citizenscommercial.com Open in urlscan Pro
63.131.146.186 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Submission: On May 06 via api (May 6th 2023, 1:09:27 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 63.131.146.186, located in United States and belongs to DATAPIPE-SEA, US. The main domain is citizenscommercial.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 21st 2022. Valid for: a year.

This is the only time citizenscommercial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
13	63.131.146.186 63.131.146.186		22205 (DATAPIPE-SEA) (DATAPIPE-SEA)
2	2a00:1450:400... 2a00:1450:4001:830::2008		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e		15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36		15169 (GOOGLE) (GOOGLE)
18	4

13 63.131.146.186 (United States)

ASN22205 (DATAPIPE-SEA, US)
PTR: vm1.emiboston.com

citizenscommercial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	citizenscommercial.com citizenscommercial.com	156 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	134 KB
18	3

	Domain	Requested by
13	citizenscommercial.com	citizenscommercial.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	citizenscommercial.com www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
18	4

This site contains no links.

Subject Issuer	Validity	Valid
citizenscommercial.com Go Daddy Secure Certificate Authority - G2	`2022-11-21` - `2023-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Frame ID: 3CF85C513865ABFED3C214FCF3701662
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citizens Bank: Forward to a colleague

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

18
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

310 kB
Transfer

818 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request forwardToFriend.php Show response
citizenscommercial.com/ 6 KB
3 KB 696ms
178ms Document
text/html 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL

https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),

Reverse DNS

vm1.emiboston.com

Software

Apache /

Resource Hash

a2edadeb7d22cc25ffe8775d740e08a2b53d0c111326b150e5ed54b38bb6a450

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2327
Content-Type: text/html; charset=UTF-8
Date: Sat, 06 May 2023 13:09:21 GMT
Referrer-Policy: same-origin
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 42ms
19ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-56465252-3

Requested by

Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e439e7aa48e98fbf1dab257fff634eca5790fc154917234f5b98b39f6f41127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:09:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62667
x-xss-protection: 0
last-modified: Sat, 06 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 May 2023 13:09:21 GMT

GET
H/1.1 200
OK reset.css
citizenscommercial.com/css/ 1 KB
851 B 466ms
158ms Stylesheet
text/css 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenscommercial.com/css/reset.css
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: 7528f50829a150b64bad1c7a5edaba4b1d91b819e034b02fa6b488dba76c131c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:21 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Tue, 18 Mar 2014 15:32:10 GMT
Server: Apache
ETag: "416-4f4e33d4c3280"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 543

GET
H/1.1 200
OK ctz-fonts.css
citizenscommercial.com/css/ 11 KB
2 KB 463ms
155ms Stylesheet
text/css 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenscommercial.com/css/ctz-fonts.css
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: f2e03f93bc43c2aa8c2e6dd50cf40009534c6d9a1267d9db9c7b010a9452ba8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:21 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Tue, 23 Sep 2014 14:39:45 GMT
Server: Apache
ETag: "2b95-503bc89d92e40"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 1575

GET
H/1.1 200
OK single-column_A.css
citizenscommercial.com/shared_templates/css/ 5 KB
2 KB 461ms
154ms Stylesheet
text/css 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenscommercial.com/shared_templates/css/single-column_A.css
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: ed7ef44b72d4795e24e196cf1e5d54f75145d3c08e2bc0dac170217785f70dfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:21 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Thu, 27 Aug 2020 13:54:36 GMT
Server: Apache
ETag: "15c4-5addc46d03a61"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 1640

GET
H/1.1 200
OK simple_form.css
citizenscommercial.com/shared_templates/css/ 364 B
535 B 467ms
159ms Stylesheet
text/css 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenscommercial.com/shared_templates/css/simple_form.css
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: 0ddf6b5da829553091debca2d0eac07acbf88a8690c3a6720f921f0afa22ceb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:21 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Aug 2016 19:12:26 GMT
Server: Apache
ETag: "16c-53b3aa500fa80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 227

