login.firstcitizens.com Open in urlscan Pro
107.162.164.184  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response login.firstcitizens.com/	32 KB 10 KB	792ms 484ms	Document text/html	107.162.164.184 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://login.firstcitizens.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.164.184 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software nginx / Resource Hash 7612fcfc467dea4bb744745f7c8b3cb26f1b73e76df53ff527f322a4b3a32a3b Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Wed, 12 Jan 2022 15:44:58 GMT Server nginx Content-Type text/html;charset=utf-8 Vary Accept-Encoding x-okta-request-id Yd73elQkso4ACLQS20xjnQAADEo x-xss-protection 0 p3p CP="HONK" x-rate-limit-limit 60 x-rate-limit-remaining 59 x-rate-limit-reset 1642002358 expect-ct report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0 cache-control no-cache, no-store pragma no-cache expires 0 x-frame-options SAMEORIGIN x-content-type-options nosniff x-ua-compatible IE=edge content-language de Strict-Transport-Security max-age=315360000; includeSubDomains X-Robots-Tag noindex,nofollow Content-Encoding gzip Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Via 1.1 dca1-bit6008
GET H/1.1	200 OK	fcb_common.js Show response login.firstcitizens.com/js/vendor/lib/	174 KB 102 KB	132ms 132ms	Script application/javascript	107.162.164.184 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://login.firstcitizens.com/js/vendor/lib/fcb_common.js Requested by Host: login.firstcitizens.com URL: https://login.firstcitizens.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.164.184 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash fd3d0f0faeb38cf968d6784040ba41894862bccc5dcda99308a643ea5ee33962 Request headers Accept-Language de-DE,de;q=0.9 Referer https://login.firstcitizens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache, no-cache Date Wed, 12 Jan 2022 15:44:58 GMT Via 1.1 google, 1.1 dca1-bit7004, 1.1 dca1-bit6008 Transfer-Encoding chunked Content-Type application/javascript; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate Content-Encoding gzip Alt-Svc clear X-Ion-Hop 1 Expires 0, 0
GET H2	200	okta-sign-in.min.js Show response ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/js/	2 MB 505 KB	86ms 16ms	Script application/javascript	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/js/okta-sign-in.min.js Requested by Host: login.firstcitizens.com URL: https://login.firstcitizens.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash f657760e6c3c19d5c1a694d921f8d6aaf0880f163b00bfa2a4dd07191f522da5 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://login.firstcitizens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:46:57 GMT content-encoding gzip vary Accept-Encoding age 53881 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 12 Jan 2022 00:26:25 GMT server nginx etag W/"eba0b5bc638ca8cc5c1fd10f221ec527" strict-transport-security max-age=315360000; includeSubDomains content-type application/javascript via 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id FagpuShxNYVXJS6hgosDC77MYQI5J78qCaH8i3U7LUzTtx0Fb1xiqA== expires Thu, 12 Jan 2023 00:46:57 GMT
GET H2	200	okta-sign-in.min.css ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/css/	211 KB 37 KB	78ms 9ms	Stylesheet text/css	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/css/okta-sign-in.min.css Requested by Host: login.firstcitizens.com URL: https://login.firstcitizens.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash 9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://login.firstcitizens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:46:57 GMT content-encoding gzip vary Accept-Encoding age 53880 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 12 Jan 2022 00:26:14 GMT server nginx etag W/"32082203138e95c3496af212b9076cd4" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id wTF9XAJM-1LfIaVE2c446yY6tIoQRNHvAio-nbEKQKQ5_-1XohrHhQ== expires Thu, 12 Jan 2023 00:46:57 GMT
