www2.citizensbank.opentext.io
Open in
urlscan Pro
34.120.208.91
Public Scan
URL:
https://www2.citizensbank.opentext.io/
Submission: On December 13 via automatic, source certstream-suspicious — Scanned from DE
Submission: On December 13 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 36 IPs
in 7 countries
across 35 domains to perform 128 HTTP transactions.
The main IP is 34.120.208.91, located in
Kansas City, United States and
belongs to GOOGLE-CLOUD-PLATFORM, US.
The main domain is www2.citizensbank.opentext.io.
TLS certificate: Issued by GTS CA 1D4 on December 12th 2022. Valid for: 3 months.
This is the only time www2.citizensbank.opentext.io was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1D4 on December 12th 2022. Valid for: 3 months.
This is the only time www2.citizensbank.opentext.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
64
34.120.208.91
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.208.120.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.208.120.34.bc.googleusercontent.com
| www2.citizensbank.opentext.io |
5
108.138.17.58
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-58.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-58.fra56.r.cloudfront.net
| nexus.ensighten.com |
7
52.31.124.224
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-124-224.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-124-224.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
52.50.220.58
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-220-58.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-220-58.eu-west-1.compute.amazonaws.com
| citizensbank.demdex.net |
1
13.36.218.177
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
| smetrics.citizensbank.com |
1
54.229.2.60
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-2-60.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-2-60.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
2
3.248.54.74
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-54-74.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-54-74.eu-west-1.compute.amazonaws.com
| citizensbank.tt.omtrdc.net | |
| mboxedge37.tt.omtrdc.net |
3
104.75.88.209
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
| ct.pinterest.com |
1
18.66.63.28
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-63-28.del51.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-63-28.del51.r.cloudfront.net
| t.a3cloud.net |
1
54.235.78.87
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-78-87.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-78-87.compute-1.amazonaws.com
| report.citizen.glassboxdigital.io |
1
35.244.174.68
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
4
142.250.186.166
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
| 8253365.fls.doubleclick.net | |
| 8022851.fls.doubleclick.net |
1
2.23.197.190
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
| x.dlx.addthis.com |
2
142.250.185.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
| cm.g.doubleclick.net |
1
3.122.214.165
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
| ps.eyeota.net |
1
52.17.7.52
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
| sync.crwdcntrl.net |
1
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
2
37.252.171.21
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| ib.adnxs.com |
1
34.98.64.218
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
2
52.206.30.202
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-30-202.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-30-202.compute-1.amazonaws.com
| mid.rkdms.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 64 |
opentext.io
www2.citizensbank.opentext.io |
5 MB |
| 9 |
everesttech.net
9 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1046 sync-tm.everesttech.net — Cisco Umbrella Rank: 572 |
2 KB |
| 8 |
doubleclick.net
3 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 8253365.fls.doubleclick.net — Cisco Umbrella Rank: 198344 8022851.fls.doubleclick.net — Cisco Umbrella Rank: 352368 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 |
3 KB |
| 8 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 206 citizensbank.demdex.net — Cisco Umbrella Rank: 62593 |
11 KB |
| 6 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 412 |
114 KB |
| 5 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2849 |
114 KB |
| 4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47 |
191 KB |
| 3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 373 |
12 KB |
| 3 |
pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 786 |
2 KB |
| 2 |
rkdms.com
1 redirects
mid.rkdms.com — Cisco Umbrella Rank: 1252 |
234 B |
| 2 |
spotxchange.com
1 redirects
sync.search.spotxchange.com — Cisco Umbrella Rank: 592 |
1 KB |
| 2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 218 |
2 KB |
| 2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507 |
1 KB |
| 2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 72 |
601 B |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 113 |
256 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152 |
34 KB |
| 2 |
omtrdc.net
citizensbank.tt.omtrdc.net — Cisco Umbrella Rank: 104966 mboxedge37.tt.omtrdc.net — Cisco Umbrella Rank: 28195 |
1 KB |
| 2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 73 |
55 KB |
| 2 |
pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 705 |
22 KB |
| 2 |
rfihub.com
1 redirects
s.rfihub.com — Cisco Umbrella Rank: 75746 p.rfihub.com — Cisco Umbrella Rank: 713 |
1 KB |
| 1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 882 |
451 B |
| 1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 395 |
273 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 321 |
239 B |
| 1 |
crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 752 |
265 B |
| 1 |
eyeota.net
1 redirects
ps.eyeota.net — Cisco Umbrella Rank: 949 |
418 B |
| 1 |
addthis.com
1 redirects
x.dlx.addthis.com — Cisco Umbrella Rank: 1251 |
175 B |
| 1 |
rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 335 |
98 B |
| 1 |
glassboxdigital.io
report.citizen.glassboxdigital.io — Cisco Umbrella Rank: 61516 |
1 KB |
| 1 |
a3cloud.net
t.a3cloud.net — Cisco Umbrella Rank: 3951 |
|
| 1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 557 |
724 B |
| 1 |
t.co
t.co — Cisco Umbrella Rank: 511 |
377 B |
| 1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678 |
303 B |
| 1 |
citizensbank.com
smetrics.citizensbank.com — Cisco Umbrella Rank: 69282 |
472 B |
| 1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 627 |
15 KB |
| 1 |
glassboxcdn.com
cdn.glassboxcdn.com — Cisco Umbrella Rank: 12081 |
123 KB |
| 128 | 35 |
| Domain | Requested by | |
|---|---|---|
| 64 | www2.citizensbank.opentext.io |
www2.citizensbank.opentext.io
cdn.glassboxcdn.com |
| 8 | sync-tm.everesttech.net | 8 redirects |
