indexo.dev

citizensbankbd.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-06 · ok HTTP/1.1 200 1144 ms crawled 2026-05-06

US · 70.40.223.160 · AS46606 Unified Layer

Reputation 100/100

Classifying

HTML metadata

Title
Welcome to Citizens Bank PLC
Description
Welcome to Citizens Bank PLC

Technology

Server
nginx
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • fonts.googleapis.com×2
  • cdnjs.cloudflare.com×1

Social

Contact

Email
Phone

Registration

Registrar
Bluehost Inc.
Created
2021-02-09
Expires
2028-02-09 630 days left
Updated
2026-01-29
Name servers
  • ns1.bluehost.com
  • ns2.bluehost.com

DNS records live

NS
  • ns1.bluehost.com
  • ns2.bluehost.com
MX
  • 5 citizensbankbd-com.mail.protection.outlook.com
TXT
Show 4 TXT records
  • google-site-verification=uMFpbu1PW0fTp1Pjc0ZUJDAi8ywfaEDncO27PTtzKvk
  • 1f/gMlReZnYJXZMJLYzaIKs+6hgbcaDOaP47cC7L+7S2FItzrJS/bw1QlEEuQt3BGD2xcZ+wSdsK24ZpprV96g==
  • globalsign-domain-verification=BCFD0A4E1B42CF15A75AF36410ACACF4
  • MS=ms71942085

Email authentication strong

SPF
v=spf1 mx a ip4:103.169.181.241 ip4:103.169.181.242 ip4:103.172.190.219 include:spf.protection.outlook.com include:email-messaging.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc@citizensbankbd.com; ruf=mailto:dmarc@citizensbankbd.com;
policy: quarantine
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqCJrSyNOXNLYbgwvxjwgJiQmfBl4AS3w6On2pPWtAwKFzDIeEIpSBRDr2Jy7j9pUajmbgAehgVL7O…
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEc1fEG3zLnusU3FFdXiz1IW87zCMBQ5KObhYtZqyG7sGam10tGn60txkcLBTx4Z/+0/5WBFLs2XwL…
selectors probed

Certificate (current)

R13
from 2026-05-02 to 2026-07-31
Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://citizensbankbd.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
permissions-policy
autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(self), gyroscope=(self), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' http://localhost/citizen/ https://citizensbankbd.com/ https://www.citizensbankbd.com/ https://www.google.com/ https://www.youtube.com https://maps.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.7.1/css/bootstrap-datepicker.css https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css ; img-src 'self' data: https://maps.googleapis.com ; font-src 'self' https://cdnjs.cloudflare.com https://fonts.gstatic.com data: application/font-woff; connect-src 'self' https://maps.googleapis.com; object-src 'none'; media-src 'self'; frame-src 'self' http://www.youtube.com https://www.google.com/ https://www.facebook.com/;
strict-transport-security
max-age=31536000; includeSubDomains

Links to (3)

Linked from (1)