swiftapp.zenis.ca
Open in
urlscan Pro
209.44.109.90
Malicious Activity!
Public Scan
URL:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/?73776966746170702e7a656e69732e6361
Submission: On February 21 via automatic, source openphish
Submission: On February 21 via automatic, source openphish
Summary
This website contacted 25 IPs
in 6 countries
across 19 domains to perform 158 HTTP transactions.
The main IP is 209.44.109.90, located in
Montreal, Canada and
belongs to NETELLIGENT, CA.
The main domain is swiftapp.zenis.ca.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 11th 2019. Valid for: 3 months.
This is the only time swiftapp.zenis.ca was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 11th 2019. Valid for: 3 months.
This is the only time swiftapp.zenis.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citibank (Banking)Domain & IP information
80
209.44.109.90
(Montreal, Canada)
ASN10929 (NETELLIGENT, CA)
PTR: server.zenis.ca
ASN10929 (NETELLIGENT, CA)
PTR: server.zenis.ca
| swiftapp.zenis.ca |
7
18.197.253.20
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
| nexus.ensighten.com |
1
35.244.174.68
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| api.rlcdn.com |
1
23.62.118.129
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a23-62-118-129.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-62-118-129.deploy.static.akamaitechnologies.com
| tags.bkrtx.com |
1
3.212.137.125
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-137-125.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-137-125.compute-1.amazonaws.com
| cyseal.cyveillance.com |
2
54.246.153.43
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-153-43.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-153-43.eu-west-1.compute.amazonaws.com
| insight.adsrvr.org |
1
104.103.105.126
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a104-103-105-126.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-103-105-126.deploy.static.akamaitechnologies.com
| c1.rfihub.net |
2
35.241.45.82
(Ascension Island)
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
| udc-neb.kampyle.com |
2
35.190.72.21
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
| sr.rlcdn.com |
1
40.122.110.249
(Des Moines, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| cfr.us.v2.we-stats.com |
1
13.35.255.55
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-35-255-55.fra6.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-35-255-55.fra6.r.cloudfront.net
| js.adsrvr.org |
2
151.101.114.133
(Frankfurt am Main, Germany)
ASN54113 (FASTLY, US)
ASN54113 (FASTLY, US)
| resources.digital-cloud-citi.medallia.com |
2
13.35.253.40
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-40.fra6.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-40.fra6.r.cloudfront.net
| cdn.pbbl.co |
1
23.45.237.36
(United States)
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com
| stags.bluekai.com |
3
2a00:1450:4001:825::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
91.235.134.131
(Netherlands)
ASN30286 (THM, US)
ASN30286 (THM, US)
| 89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net |
1
52.57.76.228
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-76-228.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-76-228.eu-central-1.compute.amazonaws.com
| aa.agkn.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 80 |
zenis.ca
swiftapp.zenis.ca |
3 MB |
| 18 |
google.com
www.google.com cse.google.com |
103 KB |
| 14 |
google.co.za
www.google.co.za |
2 KB |
| 11 |
citi.com
content22.online.citi.com |
47 KB |
| 7 |
ensighten.com
nexus.ensighten.com |
65 KB |
| 4 |
pbbl.co
1 redirects
cdn.pbbl.co px0.pbbl.co |
9 KB |
| 3 |
online-metrix.net
h.online-metrix.net 89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net |
826 B |
| 3 |
googletagmanager.com
www.googletagmanager.com |
84 KB |
| 3 |
kampyle.com
nebula-cdn.kampyle.com udc-neb.kampyle.com |
6 KB |
| 3 |
adsrvr.org
insight.adsrvr.org js.adsrvr.org |
2 KB |
| 3 |
rlcdn.com
api.rlcdn.com sr.rlcdn.com |
62 B |
| 2 |
medallia.com
resources.digital-cloud-citi.medallia.com |
56 KB |
| 2 |
rfihub.com
a.rfihub.com 20766699p.rfihub.com |
686 B |
| 1 |
agkn.com
1 redirects
aa.agkn.com |
396 B |
| 1 |
bluekai.com
stags.bluekai.com |
|
| 1 |
we-stats.com
cfr.us.v2.we-stats.com |
559 B |
| 1 |
rfihub.net
c1.rfihub.net |
7 KB |
| 1 |
cyveillance.com
cyseal.cyveillance.com |
226 B |
| 1 |
bkrtx.com
tags.bkrtx.com |
10 KB |
| 158 | 19 |
| Domain | Requested by | |
|---|---|---|
| 80 | swiftapp.zenis.ca |
swiftapp.zenis.ca
|
| 17 | www.google.com |
swiftapp.zenis.ca
cse.google.com |
| 14 | www.google.co.za |
swiftapp.zenis.ca
|
| 11 | content22.online.citi.com |
swiftapp.zenis.ca
content22.online.citi.com |
| 7 | nexus.ensighten.com |
swiftapp.zenis.ca
|
| 3 | www.googletagmanager.com |
swiftapp.zenis.ca
|
| 2 | px0.pbbl.co | 1 redirects |
| 2 | h.online-metrix.net |
content22.online.citi.com
|
| 2 | cdn.pbbl.co |
nexus.ensighten.com
cdn.pbbl.co |
| 2 | resources.digital-cloud-citi.medallia.com |
nexus.ensighten.com
swiftapp.zenis.ca |
| 2 | sr.rlcdn.com |
swiftapp.zenis.ca
nexus.ensighten.com |
| 2 | udc-neb.kampyle.com |
swiftapp.zenis.ca
|
| 2 | insight.adsrvr.org |
swiftapp.zenis.ca
js.adsrvr.org |
| 1 | aa.agkn.com | 1 redirects |
| 1 | 89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net | |
| 1 | stags.bluekai.com |
tags.bkrtx.com
|
| 1 | js.adsrvr.org |
swiftapp.zenis.ca
|
| 1 | cfr.us.v2.we-stats.com |
swiftapp.zenis.ca
|
| 1 | 20766699p.rfihub.com |
c1.rfihub.net
|
| 1 | a.rfihub.com |
c1.rfihub.net
|
| 1 | nebula-cdn.kampyle.com |
swiftapp.zenis.ca
|
| 1 | c1.rfihub.net |
nexus.ensighten.com
|
| 1 | cyseal.cyveillance.com |
swiftapp.zenis.ca
|
| 1 | cse.google.com |