| 7 | dpm.demdex.net |
1 redirects
www2.citizensbank.opentext.io
|
| 6 | cdn.cookielaw.org |
nexus.ensighten.com
cdn.cookielaw.org cdn.glassboxcdn.com |
| 5 | nexus.ensighten.com |
www2.citizensbank.opentext.io
nexus.ensighten.com |
| 4 | www.googletagmanager.com |
nexus.ensighten.com
www.googletagmanager.com |
| 3 | bat.bing.com |
nexus.ensighten.com
bat.bing.com |
| 3 | ct.pinterest.com |
cdn.glassboxcdn.com
www2.citizensbank.opentext.io s.pinimg.com |
| 2 | mid.rkdms.com | 1 redirects |
| 2 | sync.search.spotxchange.com | 1 redirects |
| 2 | ib.adnxs.com | 1 redirects |
| 2 | dsum-sec.casalemedia.com | 1 redirects |
| 2 | cm.g.doubleclick.net | 1 redirects |
| 2 | adservice.google.com |
8022851.fls.doubleclick.net
8253365.fls.doubleclick.net |
| 2 | www.facebook.com | |
| 2 | 8022851.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
| 2 | 8253365.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
| 2 | connect.facebook.net |
nexus.ensighten.com
connect.facebook.net |
| 2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 2 | www.youtube.com |
nexus.ensighten.com
www.youtube.com |
| 2 | s.pinimg.com |
nexus.ensighten.com
s.pinimg.com |
| 1 | image2.pubmatic.com | |
| 1 | us-u.openx.net | |
| 1 | pixel.rubiconproject.com | |
| 1 | sync.crwdcntrl.net | |
| 1 | ps.eyeota.net | 1 redirects |
| 1 | p.rfihub.com | 1 redirects |
| 1 | x.dlx.addthis.com | 1 redirects |
| 1 | idsync.rlcdn.com | |
| 1 | report.citizen.glassboxdigital.io |
cdn.glassboxcdn.com
|
| 1 | mboxedge37.tt.omtrdc.net |
cdn.glassboxcdn.com
|
| 1 | t.a3cloud.net |
nexus.ensighten.com
|
| 1 | analytics.twitter.com |
www2.citizensbank.opentext.io
|
| 1 | t.co |
www2.citizensbank.opentext.io
|
| 1 | geolocation.onetrust.com |
cdn.glassboxcdn.com
|
| 1 | citizensbank.tt.omtrdc.net |
cdn.glassboxcdn.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | smetrics.citizensbank.com |
cdn.glassboxcdn.com
|
| 1 | citizensbank.demdex.net |
nexus.ensighten.com
|
| 1 | static.ads-twitter.com |
nexus.ensighten.com
|
| 1 | cdn.glassboxcdn.com |
nexus.ensighten.com
|
| 1 | s.rfihub.com |
www2.citizensbank.opentext.io
|
| 128 | 42 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www2.citizensbank.opentext.io GTS CA 1D4 |
2022-12-12 - 2023-03-12 |
3 months | crt.sh |
| nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-07 - 2023-10-14 |
a year | crt.sh |
| *.rfihub.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
| glassboxcdn.com Cloudflare Inc ECC CA-3 |
2022-04-01 - 2023-04-01 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-11-07 - 2023-01-30 |
3 months | crt.sh |
| ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
| *.pinterest.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-28 - 2023-08-08 |
a year | crt.sh |
| *.google.com GTS CA 1C3 |
2022-11-07 - 2023-01-30 |
3 months | crt.sh |
| cookielaw.org Cloudflare Inc ECC CA-3 |
2022-05-01 - 2023-05-01 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-11-07 - 2023-01-30 |
3 months | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| smetrics.citizensbank.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-24 - 2023-07-25 |
a year | crt.sh |
| *.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-09-01 |
a year | crt.sh |
| onetrust.com Cloudflare Inc ECC CA-3 |
2022-01-12 - 2023-01-12 |
a year | crt.sh |
| t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
| *.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
| *.a3cloud.net Amazon |
2022-04-19 - 2023-05-17 |
a year | crt.sh |
| www.bing.com Microsoft RSA TLS CA 02 |
2022-11-25 - 2023-05-25 |
6 months | crt.sh |
| citizen.glassboxdigital.io Amazon |
2022-10-19 - 2023-11-17 |
a year | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-09-21 - 2022-12-20 |
3 months | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2022-11-07 - 2023-01-30 |
3 months | crt.sh |
| *.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2022-05-01 - 2023-06-02 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://www2.citizensbank.opentext.io/
Frame ID: 7E16A46B97C0222FA6D41B8E7CC5A8E5
Requests: 108 HTTP requests in this frame
Frame:
https://citizensbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 63EDBC3063BCF31ACDC062C5B0180BB8
Requests: 16 HTTP requests in this frame
Frame:
https://ct.pinterest.com/ct.html
Frame ID: 6744FCCAC9FCC13DF89AEF69E718A4E8
Requests: 1 HTTP requests in this frame
Frame:
https://8253365.fls.doubleclick.net/activityi;dc_pre=CK68u-q19fsCFackBgAdkLIC5Q;src=8253365;type=allpgs;cat=allpageu;ord=1;num=4043647995901;gtm=2odbu0;auiddc=1582138412.1670894166;u2=marketing%7Cgeneric%7Chome%7Chomepage%7C%7Cview;u3=https%253A%252F%252Fwww2.citizensbank.opentext.io%252F;~oref=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F
Frame ID: 206A3B2C0493226308AB51D25B41E83C
Requests: 2 HTTP requests in this frame
Frame:
https://8022851.fls.doubleclick.net/activityi;dc_pre=CPP4u-q19fsCFQ_WUQodDAIN1Q;src=8022851;type=sitet0;cat=citiz0;ord=1;num=881964774576;gtm=2odbu0;auiddc=1582138412.1670894166;~oref=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F
Frame ID: EF3668DAAA0D9DA7154AA6FD4ABFF8CD
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Citizens Bank | Personal & Business Banking, Student Loans, & Retirement Back ButtonSearch IconFilter IconDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Ensighten
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //nexus\.ensighten\.com/
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
OneTrust
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
URL: http://specifi.citizensbankonline.com/#/grow/
Title: Online Investing with our Digital Advisor
Title: Online Investing with our Digital Advisor
Search URL Search Domain Scan URL
URL: https://app.carnow.com/inventory?key=E3Fiww4BipbpKj0aDkdjLl3vtaIwi7mtLGdikAJrJnBH7L54
Title: Buy A Car
Title: Buy A Car
Search URL Search Domain Scan URL
URL: https://developer-citizenspay.citizensbank.com/
Title: Developer Portal
Title: Developer Portal
Search URL Search Domain Scan URL
URL: https://jobs.citizensbank.com/?utm_source=CB&utm_medium=&utm_campaign=DotCom_AboutUs_Evergreen&utm_term=&utm_content=Other
Title: Working at Citizens
Title: Working at Citizens
Search URL Search Domain Scan URL
URL: https://investor.citizensbank.com/about-us/newsroom/latest-news/2022.aspx
Title: Newsroom
Title: Newsroom
Search URL Search Domain Scan URL
URL: https://jobs.citizensbank.com/?utm_source=citizensbank.com&utm_medium=referral&utm_campaign=careersite
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://investor.citizensbank.com/about-us/investor-relations.aspx
Title: Investor Relations
Title: Investor Relations
Search URL Search Domain Scan URL
URL: https://www.citizensbankonline.com/efs/efs/index.html#login/trouble
Title: Trouble logging in?
