPVID
Value: E2YjNmZTNiNzY4ZGY0MmYx
.ns01.us/ Name: LPSID-71465649
Value: xE-HQg8XTaCWAPnhp_-5HA
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023090514481464a56b7a-4682-4598-8297-e4331f86460eAQEn9Jl9sjBo95ymptDChpSytdu0xSFU"
.simpli.fi/ Name: uid_syncd_secure
Value: true
.tapad.com/ Name: TapAd_TS
Value: 1693925295877
.tapad.com/ Name: TapAd_DID
Value: 384d5594-07a2-47de-a907-0237efd032d7
.3lift.com/ Name: tluid
Value: 4208558736785846825113
.agkn.com/ Name: ab
Value: 0001%3Aq3yifBrngGybUEh2XR2iROBYJj9trQ3R
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.smaato.net/ Name: SCM
Value: 7b20aa7f35
.openx.net/ Name: i
Value: 075db26a-8e3a-40ab-b7e5-df2c754e999e|1693925296
.rlcdn.com/ Name: rlas3
Value: gOCwapT+h4Fe+isHcgHOQh8ukzdpsVhn0SuNzXB6jNo=
.smaato.net/ Name: SCMtu
Value: 7b20aa7f35
.smaato.net/ Name: SCM1001136
Value: 7b20aa7f35
.yahoo.com/ Name: A3
Value: d=AQABBLA_92QCEBihaaXUFAMdb5wiBrUTMsIFEgEBAQGR-GQBZdxH0iMA_eMAAA&S=AQAAAgzru_ysEJB0mPL_YIuBGMw
.exelator.com/ Name: EE
Value: "2f818b0a1bbd70b8f41b31b5a7b167c8"
.lijit.com/ Name: ljt_reader
Value: HRVYfQZH2EQarCcgTCSfbpfA
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:F1684AF103944506B17A5ACB6D56C78F&KRTB&23486-uid:F1684AF103944506B17A5ACB6D56C78F&KRTB&23489-uid:F1684AF103944506B17A5ACB6D56C78F
.pubmatic.com/ Name: PugT
Value: 1693925294
.adnxs.com/ Name: uuid2
Value: 3267614001354325050
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: vfA5bLLJZK
.rlcdn.com/ Name: pxrc
Value: CLD/3KcGEgUI6AcQABIFCOhHEAA=
.agkn.com/ Name: u
Value: C|0AAAAAAAALIn8MAAAAAAA
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 1006e45d046d69063693495886501de9
.rubiconproject.com/ Name: khaos
Value: LM6FDVMG-22-2G1I
.rubiconproject.com/ Name: audit
Value: 1|vOBMwHl53F4m8JTUne3edz6Yr4aDgn6ECnKKLWgKprObz16xSA9sXXhxofCyDpaQZZs3fECS/euM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk/S2EMFZfOOEqExypuO0xezeAKMoztLDWZ5J3IGkv09GCt1bzOjy9c7SpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEozcLQIskg0TApKcXcIMkizcQwydgwyTTRPMnQzDzZYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6otDgxUUpaQyLSopPBR81egEAr8gqtA%253D%253D"
.bfmio.com/ Name: __141_cid
Value: F1684AF103944506B17A5ACB6D56C78F
.bfmio.com/ Name: __io_cid
Value: ec1b039f82f534b0c1cd0baafe5bcd964890b858
.lijit.com/ Name: _ljtrtb_2
Value: F1684AF103944506B17A5ACB6D56C78F
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2In1mu4lY!]tbPl1N!7On*M$=BWr#gjm@Kh0]<^idx+Vcx)uMlxS]!kzdM[jFLZ%dK.JYx$aI[/X%W#.wL4W1Qw2C@z(DN
.bluekai.com/ Name: bku
Value: blx99n9d2txjPQR3
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDRhBMQ6xDRh1e18BexN1ejY1E5OBDaexMjWBEjeBpCs9y9kIQrR
.pro-market.net/ Name: anHistory
Value: "-1fucqc8ialmu5+2+!#7')$j!Q5v"
.intentiq.com/ Name: CSDT
Value: UEQ6MTAwNDNfMCZUb3podW02
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1693925296378
.intentiq.com/ Name: IQPData
Value: 646215235#1693925296367#0#1693925296367
.pippio.com/ Name: did
Value: XNnDew_jmJN-IBaV
.pippio.com/ Name: didts
Value: 1693925296
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CLD/3KcGEgYIgr0rEAA=
.analytics.yahoo.com/ Name: IDSYNC
Value: "176k~2dr2:19ba~2dr2"
.pro-market.net/ Name: anProfile
Value: "-1fucqc8ialmu5+1+1f=1+1g=1+1j=57:1+rs=s+rt=200105501D0500010000000000000012+s2=(s0ip4g)+vm=24-F1684AF103944506B17A5ACB6D56C78F:81-y-rv2IVrFE2pRanSrOrIyKncqsyIK2UEThDt0-%7EA"

22 Console Messages

Source Level URL
Text
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
Failed to decode downloaded font: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Regular.woff
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
OTS parsing error: invalid sfntVersion: 1315905603
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
Failed to decode downloaded font: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Semibold.woff
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
OTS parsing error: invalid sfntVersion: 1315905603
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
Failed to decode downloaded font: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Regular.woff