swiftapp.zenis.ca
|
| 1 | tags.bkrtx.com |
nexus.ensighten.com
|
| 1 | api.rlcdn.com |
swiftapp.zenis.ca
|
| 158 | 26 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| swiftapp.zenis.ca cPanel, Inc. Certification Authority |
2019-12-11 - 2020-03-10 |
3 months | crt.sh |
| nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2019-10-03 - 2020-10-02 |
a year | crt.sh |
| www.google.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
| *.google.co.za GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-24 - 2020-04-23 |
a year | crt.sh |
| *.bkrtx.com DigiCert SHA2 Secure Server CA |
2018-12-03 - 2020-03-03 |
a year | crt.sh |
| *.google.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
| cyseal.cyveillance.com Amazon |
2020-01-05 - 2021-02-05 |
a year | crt.sh |
| *.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
| *.rfihub.net DigiCert SHA2 Secure Server CA |
2019-01-25 - 2020-04-25 |
a year | crt.sh |
| j.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2 |
2020-02-06 - 2020-06-11 |
4 months | crt.sh |
| *.rfihub.com DigiCert SHA2 Secure Server CA |
2019-08-27 - 2020-08-31 |
a year | crt.sh |
| *.kampyle.com RapidSSL RSA CA 2018 |
2020-02-11 - 2022-03-06 |
2 years | crt.sh |
| *.us.v2.we-stats.com COMODO RSA Domain Validation Secure Server CA |
2018-10-11 - 2020-10-10 |
2 years | crt.sh |
| *.digital-cloud-citi.medallia.com SSL.com DV CA |
2018-11-13 - 2020-11-12 |
2 years | crt.sh |
| *.pbbl.co Amazon |
2020-01-01 - 2021-02-01 |
a year | crt.sh |
| content22.online.citi.com DigiCert SHA2 Extended Validation Server CA |
2018-08-06 - 2020-08-06 |
2 years | crt.sh |
| odc-prod-01.oracle.com DigiCert ECC Secure Server CA |
2018-12-10 - 2020-03-10 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
| h.online-metrix.net Thawte TLS RSA CA G1 |
2018-03-22 - 2020-03-21 |
2 years | crt.sh |
| *.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2 |
2019-09-13 - 2021-09-13 |
2 years | crt.sh |
| px0.pbbl.co GTS CA 1D2 |
2019-12-31 - 2020-03-30 |
3 months | crt.sh |
This page contains 19 frames:
Primary Page:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/?73776966746170702e7a656e69732e6361
Frame ID: 0BEB087AC01697C43D36F3EF51FD6D4B
Requests: 127 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/425466.htm
Frame ID: 0417DD36E6292B54528CD21B8385DD2D
Requests: 2 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/a.htm
Frame ID: 883BC1B307A35F4CB44A6090469A0D41
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/HP.htm
Frame ID: 4A83DB5582734E3AD7F6770611034881
Requests: 4 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/a.htm
Frame ID: EBDF5925E4D05FA25A6BB5390D168C98
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/63068.htm
Frame ID: EF60E286C4722F6ED43C4D189032551A
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/activityi.htm
Frame ID: DE3F46129D832818DFC3CF2C96DE43C3
Requests: 1 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=jUSCBOL_Loginpage_Uncookied&td2=undefined&td3=undefined&td4=Non%20Cookied%20Username%20Password%20&td5=https://online.citi.com/US/login.do&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Frame ID: 8E306E0C7B509A5D45094290E7424CB3
Requests: 1 HTTP requests in this frame
Frame:
https://20766699p.rfihub.com/ca.html?rfiidc=1041246334373274551&rfiaid=0d7f81a03a1a45abb54a77a9a6e9e6f7&ver=9&ra=571&rb=648&ca=20766699&_o=17169175&_t=&ssv_cuuid=&ssv_pagename=&pe=https%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F824740c791c0e0adf160b6bbb5c8f027%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&pf=&ra=7893005943064213
Frame ID: 63131B64AE8095D18304325923BAD8D2
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/activityi_data/src6260004.htm
Frame ID: FDA364C4B173F7BBE35833F823C5352B
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/activityi_data/src6260004_data/src6260004.htm
Frame ID: E3249AA208F5C43232258A9660B778DD
Requests: 1 HTTP requests in this frame
Frame:
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 25439F37CF2E35217E4D6A9D1608AE88
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/check.js;CIS3SID=64945DE4D557BBFF5D8DB7070FC5C2D3?org_id=89oebq5k&session_id=580affb0062788a253837de069fcf880e9739e2e259194014933e2574b3fdac7&nonce=1860c909d3a99019&pageid=1&jb=333f262668716d753d4e6b6c7d702668736d354e6b6e7578246271603f4b60726f6567273a303534
Frame ID: 8B9DE2E28FCF62433E6A916C142A2FA2
Requests: 10 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/63068?ret=html&phint=language&phint=product&phint=event&phint=category&phint=page&phint=section1&phint=section2&phint=section3&phint=section4&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_l%3Dhttps%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F824740c791c0e0adf160b6bbb5c8f027%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&phint=__bk_v%3D3.1.3&limit=10&r=97033173
Frame ID: 7C9BE05AAB85B3B7E046B8A340D8632F
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=6B6E534AB5B409E398DB0125C5F9554E?org_id=89oebq5k&session_id=580affb0062788a253837de069fcf880e9739e2e259194014933e2574b3fdac7&nonce=1860c909d3a99019&pageid=1
Frame ID: 43A6635831BF40EB811B2E7042E7E2C5
Requests: 1 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=6B6E534AB5B409E398DB0125C5F9554E?org_id=89oebq5k&session_id=580affb0062788a253837de069fcf880e9739e2e259194014933e2574b3fdac7&nonce=1860c909d3a99019&pageid=1
Frame ID: 3718B0FD243C5825AB974433708657A6
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/top_fp.html;CIS3SID=6B6E534AB5B409E398DB0125C5F9554E?org_id=89oebq5k&session_id=580affb0062788a253837de069fcf880e9739e2e259194014933e2574b3fdac7&nonce=1860c909d3a99019&pageid=1
Frame ID: 8C5CE978FB914C1DA60E79690F3328D8
