![](/screenshots/2e5ed0a2-27cf-4866-971a-5a7e99fdfe70.png)
www.citizensbank.com
Open in
urlscan Pro
23.79.128.219
Public Scan
Effective URL: https://www.citizensbank.com/promo/refi-dm.aspx?WT.mc_id=DM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com&WT.tsrc=DM-EPIC
Submission Tags: falconsandbox
Submission: On March 22 via api from US
Summary
TLS certificate: Issued by DigiCert EV RSA CA G2 on October 7th 2020. Valid for: a year.
This is the only time www.citizensbank.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-128-219.deploy.static.akamaitechnologies.com
www.citizensbank.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
dpm.demdex.net | |
citizensbank.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
smetrics.citizensbank.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-153-194.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-112-135.compute-1.amazonaws.com
vid1005.d41.co |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-251-137.eu-west-1.compute.amazonaws.com
citizensbank.tt.omtrdc.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com
x.dlx.addthis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net
accdn.lpsnmedia.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-65.dus51.r.cloudfront.net
t.a3cloud.net |
ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
8253365.fls.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com | |
ib.adnxs.com |
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-80.deploy.static.akamaitechnologies.com
amplify.outbrain.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-231-237.compute-1.amazonaws.com
report.citizen.glassboxdigital.io |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com |
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com |
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net |
ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net
lpcdn.lpsnmedia.net |
ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net |
Domain | Requested by | |
---|---|---|
31 | www.citizensbank.com |
www.citizensbank.com
cdn.glassboxcdn.com |
13 | www.googletagmanager.com |
nexus.ensighten.com
www.googletagmanager.com |
11 | www.google.de |
www.citizensbank.com
|
11 | www.google.com |
www.citizensbank.com
|
11 | googleads.g.doubleclick.net |
www.googleadservices.com
|
10 | nexus.ensighten.com |
www.citizensbank.com
nexus.ensighten.com |
9 | dpm.demdex.net |
1 redirects
www.citizensbank.com
|
8 | sync-tm.everesttech.net | 8 redirects |
3 | va.v.liveperson.net |
lptag.liveperson.net
|
3 | report.citizen.glassboxdigital.io |
cdn.glassboxcdn.com
|
3 | accdn.lpsnmedia.net |
lptag.liveperson.net
lpcdn.lpsnmedia.net |
3 | cm.g.doubleclick.net | 2 redirects |
3 | www.facebook.com |
www.citizensbank.com
|
3 | connect.facebook.net |
nexus.ensighten.com
connect.facebook.net |
3 | nebula-cdn.kampyle.com |
nexus.ensighten.com
nebula-cdn.kampyle.com |
3 | citizensbank.demdex.net |
1 redirects
www.citizensbank.com
nexus.ensighten.com |
2 | va.idp.liveperson.net |
lptag.liveperson.net
va.idp.liveperson.net |
2 | lpcdn.lpsnmedia.net |
lptag.liveperson.net
|
2 | sync.search.spotxchange.com | 1 redirects |
2 | us-u.openx.net | 1 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | tr.outbrain.com |
amplify.outbrain.com
|
2 | px.ads.linkedin.com | 1 redirects |
2 | secure.adnxs.com | 1 redirects |
2 | 8253365.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | sync.crwdcntrl.net | 2 redirects |
2 | www.googleadservices.com |
www.googletagmanager.com
nexus.ensighten.com |
2 | idsync.rlcdn.com | 2 redirects |
2 | lptag.liveperson.net |
nexus.ensighten.com
|
2 | www.gstatic.com |
nexus.ensighten.com
www.gstatic.com |
2 | s.pinimg.com |
nexus.ensighten.com
s.pinimg.com |
2 | smetrics.citizensbank.com |
nexus.ensighten.com
www.citizensbank.com |
1 | mid.rkdms.com | |
1 | image2.pubmatic.com | |
1 | ib.adnxs.com | |
1 | adservice.google.com |
8253365.fls.doubleclick.net
|
1 | udc-neb.kampyle.com | |
1 | pixel.rubiconproject.com | |
1 | www.linkedin.com | 1 redirects |
1 | amplify.outbrain.com |
nexus.ensighten.com
|
1 | snap.licdn.com |
nexus.ensighten.com
|
1 | cdn.glassboxcdn.com |
nexus.ensighten.com
|
1 | t.a3cloud.net |
nexus.ensighten.com
|
1 | ps.eyeota.net | 1 redirects |
1 | analytics.twitter.com |
platform.twitter.com
|
1 | p.rfihub.com | 1 redirects |
1 | t.co |
www.citizensbank.com
|
1 | x.dlx.addthis.com | 1 redirects |
1 | citizensbank.tt.omtrdc.net |
nexus.ensighten.com
|
1 | vid1005.d41.co |
nexus.ensighten.com
|
1 | cdn-0.d41.co |
nexus.ensighten.com
|
1 | static.ads-twitter.com |
www.citizensbank.com
|
1 | platform.twitter.com | 1 redirects |
1 | cm.everesttech.net | 1 redirects |
1 | www.reficitizens.com | 1 redirects |
1 | reficitizens.com | 1 redirects |
0 | api5039.d41.co Failed |
cdn-0.d41.co
|
155 | 57 |
This site contains links to these domains. Also see Links.