GET H2	200	custom-signin.bb8f4ce4363dd17160adb27f2ab5f478.css ok7static.oktacdn.com/assets/loginpage/css/	1 KB 1 KB	76ms 7ms	Stylesheet text/css	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/loginpage/css/custom-signin.bb8f4ce4363dd17160adb27f2ab5f478.css Requested by Host: login.firstcitizens.com URL: https://login.firstcitizens.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash 6ad0ad11086d50749bb41cf96cf712c1e61f458b4f6844f36f4ba21960417250 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://login.firstcitizens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 03 Jan 2022 19:12:33 GMT content-encoding gzip vary Accept-Encoding age 765145 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 19 Feb 2020 23:31:30 GMT server nginx etag W/"bb8f4ce4363dd17160adb27f2ab5f478" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id M4P7lbIxBT9FPgn6U30tVQNsvr_Wy0XG6YJCq2axoAt-P0hGk4P81g== expires Tue, 03 Jan 2023 19:12:33 GMT
GET H2	200	initLoginPage.pack.103f0a08c8f9401f5a348e6d81b34c6a.js Show response ok7static.oktacdn.com/assets/js/mvc/loginpage/	396 KB 107 KB	8ms 8ms	Script application/javascript	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.103f0a08c8f9401f5a348e6d81b34c6a.js Requested by Host: URL: OktaUtil.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash 441a34cb0dac43ef893f596889e81ba3fa45cb47aa294ff22706b30ce96b004a Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://login.firstcitizens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:46:58 GMT content-encoding gzip vary Accept-Encoding age 53879 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 12 Jan 2022 00:25:15 GMT server nginx etag W/"103f0a08c8f9401f5a348e6d81b34c6a" strict-transport-security max-age=315360000; includeSubDomains content-type application/javascript via 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA2-C2 x-amz-cf-id 2La0UmcVnknTBDSPFvBWBd18gI3hTIMe_zQeyHkt7N4gw4AqC1L4Pg== expires Thu, 12 Jan 2023 00:46:58 GMT
GET H2	200	login_de.json Show response ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/labels/json/	94 KB 94 KB	24ms 8ms	XHR application/json	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/labels/json/login_de.json Requested by Host: login.firstcitizens.com URL: https://login.firstcitizens.com/js/vendor/lib/fcb_common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash 38f8eb122e4cd7106a24918dba446a8a803acecc0bc915572ed4b68f335d1550 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers accept application/json Referer https://login.firstcitizens.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 content-type text/plain Response headers date Wed, 12 Jan 2022 01:50:58 GMT via 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront) age 50040 x-cache Hit from cloudfront content-length 95805 last-modified Wed, 12 Jan 2022 00:26:29 GMT server nginx etag "954dbbb0ad784f4143c7e49567dbf9f6" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type application/json x-amz-cf-id GuFM7XImOA-FNxWqbWUZUTtybE_CKtxvbZQnVZbrgjAny8MUQRsjyQ== expires Thu, 12 Jan 2023 01:50:58 GMT
GET H2	200	country_de.json Show response ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/labels/json/	5 KB 5 KB	25ms 9ms	XHR application/json	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/labels/json/country_de.json Requested by Host: login.firstcitizens.com URL: https://login.firstcitizens.com/js/vendor/lib/fcb_common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers accept application/json Referer https://login.firstcitizens.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 content-type text/plain Response headers date Wed, 12 Jan 2022 01:50:58 GMT via 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront) age 50040 x-cache Hit from cloudfront content-length 4805 last-modified Wed, 12 Jan 2022 00:26:27 GMT server nginx etag "51bec6463b4f7c5a26ede1fd8ee067f8" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type application/json x-amz-cf-id -XiSvpca7hHGm8OTz86Pwe59lixtwLVtKK31PMXbWXqUNRe_6KYl7A== expires Thu, 12 Jan 2023 01:50:58 GMT
GET H2	200	fs02zsl0j9IgvWGHz357 ok7static.oktacdn.com/fs/bco/1/	13 KB 14 KB	12ms 12ms	Image image/png	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok7static.oktacdn.com/fs/bco/1/fs02zsl0j9IgvWGHz357 Requested by Host: login.firstcitizens.com URL: https://login.firstcitizens.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash 081f903294a159671406244f9cb89945a499c7515921af1eb1faa4be13d69c98 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://login.firstcitizens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 09 Jan 2022 15:14:38 GMT via 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront) age 261020 x-cache Hit from cloudfront content-length 13298 last-modified Fri, 28 Feb 2020 20:20:12 GMT server nginx etag "2af296330f2ce29810cd2c927d225a52" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/png x-amz-cf-id FDw2Eqcq_uBTzvCtRa7VahlUJiBhebQCxqL4iRRk3G2w1az6zoi1MA== expires Mon, 09 Jan 2023 15:14:38 GMT