Requests: 1 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F824740c791c0e0adf160b6bbb5c8f027%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=https://swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/?73776966746170702e7a656e69732e6361&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Frame ID: B4738306FDC5F1C3EAE97D4633E94433
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.pbbl.co/i/pp.html
Frame ID: B45C742A22FE12EA258583B7A385F84B
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Ensighten
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
47 Outgoing links
These are links going to different origins than the main page.
URL: https://online.citi.com/US/login.do?locale=es_US
Title: Español
Title: Español
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/open-a-bank-account
Title: Open an Account
Title: Open an Account
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/citibank-location-finder
Title: ATM / Branch
Title: ATM / Branch
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/login.do
Title: Citi Bank Logo
Title: Citi Bank Logo
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: View All Credit Cards
Title: View All Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=low-interest-credit-card
Title: 0% Intro APR Credit Cards
Title: 0% Intro APR Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=balance-transfer-credit-cards
Title: Balance Transfer Credit Cards
Title: Balance Transfer Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=reward-credit-cards
Title: Rewards Credit Cards
Title: Rewards Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citicards.com/cards/credit/application/flow.action?isInvitation=N&OC=CC-CITI-3D5
Title: See If You're Pre-Qualified
Title: See If You're Pre-Qualified
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=all-small-business-credit-cards&m=f
Title: Small Business Credit Cards
Title: Small Business Credit Cards
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/citi.action?ID=banking-overview
Title: Banking Overview
Title: Banking Overview
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/citi.action?ID=checking-account-overview
Title: Checking
Title: Checking
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/citi.action?ID=savings-account-overview
Title: Savings
Title: Savings
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/citi.action?ID=cd-ira-account-overview
Title: Certificates of Deposit
Title: Certificates of Deposit
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/cd-ira/citi.action?ID=citi-ira
Title: Banking IRAs
Title: Banking IRAs
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/current-interest-rates/checking-saving-accounts
Title: Rates
Title: Rates
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/small-business-banking
Title: Small Business
Title: Small Business
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/personal-loan
Title: Personal Loans & Lines of Credit
Title: Personal Loans & Lines of Credit
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=mortgage_home_mortgage
Title: Mortgage
Title: Mortgage
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=mortgage_heloc
Title: Home Equity
Title: Home Equity
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=FinancialGoals
Title: Your Financial Goals
Title: Your Financial Goals
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=InvestingCiti
Title: Investing with Citi
Title: Investing with Citi
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=InsightsTools
Title: Insights and Tools
Title: Insights and Tools
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®
Title: Citigold®
Search URL Search Domain Scan URL
URL: https://www.facebook.com/citi
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.twitter.com/citi
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.youtube.com/citi
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.citigroup.com/citi/
Title: Our Story
Title: Our Story
Search URL Search Domain Scan URL
URL: https://jobs.citi.com/
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=ServicesOverview
Title: Benefits and Services
Title: Benefits and Services
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=Rewards
Title: Rewards
Title: Rewards
Search URL Search Domain Scan URL
URL: https://citieasydeals.com/
Title: Citi Easy DealsSM
Title: Citi Easy DealsSM
Search URL Search Domain Scan URL
URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM
Title: Citi EntertainmentSM
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=SpecialOffers
Title: Special Offers
Title: Special Offers
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiPriorityOverview
Title: Citi Priority
Title: Citi Priority
Search URL Search Domain Scan URL
URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank
Title: Citi Private Bank
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitiCommercialBanking
Title: Commercial Accounts
Title: Commercial Accounts
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=todays_mortgage_rates&type=buy
Title: Mortgage
Title: Mortgage
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=home_equity_rates
Title: Home Equity
Title: Home Equity
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/current-interest-rates/personal-loans-and-lines-of-credit
Title: Lending
Title: Lending
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/contactus
Title: Contact Us
Title: Contact Us
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/helpcenter/main.do
Title: Help & FAQs
Title: Help & FAQs
Search URL Search Domain Scan URL
URL: https://online.citi.com/JRS/pands/detail.do?ID=SecurityCenter
Title: Security Center
Title: Security Center
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title:
Title:
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.ipbus.citi.com/
Title: International Personal Bank U.S.
Title: International Personal Bank U.S.
Search URL Search Domain Scan URL
URL: http://www.jdpower.com/awards
Title: jdpower.com/awards
Title: jdpower.com/awards
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 155- https://px0.pbbl.co/ns/__p2.gif?ppid=6fe8f092-e925-48d7-98f5-c08449f5fb57&chk=false&brid=1560&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F824740c791c0e0adf160b6bbb5c8f027%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&referrerUrl=&targetUrl=https%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F824740c791c0e0adf160b6bbb5c8f027%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&sessionId=&markerType=seg&rand=Tl28ZBaL4a7zHnpF&iabOptOut=-&jsVer=3.2.1&frVer=1.1&markerId=348192 HTTP 302
- https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=6fe8f092-e925-48d7-98f5-c08449f5fb57&_segid=99&iid=e538d6c6-e94b-4e12-a7d6-fbc3424a5921 HTTP 302
- https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=6fe8f092-e925-48d7-98f5-c08449f5fb57&_segid=99&_zip=&hk=&iid=e538d6c6-e94b-4e12-a7d6-fbc3424a5921&mt=&bd=
158 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/ |
142 KB 142 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
conversion_async.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
73 KB 73 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_002
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
73 KB 73 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
45 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ddl.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
624 KB 624 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jfpm.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main_branding.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
271 KB 272 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
204 KB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Bootstrap.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
200 KB 200 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
target.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
43 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ajax
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
812 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
homePage.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
24 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fp.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
15 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citilive-search-responsive.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
58 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cse_element__en.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
257 KB 257 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
defaulten.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
40 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
default.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
11 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
96 B 349 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
48 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
embed.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_006
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_005
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_003
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_004
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_002
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_013
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_014
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_007
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_008
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_012
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_010
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_011
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a_009
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
463166.gif
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
42 B 282 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bcsid.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
947 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BiocatchATO.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
338 KB 338 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cbol-smartSearch.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
search-white.png
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
429 B 670 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citiHomePage.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
peworkflow.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2019CertifiedMobileApp.png
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oo_engine.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
42 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ddl.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
64 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
33 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citilive-search.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cbol-smartSearch-inject.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
10 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
TMXProfiling.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
siteseal2p.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
685 B 939 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cobrowse_overlay.css
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citilive-search-library.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