Domain |
---|
www4.citizensbankonline.com |
www.citizensstudentloans.com |
studentloans.citizensbank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.citizensbank.com DigiCert EV RSA CA G2 |
2020-10-07 - 2021-11-06 |
a year | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
smetrics.citizensbank.com DigiCert SHA2 High Assurance Server CA |
2020-04-19 - 2021-07-22 |
a year | crt.sh |
*.pinterest.com DigiCert SHA2 High Assurance Server CA |
2020-07-16 - 2021-08-04 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
*.d41.co DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-18 - 2022-03-21 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
j.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2 |
2020-10-01 - 2021-11-02 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2020-05-30 - 2022-05-30 |
2 years | crt.sh |
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA |
2020-11-02 - 2021-11-09 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
t.co DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA |
2021-02-21 - 2022-02-21 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.a3cloud.net Amazon |
2020-05-15 - 2021-06-15 |
a year | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2021-03-05 - 2022-02-19 |
a year | crt.sh |
glassboxcdn.com Cloudflare Inc ECC CA-3 |
2020-06-01 - 2021-06-01 |
a year | crt.sh |
*.googleadservices.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
*.outbrain.com DigiCert SHA2 Secure Server CA |
2020-03-09 - 2021-06-08 |
a year | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2021-01-06 - 2021-07-05 |
6 months | crt.sh |
citizen.glassboxdigital.io Amazon |
2020-12-19 - 2022-01-17 |
a year | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-18 - 2022-01-18 |
a year | crt.sh |
*.kampyle.com RapidSSL RSA CA 2018 |
2020-02-11 - 2022-03-06 |
2 years | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2020-03-02 - 2021-04-01 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2020-12-07 - 2021-12-14 |
a year | crt.sh |
*.search.spotxchange.com GeoTrust RSA CA 2018 |
2019-03-20 - 2021-04-21 |
2 years | crt.sh |
*.rkdms.com Entrust Certification Authority - L1K |
2020-10-08 - 2021-10-30 |
a year | crt.sh |
*.idp.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2020-07-09 - 2022-07-09 |
2 years | crt.sh |
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2020-04-13 - 2022-04-13 |
2 years | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.citizensbank.com/promo/refi-dm.aspx?WT.mc_id=DM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com&WT.tsrc=DM-EPIC
Frame ID: 4646916218AE39577B1EB1E72E05467B
Requests: 135 HTTP requests in this frame
Frame:
https://citizensbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 967277ABA290FEAC02189A57A38F2FE7
Requests: 16 HTTP requests in this frame
Frame:
https://8253365.fls.doubleclick.net/activityi;dc_pre=CJv85I6mw-8CFVM-GwodYDIFuA;src=8253365;type=allpgs;cat=allpageu;ord=1;num=9059221248103;gtm=2od3a0;auiddc=2041106448.1616395403;u2=https%253A%252F%252Fwww.citizensbank.com%252Fpromo%252Frefi-dm.aspx;u3=https%253A%252F%252Fwww.citizensbank.com%252Fpromo%252Frefi-dm.aspx;~oref=https%3A%2F%2Fwww.citizensbank.com%2Fpromo%2Frefi-dm.aspx%3FWT.mc_id%3DDM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%26WT.tsrc%3DDM-EPIC
Frame ID: 17B9BB5DB2607BC33F3CE1FB42C3E0BA
Requests: 2 HTTP requests in this frame
Frame:
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fwww.citizensbank.com&site=83789770&env=prod&isCrossDomain=true
Frame ID: F598A961461BAD5478D3EA691AEB0589
Requests: 2 HTTP requests in this frame
Frame:
https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1616395405544&loc=https%3A%2F%2Fwww.citizensbank.com
Frame ID: 3CF55B617E929112F9D36D28A876190D
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/2e5ed0a2-27cf-4866-971a-5a7e99fdfe70.png)
Page URL History Show full URLs
-
http://reficitizens.com/
HTTP 301
https://www.reficitizens.com/ HTTP 301
https://www.citizensbank.com/promo/refi-dm.aspx?WT.mc_id=DM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com&WT.ts... Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
![](/vendor/wappa/icons/LivePerson.png)
Detected patterns
- script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
Detected patterns
- script /adnxs\.(?:net|com)/i
![](/vendor/wappa/icons/ensighten.png)
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Log In
Search URL Search Domain Scan URL
Title: Calculate My Rate
Search URL Search Domain Scan URL
Title: Rate and Repayment Examples
Search URL Search Domain Scan URL
Title: Apply Now
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://reficitizens.com/
HTTP 301
https://www.reficitizens.com/ HTTP 301