Title: Trouble logging in?
Search URL Search Domain Scan URL
URL: https://www.citizensbankonline.com/efs/efs/index.html#enroll/identify-customer
Title: Enroll Now
Title: Enroll Now
Search URL Search Domain Scan URL
URL: https://studentloans.citizensbank.com/student/Apply
Title: Get Started
Title: Get Started
Search URL Search Domain Scan URL
URL: http://studentaid.ed.gov/
Title: http://studentaid.ed.gov/
Title: http://studentaid.ed.gov/
Search URL Search Domain Scan URL
URL: https://www.citizensbank.com/student-lending/education-refinance-loan.aspx
Title: website
Title: website
Search URL Search Domain Scan URL
URL: https://www.citizensbank.com/learning/refinance-student-loans.aspx
Title: Should I Refinance My Student Loans
Title: Should I Refinance My Student Loans
Search URL Search Domain Scan URL
URL: https://www.citizensbank.com/learning/should-i-refinance-student-loans.aspx
Title: Should I Refinance My Student Loans?
Title: Should I Refinance My Student Loans?
Search URL Search Domain Scan URL
URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information
Title: More information
Search URL Search Domain Scan URL
URL: https://www.onetrust.com/products/cookie-consent/
Search URL Search Domain Scan URL
URL: https://www.citizensbank.com/account-safeguards/privacy.aspx
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1670894165530 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1670894165530
- https://cm.everesttech.net/cm/dd?d_uuid=54207286508720784580784173829175624050 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5fSVgAAAKYI1wN-
- https://8253365.fls.doubleclick.net/activityi;src=8253365;type=allpgs;cat=allpageu;ord=1;num=4043647995901;gtm=2odbu0;auiddc=1582138412.1670894166;u2=marketing%7Cgeneric%7Chome%7Chomepage%7C%7Cview;u3=https%253A%252F%252Fwww2.citizensbank.opentext.io%252F;~oref=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F HTTP 302
- https://8253365.fls.doubleclick.net/activityi;dc_pre=CK68u-q19fsCFackBgAdkLIC5Q;src=8253365;type=allpgs;cat=allpageu;ord=1;num=4043647995901;gtm=2odbu0;auiddc=1582138412.1670894166;u2=marketing%7Cgeneric%7Chome%7Chomepage%7C%7Cview;u3=https%253A%252F%252Fwww2.citizensbank.opentext.io%252F;~oref=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F
- https://8022851.fls.doubleclick.net/activityi;src=8022851;type=sitet0;cat=citiz0;ord=1;num=881964774576;gtm=2odbu0;auiddc=1582138412.1670894166;~oref=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F HTTP 302
- https://8022851.fls.doubleclick.net/activityi;dc_pre=CPP4u-q19fsCFQ_WUQodDAIN1Q;src=8022851;type=sitet0;cat=citiz0;ord=1;num=881964774576;gtm=2odbu0;auiddc=1582138412.1670894166;~oref=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F
- https://x.dlx.addthis.com/e/demdex_sync?na_exid=54207286508720784580784173829175624050&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
- https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022121301160700030763490289
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTQyMDcyODY1MDg3MjA3ODQ1ODA3ODQxNzM4MjkxNzU2MjQwNTA= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBYmnIZD7_iDXifVRk0YHPM&google_cver=1?gdpr=0&gdpr_consent=
- https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
- https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329523412253423
- https://ps.eyeota.net/match?bid=6j5b2cv&uid=54207286508720784580784173829175624050&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVmU1ZnQUFBS1lJMXdOLQ==
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5fSVgAAAKYI1wN-&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5fSVgAAAKYI1wN- HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5fSVgAAAKYI1wN-&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=Y5fSVgAAAKYI1wN- HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY5fSVgAAAKYI1wN-
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5fSVgAAAKYI1wN-
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5fSVgAAAKYI1wN-
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5fSVgAAAKYI1wN-&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5fSVgAAAKYI1wN-&img=1&__user_check__=1&sync_id=b94f57ea-7a83-11ed-8279-1ab52fe70406
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5fSVgAAAKYI1wN-&t=2592000&o=0
- https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=54207286508720784580784173829175624050&_ct=img HTTP 302
- https://mid.rkdms.com/restricted
128 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www2.citizensbank.opentext.io/ |
124 KB 125 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3-row-fixed-layout.css
www2.citizensbank.opentext.io/iwov-resources/fixed-layout/ |
834 B 947 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
www2.citizensbank.opentext.io/assets/CB_resources/styles/ |
923 KB 926 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
globalComponents.css
www2.citizensbank.opentext.io/assets/CB_resources/styles/ |
442 KB 443 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-2.2.0.min.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/vendor/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/vendor/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor-bottom.min.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/vendor/ |
723 KB 725 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor-top.min.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/vendor/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
globalComponents.min.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/ |
140 KB 141 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
svgxuse.min.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
globalComponentsSupport.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/ |
12 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
globalComponentsControl.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
canonical.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/custom/ |