179 KB 179 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citilive-search-service.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citi-search-tmpl.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citilive-search-controller.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
110 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
generic1575489016292.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
279 KB 279 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
uidm.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
copy_copy_1551286869362_Feedback.png
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 107 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/959299794/ |
42 B 525 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 167 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/960621875/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/916451471/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/975701947/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/975701947/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/770961656/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/770961656/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/819500023/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/819500023/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/763960929/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/763960929/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/959299794/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/960621875/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/916451471/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/975701947/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/975701947/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/770961656/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/770961656/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/819500023/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/819500023/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/763960929/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.co.za/pagead/1p-user-list/763960929/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
identity
api.rlcdn.com/api/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/citi/na_prod/ |
1 KB 677 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
70b8eff5831bcc37c1deb079a596efec.js
nexus.ensighten.com/citi/na_prod/code/ |
96 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fdf45a7c15c1cee06bb71e10dac4e26e.js
nexus.ensighten.com/citi/na_prod/code/ |
989 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d4ef2cb28df25a03d6ce395df4f7ea59.js
nexus.ensighten.com/citi/na_prod/code/ |
125 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2332b821d4e4d232bc6dcfc3863a9959.js
nexus.ensighten.com/citi/na_prod/code/ |
29 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8637af7c210f4e79436bc39f71b49bfa.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 737 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bk-coretag.js
tags.bkrtx.com/js/ |
27 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
a0018222-6951-4256-9664-8d1bf2666b94
https://swiftapp.zenis.ca/ |
138 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Enterprise-White.png
swiftapp.zenis.ca/GFC/branding/img/ |
191 B 191 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.woff
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/fonts/interstate/ |
5 KB 7 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Bold.woff
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/fonts/interstate/ |
5 KB 7 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Branding-Sprite.png
swiftapp.zenis.ca/GFC/branding/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
appStore_1px.png
swiftapp.zenis.ca/GFC/branding/responsivebranding/img/ |
759 B 759 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
googlePlay_1px.png
swiftapp.zenis.ca/GFC/branding/responsivebranding/img/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow-btn-next-white-sm-bold.svg
swiftapp.zenis.ca/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oo_icon_retina.gif
swiftapp.zenis.ca/GFC/branding/olab/images/ |
4 KB 4 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cse.js
cse.google.com/cse/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cyss.js
cyseal.cyveillance.com/SiteSeal/ |
0 226 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
425466.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ Frame 0417 |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ Frame 883B |
108 B 349 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ Frame 4A83 |
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ Frame EBDF |
108 B 349 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
63068.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ Frame EF60 |
151 B 392 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
activityi.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/ Frame DE3F |
376 B 617 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
up
insight.adsrvr.org/track/ Frame 8E30 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cse_element__de.js
www.google.com/cse/static/element/8b2252448421acb3/ |
257 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default+de.css
www.google.com/cse/static/element/8b2252448421acb3/ |
40 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.css
www.google.com/cse/static/style/look/v3/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Bold.ttf
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/fonts/interstate/ |
5 KB 8 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.ttf
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/fonts/interstate/ |
5 KB 10 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