GET
H/1.1 200
OK jquery-ui.min.css
citizenscommercial.com/javascript/css/ctzcml2015/ 30 KB
7 KB 464ms
156ms Stylesheet
text/css 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenscommercial.com/javascript/css/ctzcml2015/jquery-ui.min.css
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: b70d4e882b5166332076dbd6e125a07d7e2e897c6431bfc56a522f010af64884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:21 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Tue, 23 Dec 2014 16:53:18 GMT
Server: Apache
ETag: "7610-50ae50304fb80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 7353

GET
H/1.1 200
OK jquery_ui_fixup.css
citizenscommercial.com/shared_templates/css/ 1 KB
700 B 466ms
158ms Stylesheet
text/css 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenscommercial.com/shared_templates/css/jquery_ui_fixup.css
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: df8f7a40d8e5430ba5c7d775d9efd9272d14dff54f3a620a870c812a0d549a6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:21 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Dec 2014 13:58:20 GMT
Server: Apache
ETag: "481-50b8380053700"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 392

GET
H/1.1 200
OK jquery-latest.min.js Show response
citizenscommercial.com/javascript/jquery/ 86 KB
30 KB 933ms
161ms Script
text/javascript 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenscommercial.com/javascript/jquery/jquery-latest.min.js
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:22 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Thu, 13 Jun 2019 18:06:10 GMT
Server: Apache
ETag: "15851-58b386277c880"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 30677

GET
H/1.1 200
OK jquery-ui-latest.custom.min.js Show response
citizenscommercial.com/javascript/jquery/ 200 KB
51 KB 939ms
162ms Script
text/javascript 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenscommercial.com/javascript/jquery/jquery-ui-latest.custom.min.js
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:22 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Tue, 18 Mar 2014 15:32:24 GMT
Server: Apache
ETag: "3210b-4f4e33e21d200"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 51465

GET
H/1.1 200
OK web_forward_to_friend_header.jpg
citizenscommercial.com/shared/images/ 11 KB
11 KB 469ms
161ms Image
image/jpg 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizenscommercial.com/shared/images/web_forward_to_friend_header.jpg

Requested by

Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),

Reverse DNS

vm1.emiboston.com

Software

Apache /

Resource Hash

56f8c167725f48b1a9fa0594d96aa0a6cf6ac7e260c8aacccf7abaf90c999799

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:22 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 26 Sep 2012 20:01:43 GMT
Server: Apache
Etag: 5e70eb6e5befb9fbb90058e658389541
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpg
cache-control: public, max-age=86400
Connection: close
Content-Length: 11208

GET
H/1.1 200
OK dot.gif
citizenscommercial.com/shared/images/ 61 B
591 B 479ms
160ms Image
image/gif 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizenscommercial.com/shared/images/dot.gif

Requested by

Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),

Reverse DNS

vm1.emiboston.com

Software

Apache /

Resource Hash

224ed216064743c6d1bb5106504075bd7bf651464062777af836878d65d04f03

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:23 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Wed, 26 Apr 2023 22:10:15 GMT
Server: Apache
Etag: dfae0d86fbcfc75805410e233c39ead6
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/gif
cache-control: public, max-age=86400
Connection: close
Content-Length: 73

GET
H/1.1 200
OK displayImage.php
citizenscommercial.com/ 45 KB
45 KB 548ms
232ms Image
image/png 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizenscommercial.com/displayImage.php?image=shared/email_screenshots/CTZ2031A.png&width=180
Requested by: Host: citizenscommercial.com
URL: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS: vm1.emiboston.com
Software: Apache /
Resource Hash: 11a773308cafc9fe8bb6b6a4c5b8477dd7d62a1d079ae70027c48f6b03b580dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/forwardToFriend.php?camp=CTZ2031A002&email=ALEXANDRA.CHIRKOVA%40FISGLOBAL.COM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:23 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png
Connection: close

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
72 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HGPHTMTVXM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56465252-3

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66dcaef5e46a8867c8f0f654138ebf037e54e1d49e7828e980a45566fed222d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:09:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73541
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 May 2023 13:09:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56465252-3

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 May 2023 12:35:40 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2022
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 06 May 2023 14:35:40 GMT

GET
H/1.1 200
OK img_12741_0_0_1704073718
citizenscommercial.com/shared_templates/css/ 4 KB
2 KB 504ms
176ms Image
image/svg+xml 63.131.146.186
DATAPIPE-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citizenscommercial.com/shared_templates/css/img_12741_0_0_1704073718