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
OTS parsing error: invalid sfntVersion: 1315905603
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
Failed to decode downloaded font: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Semibold.woff
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
OTS parsing error: invalid sfntVersion: 1315905603
network error URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://citadelbanking-recover-account.ns01.us/cdn/base/4.4.0.113E/assets/fonts/OpenSans/OpenSans-Semibold.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Semibold.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
Failed to decode downloaded font: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.woff
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
OTS parsing error: invalid sfntVersion: 1315905603
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
Failed to decode downloaded font: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.woff
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
OTS parsing error: invalid sfntVersion: 1315905603
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
Failed to decode downloaded font: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.woff
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
OTS parsing error: invalid sfntVersion: 1315905603
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
Failed to decode downloaded font: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.woff
other warning URL: https://citadelbanking-recover-account.ns01.us/login.php?badge=7c2f4d4f22c2b20f7b67f53e753c6ecce232da93fc3e5f4fef580f01baea7f83c7948f5d17e8ca6c5494d26dc5e83390462ad32875de2b0403d8e02112b309d1
Message:
OTS parsing error: invalid sfntVersion: 1315905603
network error URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Semibold.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://citadelbanking-recover-account.ns01.us/cdn/depot/5012/3434/2913ab52bcdfac6cecce9c7993ffca6a/assets/fonts/OpenSans/OpenSans-Regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=F1684AF103944506B17A5ACB6D56C78F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
accdn.lpsnmedia.net
ads.nextdoor.com
ads.stickyadstv.com
alb.reddit.com
bat.bing.com
bcp.crwdcntrl.net
bs.serving-sys.com
cdn.linkedin.oribi.io
cdn1.onlineaccess1.com
ce.lijit.com
citadelbanking-recover-account.ns01.us
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
flask.nextdoor.com
fonts.googleapis.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
jelly.mdhv.io
js.adsrvr.org
loadm.exelator.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
pbid.pro-market.net
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.ad.smaato.net
script.crazyegg.com
secure-ds.serving-sys.com
simplifi.partners.tremorhub.com
snap.licdn.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
sync1.intentiq.com
t.clarity.ms
tags.crwdcntrl.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
va.v.liveperson.net
www.clarity.ms
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.tumblr.com
insight.adsrvr.org
jelly.mdhv.io
sync.search.spotxchange.com
107.178.254.65
13.107.42.14
142.250.31.155
151.101.193.140
162.248.18.37
172.253.63.154
18.160.18.55
18.67.60.119
184.28.136.218
192.0.63.252
192.0.77.40
198.98.48.120
199.127.204.171
20.114.189.70
2001:4de0:ac18::1:a:2b
208.89.12.153
208.89.12.87
208.89.12.91
23.222.5.139
2600:1408:8c00::172e:9649
2600:1901:0:8eee::
2600:1f18:612b:4280:747a:cfb3:5355:825e
2600:9000:20aa:9600:2:53b2:240:93a1
2600:9000:215f:f000:19:fc2c:a140:93a1
2600:9000:2509:2000:1b:6b7d:2300:93a1
2600:9000:269f:b200:1b:5138:8a40:93a1
2606:4700::6813:9308
2607:f8b0:4004:c09::61
2607:f8b0:4004:c0b::63
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c1b::5f
2620:1ec:21::14
2620:1ec:bdf::40
2620:1ec:c11::200
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f10e:83:face:b00c:0:25de
2a04:4e42:600::396
3.162.3.126
3.163.101.59
3.22.29.254
34.111.113.62
34.120.154.120
34.150.170.96
34.200.65.202
34.85.242.117
34.98.64.218
35.190.60.146
35.71.139.29
38.98.139.150
44.213.2.100
44.238.137.106