idr.js
a.rfihub.com/ |
83 B 686 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 321 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1000.gif
sr.rlcdn.com/ Frame 0417 |
0 62 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/HP_data/ Frame 4A83 |
120 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ARF
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/HP_data/ Frame 4A83 |
35 B 250 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
ca.html
20766699p.rfihub.com/ Frame 6313 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cr.png
cfr.us.v2.we-stats.com/api/v1/ |
0 559 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
src6260004.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/activityi_data/ Frame FDA3 |
377 B 618 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
src6260004.htm
swiftapp.zenis.ca/citi/824740c791c0e0adf160b6bbb5c8f027/LogonHandler/citi_files/activityi_data/src6260004_data/ Frame E324 |
265 B 506 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
TMXProfile.jws
swiftapp.zenis.ca/US/REST/ManageTMXProfile/ |
5 KB 9 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1560.js
cdn.pbbl.co/r/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
425466.html
sr.rlcdn.com/ Frame 2543 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js;CIS3SID=64945DE4D557BBFF5D8DB7070FC5C2D3
content22.online.citi.com/fp/ Frame 8B9D |
173 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 8B9D |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 8B9D |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic1575489016292.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
279 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
63068
stags.bluekai.com/site/ Frame 7C9B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ARF;CIS3SID=C709CA22799E54D539694CB9ACE5A510
content22.online.citi.com/fp/ Frame 4A83 |
0 406 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 8B9D |
81 B 533 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ls_fp.html;CIS3SID=6B6E534AB5B409E398DB0125C5F9554E
content22.online.citi.com/fp/ Frame 43A6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 8B9D |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sid_fp.html;CIS3SID=6B6E534AB5B409E398DB0125C5F9554E
h.online-metrix.net/fp/ Frame 3718 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
h.online-metrix.net/fp/ Frame 8B9D |
0 388 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 8B9D |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top_fp.html;CIS3SID=6B6E534AB5B409E398DB0125C5F9554E
content22.online.citi.com/fp/ Frame 8C5C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 8B9D |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net/fp/ Frame 8B9D |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
up
insight.adsrvr.org/track/ Frame B473 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 80 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pp.html
cdn.pbbl.co/i/ Frame B45C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adadvisor.gif
px0.pbbl.co/ Redirect Chain
|
42 B 135 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 8B9D |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citibank (Banking)363 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| $ function| jQuery object| jQuery19104667185000728593 object| respond object| ensBootstraps object| Bootstrapper object| citiData object| _AT function| getSizzleForTarget undefined| mboxCurrent object| google object| td_4v boolean| tmx_profiling_started object| td_3R function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting object| KAMPYLE_EMBED string| isPeOfferSSIServiceFlag string| peOfferServiceThrottleValue string| liveRampUrl_NGA boolean| liveRampFeatureOct18 string| liveRampUrl_CSI_Oct18 string| liveRampUrl_SSI_Oct18 string| liveRampUrl_newApi_Oct18 string| liveRampTimeout_newApi_Oct18 object| liveRampStatus string| idl object| vendorData object| liveRampParseTempArray object| liveRampMessage function| prepareLiveRampUrl function| triggerLiveRamp function| validateLiveRampResponse function| parseLiveRampResponse function| updateLiveRampStatus string| aosDomain boolean| peOfferServiceThrottle function| GooglemKTybQhCsO function| google_trackConversion object| httpStatus string| bcCookieName string| bcsid function| setBCCookie function| getBCCookie function| bk_async object| val object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls object| cdApi function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| domainName string| JFP_CSRF_TOKEN object| OBJ_JFP_CSRF_TOKEN boolean| isCSRFAutomationEnabled function| isValidDomain function| isValidUrl string| topDM object| signonInitialHeight undefined| signonModalHeight boolean| signonBlock function| populateEFDParams function| populateClientData function| doSubmit function| signOnUnamePwdError function| clearFieldErrorValidation function| onSelectUser function| insertAfter function| mask function| focusOn function| blurOn function| doMask function| OpenInNewTab function| displayLable function| launchPopup function| tv function| initMLC function| displayServerName function| isTestDomain function| getCookie function| setCookie function| calLinkCharLength function| truncateOtherAlert function| truncateBrowserAlert function| passTmplObj function| closeAlertBox function| showFullMsg function| hideFullMsg function| truncateMsg function| showAlerts function| hideAlerts function| handleOutageAlert function| handleSignonLink function| adjustHeroHeight function| adjustHeroOnRotation string| test boolean| defaultOffersActive undefined| RFObject undefined| language undefined| isAggregator function| ngaKA string| counter