Requested by

Host: citizenscommercial.com
URL: https://citizenscommercial.com/shared_templates/css/single-column_A.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.131.146.186 , United States, ASN22205 (DATAPIPE-SEA, US),

Reverse DNS

vm1.emiboston.com

Software

Apache /

Resource Hash

7c2f94044169a9e0b90ffaca0ff4137671316dff2938c4c4859adaf35779305e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenscommercial.com/shared_templates/css/single-column_A.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:09:23 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Server: Apache
Etag: "12741-svg-0-0-1704073718-1598389675"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public
Connection: close
Content-Length: 1699

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1091272608&t=pageview&_s=1&dl=https%3A%2F%2Fcitizenscommercial.com%2FforwardToFriend.php%3Fcamp%3DCTZ2031A002%26email%3DALEXANDRA.CHIRKOVA%2540FISGLOBAL.COM&ul=en-us&de=UTF-8&dt=Citizens%20Bank%3A%20Forward%20to%20a%20colleague&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=182090800&gjid=1774339651&cid=1204680436.1683378563&tid=UA-56465252-3&_gid=1454572844.1683378563&_r=1&gtm=457e3530&jsscut=1&z=1011535602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 May 2023 13:09:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citizenscommercial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 34ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HGPHTMTVXM&gtm=45je3530&_p=1091272608&cid=1204680436.1683378563&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1683378562&sct=1&seg=0&dl=https%3A%2F%2Fcitizenscommercial.com%2FforwardToFriend.php%3Fcamp%3DCTZ2031A002%26email%3DALEXANDRA.CHIRKOVA%2540FISGLOBAL.COM&dt=Citizens%20Bank%3A%20Forward%20to%20a%20colleague&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGPHTMTVXM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 13:09:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citizenscommercial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| DP_jQuery_1683378562756 object| gaplugins object| gaGlobal object| gaData

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.citizenscommercial.com/	1970-01-20 12:19:30	Name: commercialTrack Value: 47508234-9F88-4764-8E24-C9C61044AD6F
			.citizenscommercial.com/	1970-01-20 11:37:44	Name: _gid Value: GA1.2.1454572844.1683378563
			.citizenscommercial.com/	1970-01-20 11:36:18	Name: _gat_gtag_UA_56465252_3 Value: 1
			.citizenscommercial.com/	1970-01-20 21:12:18	Name: _ga_HGPHTMTVXM Value: GS1.1.1683378562.1.0.1683378562.0.0.0
			.citizenscommercial.com/	1970-01-20 21:12:18	Name: _ga Value: GA1.1.1204680436.1683378563

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citizenscommercial.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:32::36
2a00:1450:4001:810::200e
2a00:1450:4001:830::2008
63.131.146.186
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ddf6b5da829553091debca2d0eac07acbf88a8690c3a6720f921f0afa22ceb9
11a773308cafc9fe8bb6b6a4c5b8477dd7d62a1d079ae70027c48f6b03b580dd
224ed216064743c6d1bb5106504075bd7bf651464062777af836878d65d04f03
56f8c167725f48b1a9fa0594d96aa0a6cf6ac7e260c8aacccf7abaf90c999799
5e439e7aa48e98fbf1dab257fff634eca5790fc154917234f5b98b39f6f41127
66dcaef5e46a8867c8f0f654138ebf037e54e1d49e7828e980a45566fed222d3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7528f50829a150b64bad1c7a5edaba4b1d91b819e034b02fa6b488dba76c131c
7c2f94044169a9e0b90ffaca0ff4137671316dff2938c4c4859adaf35779305e
a2edadeb7d22cc25ffe8775d740e08a2b53d0c111326b150e5ed54b38bb6a450
b70d4e882b5166332076dbd6e125a07d7e2e897c6431bfc56a522f010af64884
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1
df8f7a40d8e5430ba5c7d775d9efd9272d14dff54f3a620a870c812a0d549a6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ed7ef44b72d4795e24e196cf1e5d54f75145d3c08e2bc0dac170217785f70dfe
f2e03f93bc43c2aa8c2e6dd50cf40009534c6d9a1267d9db9c7b010a9452ba8e