52.0.156.250
54.86.123.255
63.251.114.182
68.67.160.114
69.173.151.100
00c3d7dbb2cfaf52edcf086de98e3a1c9cc795f94e412c8fae93029e7ca177fe
00d1281b630443e4d7d54eb4120f6b00f10a6bc7f9a68636c3b3e19e6f012f34
07c2ef0fac89b65b6f0877cb66f64a74469b2ad8759bf41097a8c76b8ff782bc
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
13b29e90471ae30c4d4b24b454d3346829420009d73df825b8397dec0154424f
2429e64dccee800df3e59a1861294ef4f54ce6f9e6c6496a207c894d6b58e851
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2a45a3cfd0b0fa8af0a445e99410dd268776248b26367ca24f017ecb3e7ed1c6
2ca9b16cf6f36ce0ea89f5ab98181eb2628ed9c214921af33e281b85a3efaaf7
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
2f4f4e3dc0856bd0f5ba0fc25f6597869952556f9c40f4e1b3877d8fe8b587a7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3489fd639e07b4fdcd8e7195a578ae7b9f017c5327fa121fafc11dac3cea6fea
35321f2739b2957e42732473b426989a2357070ee0312c8222cb1e5828b471d1
3b4f4a4932afc89a20697d3396d5d07159b65fc2fa72e29a25cb786da6cb182b
3e14d6a697fc7454cb825a0347aa1c6eefab8e2090133952595dec592b727b87
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f749d60188fe2e7fbb9959fabb7dc00a62a45bb1f0dd2b7764e24f34ef75b41
424fec8c61f2e45521482db72fce793b13ceae58e85698eaa12a041bfb9b471e
49ccc7d7a3b0cf319d72aa6e27b75c50bceff970084c55badba33661c227304b
4b2c106f284c1e6556e26e313208730fd31cc3aa4ef97d951bee19baea55a85c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4db51950bb9fdd01735b89f5d77793fac82b83033dd2d61fadaa89ce412cd139
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527143206799bb2eb99e1c69ea0bdd3b8b012795adc338f9023d760d14121ab6
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5993b6c76709eba4328dada0852fd769c52596e515dcf892dace75dd01066985
5e9b5de2763d0573db70a79cd2c4fe3fbe3f71b8d5181d216692eb2070f482b7
5eb0a8bf4778c5e21b4c42e0bce39184746ffe6537871c6f3c80919e6142c275
5ec1cb08bc93a4e272c5606043dad60227e370499b829e93799634ffb2f7de8a
66967be43a8a35aee96fd630e243242bb1a0ce28e4bdfb4704381e64a558f3e8
67bb5ea879197749b358d19227bbd5163e3e716b5639a1dd5e3ab9f5682d3eb9
6bc9a4bdde5c48a39cabd8840dec8bd11281dcdd167cf4440f383f01ad3ab123
6d54a86d4c9175b78d098370bba18634b0366d8c047bb49cfe0df9ca5439470a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
826f4907a40c5811a9ceacc94e00a75cad0b9761abb9e24f4af566fe1bd9ed7e
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d43dd1d62d812cd57c0457fa0012d2ac274aea11741326e6c512af1e6bdd4f1
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
992bf193da41c2d52c1d8f70864b625a3720103ddcf56990736ba42e1e18796d
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ed8fdc986ec25860aca0e4d79dc21a0508cf7b2ee69cf8eb45721539d99c01
a305f8d5ac4e7fa432be7ca8098fc8e75ea712e227c9cafe0422129e7308637f
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
abba7247f0ef6bdb47970b488883dc3a4757d62903501436984f237906e9203b
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc809483fffc75dae95888a92206e7487a5a87cdd6cd5f2d8a7f7b58ec11357e
bfcd145340690dfd04eff4952c54ba715d6f81a106256245099d027f714fa2af
c9e9ab1c11be0da2ea654af9e97f98228f5ee24f50fb00ad2a37e27f86a3b86c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcda23f40606a339333dbff71f899be62524a7fdbbcd34311eb007be50777a5
d18a57b29db8a08ba71ad132233d6b0f20b3b5c3e60522d355136a8a095e52d0
d4628708699f65539acf57ac596d235a4cc583c12560a27751155b283f2068ad
e0553d5e1f49291bd1730745a95e155e6951aebb077378914eb2816b059a6448
e06f7140273b0fe1887c41528b4343ccb90e4f65f722869edd5fd8ec8e991459
e116e9fe6f09dc2804a7f96a734ef5469c1ba6e12f39fecf2eb85f87d62dcc91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e662b1fbcedf78ff964580d24339d13138541d63904f1046df7606cbe313dc28
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e80839a5e252a2bfccb67fd501dc5675e3300b7a4ca74406d6a37ef7ce7c50de
e81f7bc551d1536936fba9fa924fd345ef199720ed67a3ca7c6b02ad0cf5efa3
e993792999076dbdec72a33c6e816a85a6c8a4daafd344f44da4fcd1a935b8b8
ee01d15ad37daf31ddfb93ff91c06dbb583e5b9c58d6a3d868ec8d66c889bc39
ee154a894141cd3c4b00a7538eaba115b66356dadc2f72425a72b6b6ba395a7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e