undefined| loginExp undefined| jsonContent undefined| offerPlacements boolean| epTurnedOff object| PRConfig undefined| PRcallback function| reviewsClicked function| prConnection function| setReview_banner function| fetchPRReviews string| isTaggingTransformationSet object| taggingDlArr string| OSResponse string| RFResponse string| CMSStatus object| moduleArr object| contentIdArr object| resPlKeys object| offerlistArr object| rfPlacementsArr boolean| isMobile boolean| RFthrottle string| userType string| GPOLUrl string| acxiomTimeout string| cmsCallTimeout string| CUUIDUpdated boolean| bkEnabled string| bluekaiUrl string| aoUrl string| mktUrl string| updateDmpTimeout string| ecmCampaign object| ecmNames string| loginbkTimeout string| subChannel string| RFUrl string| rfCallTimeout boolean| PEAugustFallback boolean| PESeptFallback string| clientIpAddress string| osUrl string| osTimeout string| osClientId string| osScope string| peOfferSSIFlowCookie boolean| peOctFallback boolean| peNovFallback undefined| callCMSServiceRFDecision string| cmsBannerServiceDomain string| cmsBannerServiceTimeout string| cmsBannerServiceScope string| cmsBannerServiceClientId string| locale_PE boolean| peBluekaiMobileIntgFlag string| metricsCaptureUrl string| metricsCaptureClientId string| metricsCaptureScope string| metricsCaptureTimeout object| clientMetricsStatus object| metricsCaptureArray object| clientMetricsRequestKeys boolean| peClientMetricsFlag boolean| august2018FeaturesSwitch object| defaultContentIdArray object| bannerTrackingJSON undefined| bannerTrackingDefaultOffers boolean| peUrlMaskingFeature object| OSRawResponse object| schshArray object| sourceCodeBrandArr string| clearExp string| expCookieValue undefined| exdate undefined| cookie_value boolean| clearExpCookie string| immediateReferrer boolean| isJavaEnabled string| screenResolution object| peworkflow object| commonUtils function| peintg function| mobileBadgeClick function| desktopBadgeClick object| OOo function| commaSeperatedList function| arraysEqual object| CM function| onYouTubeIframeAPIReady boolean| iOS string| titleAttr function| hasClass function| setSearchBarLabel function| changeViewport function| setPageTimeout function| delayPageTimeout function| resetPageTimeout function| sessionRecovery function| callSessionCheck function| sessionCheckReturn function| beforeYouGo function| getBrandingData function| getFinalURL function| lnk function| isSubappBusy function| confirmGo function| ConfirmGo function| myFunction function| closeActiveFlyoutMenu function| hideSearchBar object| globalNavigation function| gssCallback object| requestURL object| params undefined| element undefined| h1Element undefined| fullSearchURL undefined| newElement function| gsearch2 function| scEventL function| scEvent boolean| flag function| gsearch function| searchComplete function| renderSearchControls object| pageTimer object| delayTimer undefined| branding_sc_p3 string| displayPhrase string| displayPhrase2 undefined| subMenuMargin object| year function| getParameterByName object| ids_menu object| ids_hasdrop object| ids_dropbtn function| mobileDropdown function| mobileSubDropdown function| hideMobileDrop function| getSpanishHref function| showSpanishDisclaimer function| closeSpanishDisclaimer function| redirectToSpanishPage function| getEnglishHref function| redirectToEnglishPage object| __gcse object| $desktopSearchWrap object| $desktopSearchBar object| $desktopSearchBtn object| CitiSearchConfig object| CitiSearch function| NexusPlatformDelegateToCBOL function| NexusPlatformChatEscalationCBOL function| getRequestParams function| nullCheck function| firstCobrowseOverlay function| hideOverlay function| cobrowseOverlay function| showAlert function| requestCobrowse object| dropdownData function| $CitiSearch function| StringBuffer object| Base64 function| Utf8EncodeEnumerator function| Base64DecodeEnumerator function| _ object| Handlebars object| CitiSearchService object| nexusPlatformChatEscalationCBOL function| CitiSearchDelegate object| CitiSmartSearchTmpl object| nexusPlatformDelegateToCBOL object| CitiSearchJSVar string| contentFetchFromDB object| CitiLiveSearchController undefined| CitiFullSearchController function| $autocomplete function| disableAutocomplete function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint function| _focusFirstHeader function| _focusPreviousHeader function| _focusNextHeader function| _rfi object| closure_lm_857348 object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_OnPrem object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP undefined| CCSID undefined| citiLocale boolean| citiNGA undefined| pageID object| _pp function| _trackAnalytics function| ttd_dom_ready function| TTDUniversalPixelApi function| setImmediate function| clearImmediate1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| swiftapp.zenis.ca/ | Name: PHPSESSID Value: 4dac2d8071faad204dcdda59780f7074 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20766699p.rfihub.com
89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net
a.rfihub.com
aa.agkn.com
api.rlcdn.com
c1.rfihub.net
cdn.pbbl.co
cfr.us.v2.we-stats.com
content22.online.citi.com
cse.google.com
cyseal.cyveillance.com
h.online-metrix.net
insight.adsrvr.org
js.adsrvr.org
nebula-cdn.kampyle.com
nexus.ensighten.com
px0.pbbl.co
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
stags.bluekai.com
swiftapp.zenis.ca
tags.bkrtx.com
udc-neb.kampyle.com
www.google.co.za
www.google.com
www.googletagmanager.com
104.103.105.126
13.35.253.40
13.35.255.55
151.101.114.133
151.101.13.175
18.197.253.20
185.31.128.129
209.44.109.90
23.45.237.36
23.62.118.129
2a00:1450:4001:808::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2003