879 B 980 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fonts-thehand.css
www2.citizensbank.opentext.io/assets/CB_resources/styles/ |
764 B 864 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Desktop_Mobile_FilterView.css
www2.citizensbank.opentext.io/assets/CB_resources/styles/ |
535 B 635 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
StudentLending_ProductHeroStyling.css
www2.citizensbank.opentext.io/assets/CB_resources/styles/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
personalization_CreativeID.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/ |
886 B 903 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bootstrap.js
nexus.ensighten.com/citizensbank/staging/ |
244 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
housing.svg
www2.citizensbank.opentext.io/assets/CB_resources/images/cbds-icons/disclosureIcons/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
personalization_disclosure.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
main.min.js
www2.citizensbank.opentext.io/assets/CB_resources/scripts/ |
254 KB 254 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
CitiSans-Roman.woff
www2.citizensbank.opentext.io/assets/CB_resources/fonts/citi-sans/ |
31 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
multicolumn-shell-master.min.css
www2.citizensbank.opentext.io/assets/CB_resources/GlobalComponents/MultiColumn/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
multicolumn-card.min.css
www2.citizensbank.opentext.io/assets/CB_resources/GlobalComponents/MultiColumn/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
alert.min.css
www2.citizensbank.opentext.io/assets/CB_resources/GlobalComponents/Alerts/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
breadcrumbs.min.css
www2.citizensbank.opentext.io/assets/CB_resources/GlobalComponents/Breadcrumbs/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hero-commercial.min.css
www2.citizensbank.opentext.io/assets/CB_resources/GlobalComponents/HeroCommercial/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
forms-component.min.css
www2.citizensbank.opentext.io/assets/CB_resources/GlobalComponents/Form/ |
5 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
temp-forms-component-fix.min.css
www2.citizensbank.opentext.io/assets/CB_resources/GlobalComponents/Form/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
meta
s.rfihub.com/ |
54 B 605 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detector-dom.min.js
cdn.glassboxcdn.com/citizen/com/u/ |
408 KB 123 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cbds-icons-ui.svg
www2.citizensbank.opentext.io/assets/CB_resources/images/cbds-icons/ |
30 KB 30 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cbds-logos-citizens.svg
www2.citizensbank.opentext.io/assets/CB_resources/images/cbds-logos/ |
24 KB 24 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cbds-icons-brand.svg
www2.citizensbank.opentext.io/assets/CB_resources/images/cbds-icons/ |
207 KB 207 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
FiraSans-Regular.woff
www2.citizensbank.opentext.io/assets/CB_resources/fonts/fira-sans/ |
179 KB 179 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
FiraSans-Medium.woff
www2.citizensbank.opentext.io/assets/CB_resources/fonts/fira-sans/ |
182 KB 183 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
StudentHuggingDesktopNonRetina.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/global/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
FiraSans-Heavy.woff
www2.citizensbank.opentext.io/assets/CB_resources/fonts/fira-sans/ |
196 KB 196 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
FiraSans-MediumItalic.woff
www2.citizensbank.opentext.io/assets/CB_resources/fonts/fira-sans/ |
193 KB 193 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
CitiSans-Bold.woff
www2.citizensbank.opentext.io/assets/CB_resources/fonts/citi-sans/ |
31 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
citizens_iconfont.ttf
www2.citizensbank.opentext.io/assets/CB_resources/fonts/ |
33 KB 33 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
TheHand-ExtraBlack.woff2
www2.citizensbank.opentext.io/assets/CB_resources/fonts/the-hand/ |
37 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
FiraSans-Italic.woff
www2.citizensbank.opentext.io/assets/CB_resources/fonts/fira-sans/ |
188 KB 188 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
LoanAgents.xml
www2.citizensbank.opentext.io/assets/CB_resources/XML/ |
1018 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
undefined.json
www2.citizensbank.opentext.io/assets/CB_resources/json/label_lookup/ |
2 B 22 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
RegionValues.json
www2.citizensbank.opentext.io/assets/CB_resources/json/label_lookup/ |
690 B 711 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HU_MortgageRates_DT_NonRet_244x151.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Highlights/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HELOC-HP_Highlight_Unit_NonRetina_DT_244x151.jpg
www2.citizensbank.opentext.io/assets/CB_media/images/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HU_Student_MadeReady_Desktop_280x172.jpg
www2.citizensbank.opentext.io/assets/CB_media/images/edfi/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
CB_COVID19_HU_TAX_Desktop-NonRetina_244x151.jpeg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Highlights/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1331055-COVID-HUB-UPDATE_662x518.jpg
www2.citizensbank.opentext.io/assets/CB_media/images/Learning/coronavirus/ |
260 KB 260 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Goals_CAREs_DT_NonRetina_331x259.jpg
www2.citizensbank.opentext.io/assets/CB_media/images/homepage_goals_carousel/ |
67 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ProtectBusinessFromCoronavirus_334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
myths_debt_consol_334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