GET H/1.1	200 OK	iframe.html Show response login.okta.com/discovery/ Frame 4882	546 B 985 B	69ms 7ms	Document text/html	13.225.80.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.okta.com/discovery/iframe.html Requested by Host: ok7static.oktacdn.com URL: https://ok7static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.103f0a08c8f9401f5a348e6d81b34c6a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.80.68 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-68.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash c71558cf94e0875c93b552d52dd5974ae4697ba14e5a8d7c3694247a291ca9b8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://login.firstcitizens.com/ Response headers Content-Type text/html Content-Length 546 Connection keep-alive Last-Modified Fri, 10 Dec 2021 17:59:22 GMT Server AmazonS3 Date Tue, 11 Jan 2022 23:48:18 GMT ETag "718a4c5e710186377bad84fea3c1ebec" X-Cache Hit from cloudfront Via 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 X-Amz-Cf-Id HyCHiVnSuUbAyddIoBWyFeASq8CkVJAtRShUGe7rL_jWEwICQ6uIYg== Age 57402
GET H2	200	checkbox-sign-in-widget.png ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/img/ui/forms/	3 KB 4 KB	8ms 8ms	Image image/png	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/img/ui/forms/checkbox-sign-in-widget.png Requested by Host: ok7static.oktacdn.com URL: https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/css/okta-sign-in.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash 40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/css/okta-sign-in.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:47:00 GMT via 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront) age 53879 x-cache Hit from cloudfront content-length 3141 last-modified Wed, 12 Jan 2022 00:26:16 GMT server nginx etag "7846b2f8c6d0a7ca69fdd3d3c294e92d" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/png x-amz-cf-id NqZnsJ0Hi0f0nAFg29HQ2E_o891_e_-hh6kQc1lGUyEn0oHuO8V9aA== expires Thu, 12 Jan 2023 00:47:00 GMT
GET H2	200	l use.typekit.net/af/0d0f8f/00000000000000007735c199/30/	13 KB 13 KB	27ms 6ms	Font application/font-woff2	2a02:26f0:f7::5c7b:e024 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/0d0f8f/00000000000000007735c199/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 95af40bfcbde1f391bc4d85f4e142759d1b099cbb2176acfccfd72d601c542f9 Request headers Referer https://login.firstcitizens.com/ Origin https://login.firstcitizens.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 15:44:59 GMT server nginx etag "d2ee9c1910a413485cb8230e5c2b59ca20f7528e" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 13344
GET H2	200	l use.typekit.net/af/a3941f/00000000000000007735c1a1/30/	13 KB 14 KB	28ms 7ms	Font application/font-woff2	2a02:26f0:f7::5c7b:e024 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/a3941f/00000000000000007735c1a1/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 86eed6f83ac95cd25a4481bfc6310a47da2169cd9da74ef4579f25cbfb75ad52 Request headers Referer https://login.firstcitizens.com/ Origin https://login.firstcitizens.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 15:44:59 GMT server nginx etag "e4b3b05932f08149a94d404c4763b0f8583dcc96" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 13676
GET H2	200	okticon.woff ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/font/	20 KB 21 KB	8ms 7ms	Font application/font-woff	13.225.80.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/font/okticon.woff Requested by Host: ok7static.oktacdn.com URL: https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/css/okta-sign-in.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-107.fra2.r.cloudfront.net Software nginx / Resource Hash 7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.0/css/okta-sign-in.min.css Origin https://login.firstcitizens.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:47:00 GMT via 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront) age 53879 x-cache Hit from cloudfront content-length 20600 last-modified Wed, 12 Jan 2022 00:26:15 GMT server nginx etag "db28723126138387cdf40680e6e0fa5d" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type application/font-woff x-amz-cf-id WqyGD-f7X8Zrx8s10wH6Ys-zIZztdQUywxofgk-pLG35tEiG_pJpxA== expires Thu, 12 Jan 2023 00:47:00 GMT