2a00:1450:4001:81b::2013
2a00:1450:4001:825::2008
3.212.137.125
35.190.72.21
35.241.45.82
35.244.174.68
40.122.110.249
52.57.76.228
54.246.153.43
91.235.132.130
91.235.134.131
91.235.134.21
02c39275000c1280f9cde808ebe731ec1924477305678759c1140ecaac49eba0
03c736ca1c90e26743865ed80c9766f84ca237b0dc572fab630737aaef70d171
05c7f72a7a82c646af96bd51f725137f54238f882322254eb7d9e73b0fc4e772
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
06dfb367edf9bbff810def9f75f8695b3ccfbcb2813306609fc6e18fcacfc17e
0af75bf0a08f8bee37ef1b40350d0829ae380da3932c5f8ad71a41dc1f28a707
0b2184cbf465296763bda66941dad327f1e7d420cbc11fe2a6fd34ab8daccd04
10e719e44ca07e4dbfdbc99da5f4c24675bdda70d7de595b2cd81011bbd65370
1183ef02d030d34b4884af4d85dec2632986cd5b4b00b3242ebde1e1413c6b0f
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
2233a44f005e8d416636e52aca33bc7ce726c1ab4d0801865162829d762c6de2
28e5e85471fee105f636b80690e54dc159cb415ff6d05b203b627c0dad9fbc14
32434695bc3e432c4c134b5bb3b21cfec69e84139e12de0b8b60ce8b8f5dccd4
358ad73a43b06e5ae6e349c3733505cdfaeb73ad2957e1d1a0cd0428195363ed
3c765e4a45a7befbfdf86c188a45a0ccde59bec375cffa6a1c3ac0b23818bcde
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3f00323bb3a4bd2a276bec0f27cfa55a94a2b967c3970e68fde57618dff3ddf4
402ece432b1e7e6a825548e86704bc2dd8f438788dcddf928a3c1a96fbddf6fd
407cdd342215e758c95b8f20bb0a70657841dd4b9b3392ce01c5c81ae83dba97
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
40a5db04caf329f1906d74cf80c2c7a01952614cf17a4278b26a1ff04d777d77
41bbcee364ddd5e8643a75105fdb8b468f54fc0d79ab80d149aec6ce1702c64b
429d8af3190c76d5fcb9b1cad2aa6eb555684921323da905d62017fbdbf557c6
4563b749ff47d8681713fc541fcee72ed7ed06f5e5f763481c0e90be8f5de3bd
4f22f81303c13f979fd61b44a6de22d4f9ab055069af36fcc329b085baa1c4dd
506575b752d10714465811aec4dd67a7bfb471fcbc2e9619c1faad68c110759e
5a6a384cd228debc5cfd15f104c9647dde72e4289ebbdd77ec2256337bf24b94
5b259a27a1af6dda263e76aa1a0cf1b10bcbfacfcca35f9f07338d7685095c26
5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724
5d68421abddb7c323e98ad50172ca2774eec318f9b7b6b79656e76a4c1fa2738
6177c6163dc1ad67fb596a94ef3d18a277bfd437dbb3c1a928cd6caacefeff2e
61e114badfc7677a5ed175cf71afd46968ef8262cd4e5ec64ba0c743daae8e11
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
63df17793920dab4d4626b0f84fd3f47afb053335e84231668da9210b366b3a7
64f93991b9aaca349db64f6de9a12126617e6e2162a6712a910ff2fac2005255
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
7227f46d7aa273e800c81f6f23eb6bd337fb862ffe7f26997cc398bf28b637c4
73e33afae543f648d22ab610c48393f8e14466eae3fa7953d83c257dd9b9028a
74ad780b8ccec8bbc0b8e029d86e1629d26655793cbc8cdabf2aa82be6c18b50
766cc064fbabfd3bfff9c2a58c721cf28006076f642211778650f744057a9a1b
771c92ecc9167287111bc793f6392bfb0dc8a51a830b497f7591e6d3493fc1fc
79c91ccf7d19278355675835f3a84bd5a33500334aebc9ada925f5df78eb5d9d
7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7df94817273e6f9eee5a6f0642f4e1c74cf1697c5a7bf23c9f05a247b1197e0a
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d
8736616666814797e2a652ec246d1acc26c14d87dbee6361d2bf191987a0825c
88a75638103dc48db63398e526f5bceba949046341cbb96212ff87dc5cb6f77e
8aea4270fcbd76fb52d97fa2157e53c7aa739704d604e4e3734cd091efc65c6e
8cad2492e705a54e5c4a634509b1d6c836dfb5bd179c2e58063653cc8635d6df
8fd5512f3baa4af65b7a45a938a11a4517e64a5776a7494151df1d0e69080747
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ca28b4e63ab023dfb0d2d6147c8444ab99b1b275a7fb48b935e0d2284d2a0c8
9ce12675ed28c7049875858e0830af29719f3d16004541570c3a85e70f637696
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
9e0872fabbf7ec5d6b540e0a327f55fe3c0bf7bbd221fc38ee0055b8df0bfc00
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
afc6fe62627ab89983bfb4984831d4ec07b2f739642fd08241a7f65364a8265a
b2280597bc18063ac2258d9d8b667a2e48211d73dc8eb311c3a0a08226c9184b
b26b012a661b8a5d50e672f209c9afb8189be7bc63621999dadff862355dd929
b70b6a8bed94f8730bca05be76ab1525a79c23cd8222baccaf0f66b2c45a2f1e
ba6ff7252447ec06180a92362a1198acac31b5ac7d24902e42c6efe0efaf4574
bd4d6c9a3cfc9385ac3a8a257deaa0867014776b53712ce62fdf879853925498
c1b895b3ea0fefb6d7fe538489e0fb1a4ca75c6339fe37fb22da5332e4af1f3b
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
c3e41e09ee86a94c09a52894f10ca6b5750ba384067c2cdc932a891a4bdc1d4b
c4aa5f75b54d39ff9780c3a5622efee6234b1657dd90d1777529e68bd06ad275
ca8f160d753405bb4698ec9e7545bf0b8a7d00162ac152b452542aab75f4ef0a
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d0562b3a8aa3657eaf21ef7afb777d2779724c915c330f668451699511401a71
d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a
db877c5944a3daa8b22e8c48d42fffb8614ad48b2f597c590730833237e8323a
df4ed0f3d83baf9ec71e9bb750822fccbbe66cbc94b7e8dadd4d47c5f42c94e3
e1abcc3f24bfbb15de433889926615c04e63e12165584b396e3764e68584ad8c
e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7
e312ee0e674629523ad89932c22fa521d1eb6426332c4b3f6e263eeb81bbd021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4177658582f5ee80f9bc2befecba76570f0cdd871a9e06ecd2226be01a37653
e5168b3d0c8f929a1b8c4c1b4e4ebac60ee0e1ecfd759aeb4be4c2b15e3fc097
e630ca171fc2c88f3a4c665ef0fe980389abffd548925dd8daf13f5d56e6a936
ebed77e0c92d7876c6329a97771728cc920ce8c3159c14dacd519d1552ee9e71
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2
eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef924309fdd534b691ca405e6ec52e36a9856bb3848e07a9704c68a93259f56d
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470
f6293fa8c399fd492fb1d40068afee4415acd29c573e7b8661d9c49b1aecea95
f6c9f871d8abe12f31281e9bc30db0695d838bf5decf2469ba53119e0cbd1e2d
fb932909daac7eff47f2a458fb47760bfd0924191bcd477f2366dd31e3ee73a4
fc69f4e34cb4440d464ccf97eacb785e48d08fbd1adec0db92df9a473bbe756b