BigPurchaseDebt334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
debtsnowball_334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
BullMarketVsBearMarket_643821499_334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
FAHelp334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
MeetingWithFA334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
TakingMattersIntoHerOwnHands334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
MedSchoolLoans334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
GradSchool334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
EasyDIYProjects334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
kitchenremodel_334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
DreamHome334x261.jpg
www2.citizensbank.opentext.io/assets/CB_resources/images/HP%20Refresh%20Goals/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ctz-dotcom-icons.woff
www2.citizensbank.opentext.io/assets/CB_resources/fonts/ |
16 KB 16 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/citizensbank/staging/ |
602 B 907 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ea27785fca46390632ae12cc6772a88a.js
nexus.ensighten.com/citizensbank/staging/code/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
237a3f51bba448d29d2ccee3ee6a8925.js
nexus.ensighten.com/citizensbank/staging/code/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
485f51119d48c67b2914ad23979b63bb.js
nexus.ensighten.com/citizensbank/staging/code/ |
36 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
135 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core.js
s.pinimg.com/ct/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe_api
www.youtube.com/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
135 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e39b3fd7-a0b0-4bb0-a63e-02617ec7e6ea-test.json
cdn.cookielaw.org/consent/e39b3fd7-a0b0-4bb0-a63e-02617ec7e6ea-test/ |
3 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
www-widgetapi.js
www.youtube.com/s/player/72d3c60a/www-widgetapi.vflset/ |
162 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/935344641/ |
43 B 664 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/373333243/ |
43 B 198 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
citizensbank.demdex.net/ Frame 63ED |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.citizensbank.com/ |
48 B 472 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=Y5fSVgAAAKYI1wN-
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
delivery
citizensbank.tt.omtrdc.net/rest/v1/ |
355 B 727 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
66 B 303 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
t.co/1/i/ |
43 B 377 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/1/i/ |
43 B 724 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.17.0/ |
377 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
main.9a94ee76.js
s.pinimg.com/ct/lib/ |
58 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.json
cdn.cookielaw.org/consent/e39b3fd7-a0b0-4bb0-a63e-02617ec7e6ea-test/68e9b986-e157-470a-b90f-78ee41b14df0/ |
18 KB 6 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ |
12 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/v2/ |
47 KB 11 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
ct.pinterest.com/user/ |
533 B 865 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
ct.pinterest.com/v3/ |
35 B 334 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
817 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
1ef29a7b-fbfb-4be7-b72b-824a4547772e
https://www2.citizensbank.opentext.io/ |
75 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
alert.min.js
www2.citizensbank.opentext.io/assets/CB_resources/GlobalComponents/Alerts/ |
675 B 695 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
destination
www.googletagmanager.com/gtag/ |
111 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tag.js
t.a3cloud.net/AM-141554/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
delivery
mboxedge37.tt.omtrdc.net/rest/v1/ |
341 B 719 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/5354D030-6B7D-7C40-4343-58DF132E156A/ |
182 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ct.html
ct.pinterest.com/ Frame 6744 |
565 B 591 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
365868.gif
idsync.rlcdn.com/ Frame 63ED |
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
103 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5317852.js
bat.bing.com/p/action/ |
0 136 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 176 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activityi;dc_pre=CK68u-q19fsCFackBgAdkLIC5Q;src=8253365;type=allpgs;cat=allpageu;ord=1;num=4043647995901;gtm=2odbu0;auiddc=1582138412.1670894166;u2=marketing%7Cgeneric%7Chome%7Chomepage%7C%7Cview;u...
8253365.fls.doubleclick.net/ Frame 206A Redirect Chain
|
522 B 311 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activityi;dc_pre=CPP4u-q19fsCFQ_WUQodDAIN1Q;src=8022851;type=sitet0;cat=citiz0;ord=1;num=881964774576;gtm=2odbu0;auiddc=1582138412.1670894166;~oref=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F
8022851.fls.doubleclick.net/ Frame EF36 Redirect Chain
|
410 B 266 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=134096&dpuuid=2022121301160700030763490289
dpm.demdex.net/ Frame 63ED Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
435349033276053
connect.facebook.net/signals/config/ |
25 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CPP4u-q19fsCFQ_WUQodDAIN1Q;src=8022851;type=sitet0;cat=citiz0;ord=1;num=881964774576;gtm=2odbu0;auiddc=*;~oref=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F
adservice.google.com/ddm/fls/z/ Frame EF36 |
42 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CK68u-q19fsCFackBgAdkLIC5Q;src=8253365;type=allpgs;cat=allpageu;ord=1;num=4043647995901;gtm=2odbu0;auiddc=*;u2=marketing%7Cgeneric%7Chome%7Chomepage%7C%7Cview;u3=https%253A%252F%252Fwww2.cit...