GET H/1.1	200 OK	discoveryIframe-82e613074a3700abe11a.min.js Show response login.okta.com/lib/ Frame 4882	96 KB 96 KB	8ms 8ms	Script application/javascript	13.225.80.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.okta.com/lib/discoveryIframe-82e613074a3700abe11a.min.js Requested by Host: login.okta.com URL: https://login.okta.com/discovery/iframe.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.80.68 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-68.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 765024756b73bba60951ceade73fb2dd7c7e1a91afb0f864ae032ee7a449f2aa Request headers Accept-Language de-DE,de;q=0.9 Referer https://login.okta.com/discovery/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 11 Jan 2022 21:25:23 GMT Via 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront) Last-Modified Fri, 10 Dec 2021 17:59:24 GMT Server AmazonS3 Age 65989 ETag "5196c42118d13ac08a07579232338f8d" X-Cache Hit from cloudfront Content-Type application/javascript Connection keep-alive X-Amz-Cf-Pop FRA2-C2 Content-Length 97948 X-Amz-Cf-Id dr8KG4U8NH5Vf3mp436wX9kRbJIgQIl6Ip5T5sHSnd2qO12PC_7qxg==
GET DATA	200 OK	truncated /	433 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8f25bee7c185d918f1d55f844f64b5cd372a4743caeb63c2abd413e5f42a4949 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange object| regeneratorRuntime function| setImmediate function| clearImmediate object| Backbone function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config function| readCookie function| getClientId function| getClientName undefined| clientName undefined| clientId string| primaryauth_title string| remember string| primaryauth_username_tooltip string| needhelp string| help string| brandName string| password_forgot_email_or_username_placeholder string| password_forgot_email_or_username_tooltip string| account_unlock_email_or_username_placeholder string| account_unlock_email_or_username_tooltip string| mfa_backtoFactors string| factor_hotp_description string| enroll_choices_title string| enroll_hotp_restricted string| enroll_choices_description string| enroll_choices_description_generic string| enroll_choices_description_specific string| enroll_choices_description_gracePeriod_bold string| enroll_choices_description_gracePeriod_oneDay_bold string| enroll_sms_setup string| factor_sms_time_warning string| factor_sms string| factor_password string| rememberDevice_devicebased string| contact_support string| error_auth_lockedOut string| password_forgot_noFactorsEnabled string| account_unlock_noFactorsEnabled string| errors_E0000119 string| primaryauth_submit string| error_username_required object| oktaSignIn object| OktaLogin object| jQBrowser

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.firstcitizens.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 92C27EAAA241387245E90A514E65C99E
			login.firstcitizens.com/	1969-12-31 23:59:59	Name: t Value: blue-dark
			login.firstcitizens.com/	1970-01-20 17:37:54	Name: DT Value: DI0cwXcee1GQK-IphOVAg3pxw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.firstcitizens.com
login.okta.com
ok7static.oktacdn.com
use.typekit.net
107.162.164.184
13.225.80.107
13.225.80.68
2a02:26f0:f7::5c7b:e024
081f903294a159671406244f9cb89945a499c7515921af1eb1faa4be13d69c98
38f8eb122e4cd7106a24918dba446a8a803acecc0bc915572ed4b68f335d1550
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
441a34cb0dac43ef893f596889e81ba3fa45cb47aa294ff22706b30ce96b004a
6ad0ad11086d50749bb41cf96cf712c1e61f458b4f6844f36f4ba21960417250
7612fcfc467dea4bb744745f7c8b3cb26f1b73e76df53ff527f322a4b3a32a3b
765024756b73bba60951ceade73fb2dd7c7e1a91afb0f864ae032ee7a449f2aa
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
86eed6f83ac95cd25a4481bfc6310a47da2169cd9da74ef4579f25cbfb75ad52
8f25bee7c185d918f1d55f844f64b5cd372a4743caeb63c2abd413e5f42a4949
9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620
95af40bfcbde1f391bc4d85f4e142759d1b099cbb2176acfccfd72d601c542f9
c71558cf94e0875c93b552d52dd5974ae4697ba14e5a8d7c3694247a291ca9b8
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
f657760e6c3c19d5c1a694d921f8d6aaf0880f163b00bfa2a4dd07191f522da5
fd3d0f0faeb38cf968d6784040ba41894862bccc5dcda99308a643ea5ee33962