adservice.google.com/ddm/fls/z/ Frame 206A |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEBYmnIZD7_iDXifVRk0YHPM&google_cver=1
dpm.demdex.net/ Frame 63ED Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=1121&dpuuid=5133329523412253423
dpm.demdex.net/ Frame 63ED Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 63ED Redirect Chain
|
42 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tpid=54207286508720784580784173829175624050
sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/ Frame 63ED |
49 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 63ED Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 63ED Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame 63ED Redirect Chain
|
43 B 766 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 63ED Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 63ED Redirect Chain
|
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 63ED Redirect Chain
|
1 B 451 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 63ED Redirect Chain
|
43 B 549 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
b.php
www.facebook.com/fr/ Frame 63ED Redirect Chain
|
43 B 71 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
restricted
mid.rkdms.com/ Frame 63ED Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
243 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange function| $ function| jQuery object| _gsScope object| geolocator object| ccCalcAmountInput object| ccCalcRateInput object| ccCalcPromoRate object| ccCalcPromoLength number| promoRate number| promoLength object| updateAmountButtons object| updateRateButtons object| srLabelContainers function| cleanInputAmount function| cleanInputRate function| checkNewValue function| handleCalcButtonClick function| updateAmountButtonLabels function| updateRateButtonLabels function| addComma function| addDecimal function| calculateSavings function| inputDigitsOnly function| handleAmountChange function| handleRateChange function| DotComAnalytics object| Foundation object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| InfoBubble function| Cookies function| URLPolyfill function| LoaderPolyfill object| System object| SystemJS object| Typeahead object| Handlebars function| moment function| pluralize object| html5 object| Modernizr function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _classCallCheck function| _defineProperties function| _createClass function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| _typeof object| core object| __core-js_shared__ object| global function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| MicroModal function| loadCss object| jQuery19108497987353551353 object| URLarr string| canonicalpath object| ref object| link string| creativeid string| clickurl function| addrf function| rfDecision object| script object| ensBootstraps object| Bootstrapper object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor function| _log object| val number| $val function| $data number| _delay function| StageConsoleLog function| targetPageParams object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| logChange string| Year number| yyyy object| defaultCreativeElement_DS number| jsonTimeout_DS function| swapLeaderboard_DS function| displayElement_DS function| forceLeaderboardDisplay_DS object| CTZ object| Dotcom string| BASE_URL function| publish function| subscribe function| unsubscribe object| _gmMarkers object| _gmOpenMarkers object| jQuery191023471980418202687 function| init function| bind object| CBDL object| _enslog string| mobileLi object| dataLayer function| gtag function| twq function| pintrk function| OptanonWrapper string| sName object| parts string| subdomain string| upperleveldomain function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| today object| currentDate number| sundays number| currentDayNum string| ctzomnitureacct object| s function| DIL number| s_objectID number| s_giq object| OneTrustStub object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableIframeSrcWithIntent function| onYTReady function| onYouTubeIframeAPIReady object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| _cls_config object| _detector object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| google_noFurtherRedirects object| twttr string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| ttMeta object| Optanon object| OneTrust object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt function| fbq function| _fbq object| uetq function| UET function| UET_init function| UET_push object| ueto_98ec5d108251 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| report.citizen.glassboxdigital.io/glassbox/reporting/5354D030-6B7D-7C40-4343-58DF132E156A | Name: _cls_v Value: c5965a8a-34b7-4de5-90e7-ffa9b6e574f2 |
|
| report.citizen.glassboxdigital.io/glassbox/reporting/5354D030-6B7D-7C40-4343-58DF132E156A | Name: _cls_s Value: ca946ccf-00a2-41e3-a7a4-9356f35dbdad:0 |
|
| report.citizen.glassboxdigital.io/glassbox/reporting/5354D030-6B7D-7C40-4343-58DF132E156A | Name: _cls_cfgver Value: 0 |
|
| www2.citizensbank.opentext.io/ | Name: JSESSIONID Value: 8B16CC9DA6F50226CC6D933F3E3C0349 |
|
| www2.citizensbank.opentext.io/ | Name: AS-FCF Value: true |
|
| www2.citizensbank.opentext.io/ | Name: LSDSRequestDetails Value: Time=null&Counter=null&FCF=null&Reason=null&RegionID=null&AkamaiFCF=null& |
|
| www2.citizensbank.opentext.io/ | Name: AkamaiHeader Value: AkamaiHeader=null |
|
| www2.citizensbank.opentext.io/ | Name: AkamaiDC Value: AkamaiDCH=null |
|
| .opentext.io/ | Name: at_check Value: true |
|
| .rfihub.com/ | Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjYxNDIyNTYxMhbiM9QtNsiuyorK9Pd0jDQDAMqEhX0lAAAA |
|
| .rfihub.com/ | Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjYxNDIyNTYxMhbiM9QtNsiuyorK9Pd0jDQDAMqEhX0lAAAA |
|
| .demdex.net/ | Name: demdex Value: 54207286508720784580784173829175624050 |
|
| .youtube.com/ | Name: YSC Value: Abxhy2ZYh5E |
|
| .youtube.com/ | Name: VISITOR_INFO1_LIVE Value: UpAnz7rMTow |
|
| .opentext.io/ | Name: _gcl_au Value: 1.1.1582138412.1670894166 |
|
| .opentext.io/ | Name: _cls_v Value: c5965a8a-34b7-4de5-90e7-ffa9b6e574f2 |
|
| .opentext.io/ | Name: _cls_s Value: ca946ccf-00a2-41e3-a7a4-9356f35dbdad:0 |
|
| .opentext.io/ | Name: AMCVS_4C3B0C3755C3822E7F000101%40AdobeOrg Value: 1 |
|
| .opentext.io/ | Name: mboxEdgeCluster Value: 37 |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y5fSVgAAAKYI1wN- |
|
| .t.co/ | Name: muc_ads Value: 763734de-0756-4e91-98e6-25d1405aaa2b |
|
| www2.citizensbank.opentext.io/ | Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Dec+13+2022+01%3A16%3A06+GMT%2B0000+(GMT)&version=6.17.0&hosts=&landingPath=https%3A%2F%2Fwww2.citizensbank.opentext.io%2F&groups= |
|
| .dpm.demdex.net/ | Name: dpm Value: 54207286508720784580784173829175624050 |
|
| .www2.citizensbank.opentext.io/ | Name: _pin_unauth Value: dWlkPU1XWTBaak0xWmpZdE9XSm1PQzAwTURKakxUaGhPVFl0Tm1abU16QmhNelkxTVRobQ |
|
| .opentext.io/ | Name: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg Value: 359503849%7CMCIDTS%7C19340%7CMCMID%7C54193696906348948770787780328711733013%7CMCAAMLH-1671498966%7C6%7CMCAAMB-1671498966%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1670901366s%7CNONE%7CMCSYNCSOP%7C411-19347%7CMCAID%7CNONE%7CvVersion%7C5.0.1 |
|
| .opentext.io/ | Name: gpv_v51 Value: no%20value |
|
| .opentext.io/ | Name: s_nr Value: 1670894166721-New |
|
| .twitter.com/ | Name: guest_id_marketing Value: v1%3A167089416667009441 |
|
| .twitter.com/ | Name: guest_id_ads Value: v1%3A167089416667009441 |
|
| .twitter.com/ | Name: personalization_id Value: "v1_u3V+ijo8Dyp9bp4T/I2Y5Q==" |
|
| .twitter.com/ | Name: guest_id Value: v1%3A167089416667009441 |
|
| .bing.com/ | Name: MUID Value: 1E5655AE79C267830ACE47D778A966C3 |
|
| .opentext.io/ | Name: s_ppvl Value: https%253A%2F%2Fwww2.citizensbank.opentext.io%2F%2C34%2C34%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP |
|
| .opentext.io/ | Name: s_ppv Value: https%253A%2F%2Fwww2.citizensbank.opentext.io%2F%2C34%2C34%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP |
|
| .opentext.io/ | Name: mbox Value: session#d32066a30e414a1cb59c9d4a881a0bd7#1670896028|PC#d32066a30e414a1cb59c9d4a881a0bd7.37_0#1734138968 |
|
| .opentext.io/ | Name: _uetsid Value: b88171f07a8311ed95f957441dc0d860 |
|
| .opentext.io/ | Name: _uetvid Value: b8818b207a8311edacd54b531a234932 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUn-hGxWVay47kbey_MEf0i-q141YDVJFFI7nNuceASCg2XnqEAp_52aCvjF-Oo |
|
| .opentext.io/ | Name: _fbp Value: fb.1.1670894167514.1349736014 |
|
| report.citizen.glassboxdigital.io/ | Name: AWSALBCORS Value: ZUF3GOQP5xZBAoaSXIxLTdqhLyZrnf05McMGMpX8sHMcwa/Nvm91eeGtk0Qg3D2focjL98dlqdWLrkdtx1MKFvXw3Rz75gEnu0F4w9PJ2zEaTFO0Z9hJbYVOOfpz |
|
| .rfihub.com/ | Name: eud Value: H4sIAAAAAAAA_1vFxGtoZm5gYWkCpMwNTAH9LsJzEAAAAA |
|
| .eyeota.net/ | Name: SERVERID Value: 18108~DM |
|
| .casalemedia.com/ | Name: CMID Value: Y5fSWFX1j3s9k9Vn5U63tgAA |
|
| .casalemedia.com/ | Name: CMPS Value: 1207 |
|
| .casalemedia.com/ | Name: CMPRO Value: 1207 |
|
| .adnxs.com/ | Name: uuid2 Value: 517464441687667215 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2GVHoQ'3M!]tbPl1MwL(!R7qUY'CaB(`XXYWJX1Yt1^6X@Bym059X/<QG=%9sk?bIRwi:w9Ld1Ig!1317Mco/y@Yw#u!:l*UEGu |
|
| .pubmatic.com/ | Name: KRTBCOOKIE_218 Value: 4056-Y5fSVgAAAKYI1wN-&KRTB&22978-Y5fSVgAAAKYI1wN-&KRTB&23194-Y5fSVgAAAKYI1wN-&KRTB&23209-Y5fSVgAAAKYI1wN- |
|
| .pubmatic.com/ | Name: PugT Value: 1670894168 |
|
| .spotxchange.com/ | Name: audience Value: b94f57a7-7a83-11ed-8279-1ab52fe70406 |
|
| .demdex.net/ | Name: dextp Value: 60-1-1670894167294|843-1-1670894167423|771-1-1670894167533|1121-1-1670894167634|30064-1-1670894167735|121998-1-1670894167835|144230-1-1670894167936|144231-1-1670894168037|144232-1-1670894168138|144233-1-1670894168239|144234-1-1670894168340|144235-1-1670894168441|144236-1-1670894168543|144237-1-1670894168644|129099-1-1670894168746 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8022851.fls.doubleclick.net
8253365.fls.doubleclick.net
adservice.google.com
analytics.twitter.com
bat.bing.com
cdn.cookielaw.org
cdn.glassboxcdn.com
citizensbank.demdex.net
citizensbank.tt.omtrdc.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
dsum-sec.casalemedia.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
mboxedge37.tt.omtrdc.net
mid.rkdms.com
nexus.ensighten.com
p.rfihub.com
pixel.rubiconproject.com
ps.eyeota.net
report.citizen.glassboxdigital.io
s.pinimg.com
s.rfihub.com
smetrics.citizensbank.com
static.ads-twitter.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
t.a3cloud.net
t.co
us-u.openx.net
www.facebook.com
www.googletagmanager.com
www.youtube.com
www2.citizensbank.opentext.io
x.dlx.addthis.com
104.244.42.131
104.244.42.133
104.75.88.209
108.138.17.58
13.36.218.177
142.250.185.130
142.250.186.166
146.75.120.157
151.101.194.49
18.66.63.28
185.64.190.80
185.80.39.216
185.94.180.125
193.0.160.128
193.0.160.129
2.23.197.190
2606:4700::6810:9440
2606:4700::6812:1a55
2606:4700::6812:e16
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:8d::84
3.122.214.165
3.248.54.74
34.120.208.91
34.98.64.218
35.244.174.68
37.252.171.21
52.17.7.52
52.206.30.202
52.31.124.224
52.50.220.58
54.229.2.60
54.235.78.87
69.173.144.165
064cb55caa1a946d1947fb372df7f26a0a2739790402f56d75474d056314b4d5
07352afe615853365d56730f623437fc3dabf3a61f6a3384cd76179217ed8306
07d3748022a4ce3bce3b8020aef6f79f0cdb48a4a5efc138e09a34e5ecd2d78d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d7d039dabbbff277a71a11b336a1ba58e500cd85a5f8d86beb660d75f5a1e67
0dda91d0d5dcd5d2a8d976c83c1b33529ae297b24810272f3d7e1ad3cad86bce
115140b52b363c81371d85d82b1c82fce1147c558be926a3c22a566c77e34bef
138d7aeb813e9f9e5551404e41d441d34f868d75e3b83233f6213504a82f5ff8
156aeaeb604d98f491866f9c231184c182920cce277fd27077a6ce0af9e02d70
17c1bd5aceb608406f0c153608ae581eeb5c90b181344b18273d2c9fbb987852
17d4daac5106abf9220261a9967d54fd3c17dfa9a7cdb88a8d486aaf5dfb75cf
1c4810825fb4e93ef7eadfba276b6b45f07fac2595e4dffa75dc1889bd662106
1cae4b0123ad0422870284092089495615bcbb59d1717e745c0ac0f91b86c833
1ce962a6dbfc3cc5492f24b341d39376e93fc984f9e6660bfb791d19ca24608f
216ac1fa75b1bdb375a2db52cfc4e3a0882341a8eed7b45658d255fbf4041d27
22ea77b6dcd200e8fe29e940ba184e92e63b99cf70ec3d2c2ed10f1d51c0dc44
231e4ebf5f854e38cac1b17bcf4de7b6dfda7acea2687687ac63973308f81638
23570e32185c09938ad62ff0e25b27ebc325f588620918b32684e308cccde9e6
248464c95df38b3ba7ec186fc5e6fc6ba17db67598fa2c48cbf478cb1cb37d9f
278ba15e4ceef666456fd9f9e791231f3980aada4b0edd92d796022f7df9a4c4
28c606ca7d39a8d8a87ae9a3b2465c1df8c8c1dddb2b65cf2f150bc501182ce3
29a8422adbed342aa7b9189d33f721ac8678a114476069e98b52a578a6cecf77
2f009f707d3e559de847585b6ad9baeb694227283b30ccff3ec1ba1ea4eeb883
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30ebafc5a5c9c2ec9d98ef61a563c2b96146fbdf1c60600ef2c858e0c7881b6a
30f29ecb6a1262be27c315f0eb572b2768bd7f3d02cc26e11bd6435325d11ebd
313c8b12176d8901fa49d04b80045550757c0ae97e97329390486bc87d2a3023
31811aa55482599b5a6ed003eae33eb7fcbb8e459d935bfd419bbab53521428c
320854180cd90832352193e2e9a2eaf5f8b895dc67a33ea3176d191a709cc968
33f5755628dd25f3c98051a5511a5c4bcd5e9f779b7f793dbcc66384517ae6fa
36741767dacabdef97c19d8b3610b10af3155c9b2e1fcaf606e76640d0a586f5
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39bcaa01c5b0cd63662b798f5b8104c90c543e65947ea84f43483127b67264f6
3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6
4149205dcc96949b88cc65a609da539ab1f7c41b1da424945b86f0e561c7564c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45434fc4c25d540cb38b8f9d0c5a0cd90d33c542808eb1e9afa0dbdbe0f6a030
45fa3d2cecf380855cd18dd3bdc99c0a76f1057163a515c23b8bc7f3b7500c8b
4775f14b1cb9757d8f14d50d241b67bece80631ee3516d48a398f33627ae3ad6
495cde841925bff94d37a9233db08a0acaaa8c91b0c0d27d71d550dc33eee9d8
4985711ee0cbd1c18ecea7dbe64a81a53bf0f4ba4752ab0a48e2eb6b2c03d18c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7ed97e01b1c46d9c320210549b98699006ae9c1ac4433e04d376acee92edc6
4ca01e63180f8e8f80457feb8c6b9044e34fd8100948803b430c5a387c3a2931
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7c91948fce01db2b6a24d2936d68546d566e7c5595fb3b7aa9d2afa24084ea
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a0a0fcca41a8894006516e6269375f75121e565c2322b287209c40107d5157
5682d3aca3ab2c00829d68f8a1bc323d9df431947ef8fddbc6429a6760281dce
56ada742cd5b3b65e44b8c31154709a6789c12a91e97ba6ffb6140da4f0de842
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
59ae73d738e0094af29c425335573bc2e0ede5eba93d2040f6bd529136a27939
59cd18fc2ac7981bdab96d856938d0ee743272a24c4135c0d8c2deec3913bd14
5e05e8b9fb668807167e06a432a00cdc92bff71518f38aa6ea482a64b1b7ac76
5ee4973232b036b54b12153243e7eb6a263fb7bc43d585149002327ad7e7483b
61a46fc275cfb33e10af6d1d1abbc699df5338bc43ae7a195a3e6450e14d2b60
6518ce023e07aa4e0f8c3062e48966b6548924d35388908e6b9abe389c72fa3e
699f717c15ad8b4d1c474e60744929f9f9ab4dd4a50e8bf7699f048870bd3502
6c57d623765cc786ea7536d7615da6635e8f55774a0656d47e904c65929fab29
712a44c0b3c0b8a783cd41fcf425871cfe11109a6d9c0915d8dc1047e27783ca
712d764046bbcaae7b93ad4bc8adaf8536a1d0ecec35d046abe05d9d5738af2e
74b56498f8c815d221489b3ca73714b643986f0aa02bcc1d6b3ca91c43e6e8f0
77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e27c7a98abcf3b4289423adda55d73ad802a37d73c76de7cdb539c37588505c
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
9073bdec3d846bbc13560d4e68e3ae68fb30d7a198ead7e60037929cbe4ff225
9e3df4dd05159dde37f93eaeaecec2751aee44a31a514d0326ba7f14deea4d99
a26d11136d54c6bd1b2c508f64ea1341834064c34ec5d4dbe98c48bf09a526b0
a691f9c9829668643b5d71008263c65b4019f692512c3a5ce44a58a3aa3626e0
a6d0b6ec769def7a0d9883973225996c3bb6e14d490adaf93d06c0c87791b286
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afbf15d128ca73d16c73780b849a155ced55ab2cb8719657e08d2ac8e92bfae1
b11eda16fa2fd1e1229a930850af714a38f8e40db49d545f0a35f759a15203f6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b472b83e2c69813abdceedb00934c6a1216bff241069a2c5e3133a0b257c980e
baddeb71b6719fd993787f5ba931c30356f6cea8fbe122c794d47bb96af40f49
bb64b60cb2e83920e11d8a13bdec3b9928a95efa316f7e29aa38f3bc414a789a
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c26ccb878d17d37eb8e0836be9484c8e6d2ceb5ae0da2144a57e24bdb5b809a1
c283894ae6e944e2cbb937c5db5e3fdc2c1e812ada7f5cdc43e66ee105ab52a1
c4e767a992718924543257a794ce392dc7fff95975c12dbd40120bfc56b95334
c6419ab41b8a500a2f9d2be62e8ba699a4b1bbe4ea199dccf2a18dffd65278f4
c806892557c78a5e52d512ff3597e40c133123348b396a0589831d96c49932d0
c9ae9bbd16e40370095ee9c4a9386fec05cdcdb6ce1ccc276216c45c7aa57b70
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d14e0b6637a5939599eada570fc07e038efb63da3bcdab06816ffe60ae848126
d3260620afbab1dc7d5455e0a7860eb5f3cede013786d6af7ea973cd0f111b2c
d6c0dae651b24f78b8976cec3b6f202488cb545162743dd278a1bca64c9db945
da333021f20a94c1a39190aef19554fd93dbfffe7af91ada87b2facfc8adb7e7
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de8ce9eac56638792ef06de2598c34f1919bcd3a75bc54eb073da43a8d1ffa2a
e045cc8ca8efc532e10c21cb92ea600fcf33a6dd7d6fbf30d21e20c6ce7c81e5
e27905d4b4646d3e88e03569e063df7b8f5ce648c04196dea6a02424350c2406
e28c16ff1263e138831689f2cf336d205a700a8649eb3a484b4a0ae48c91be4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e5acec088796e9ec9a7f240114c95fc26f5256aa913cb418f0b7ce718437cf
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8c5c145d0cf678473e992063b6d189dd9ee857423f4daa1aef7432710bbe62f
e937825e75b713d33a96f51418baa447e7794693d8e28e5a2b13899aa436b85b
ea94284859eac2d131ce50f6936fb662b8d43020649f55dd5babea6c5091abb6
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f424919647a665eebd5f5f6fb13f022b46f8542365f2892d6e5cf9318574379b
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fdb05962bd34ec5f6c28d7ac03e84b9de8baa1de72baed36d1da500c6f462d1f
ffa5411ea2144b7700c4c6521bb8756e3d7d9ac5986c8addd33a15f091bdbaee