https://www.citizensbank.com/promo/refi-dm.aspx?WT.mc_id=DM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com&WT.tsrc=DM-EPIC Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1616395402422 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4C3B0C3755C3822E7F000101%40AdobeOrg&d_nsid=0&ts=1616395402422
- https://citizensbank.demdex.net/event?d_nsid=0&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=CZAAMCallback HTTP 302
- https://citizensbank.demdex.net/firstevent?d_nsid=0&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=CZAAMCallback
- https://cm.everesttech.net/cm/dd?d_uuid=88347204950197699381551880157661097117 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFg8igAAAMahxw_u
- https://platform.twitter.com/oct.js HTTP 301
- https://static.ads-twitter.com/oct.js
- https://idsync.rlcdn.com/365868.gif?partner_uid=88347204950197699381551880157661097117 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODgzNDcyMDQ5NTAxOTc2OTkzODE1NTE4ODAxNTc2NjEwOTcxMTcQABoNCIr54IIGEgUI6AcQAEIASgA HTTP 307
- https://dpm.demdex.net/ibs:dpid=477&dpuuid=818d3a4701eecc704e0d951a7bc642d19e1ed7478d1007bcb36f75fbc1cf3ba4b0da87c991749652
- https://x.dlx.addthis.com/e/demdex_sync?na_exid=88347204950197699381551880157661097117&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
- https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2021032206432300031768984029
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODgzNDcyMDQ5NTAxOTc2OTkzODE1NTE4ODAxNTc2NjEwOTcxMTc= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODgzNDcyMDQ5NTAxOTc2OTkzODE1NTE4ODAxNTc2NjEwOTcxMTc=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPeLgiG5wTBcexSF0WXOYBc&google_cver=1?gdpr=0&gdpr_consent=
- https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
- https://dpm.demdex.net/ibs:dpid=1121&dpuuid=875739025333698246
- https://ps.eyeota.net/match?bid=6j5b2cv&uid=88347204950197699381551880157661097117&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
- https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=88347204950197699381551880157661097117?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=88347204950197699381551880157661097117?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a24596ccf30e78b4ee4bbac2b37c2a0b
- https://8253365.fls.doubleclick.net/activityi;src=8253365;type=allpgs;cat=allpageu;ord=1;num=9059221248103;gtm=2od3a0;auiddc=2041106448.1616395403;u2=https%253A%252F%252Fwww.citizensbank.com%252Fpromo%252Frefi-dm.aspx;u3=https%253A%252F%252Fwww.citizensbank.com%252Fpromo%252Frefi-dm.aspx;~oref=https%3A%2F%2Fwww.citizensbank.com%2Fpromo%2Frefi-dm.aspx%3FWT.mc_id%3DDM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%26WT.tsrc%3DDM-EPIC HTTP 302
- https://8253365.fls.doubleclick.net/activityi;dc_pre=CJv85I6mw-8CFVM-GwodYDIFuA;src=8253365;type=allpgs;cat=allpageu;ord=1;num=9059221248103;gtm=2od3a0;auiddc=2041106448.1616395403;u2=https%253A%252F%252Fwww.citizensbank.com%252Fpromo%252Frefi-dm.aspx;u3=https%253A%252F%252Fwww.citizensbank.com%252Fpromo%252Frefi-dm.aspx;~oref=https%3A%2F%2Fwww.citizensbank.com%2Fpromo%2Frefi-dm.aspx%3FWT.mc_id%3DDM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%26WT.tsrc%3DDM-EPIC
- https://secure.adnxs.com/seg?add=10100&redir=&t=1 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D10100%26redir%3D%26t%3D1
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZnOGlnQUFBTWFoeHdfdQ==
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=583769&time=1616395403574&url=https%3A%2F%2Fwww.citizensbank.com%2Fpromo%2Frefi-dm.aspx%3FWT.mc_id%3DDM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%26WT.tsrc%3DDM-EPIC HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D583769%26time%3D1616395403574%26url%3Dhttps%253A%252F%252Fwww.citizensbank.com%252Fpromo%252Frefi-dm.aspx%253FWT.mc_id%253DDM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%2526WT.tsrc%253DDM-EPIC%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=583769&time=1616395403574&url=https%3A%2F%2Fwww.citizensbank.com%2Fpromo%2Frefi-dm.aspx%3FWT.mc_id%3DDM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%26WT.tsrc%3DDM-EPIC&liSync=true
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFg8igAAAMahxw_u&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFg8igAAAMahxw_u HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFg8igAAAMahxw_u&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=YFg8igAAAMahxw_u
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFg8igAAAMahxw_u HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YFg8igAAAMahxw_u
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFg8igAAAMahxw_u
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFg8igAAAMahxw_u&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFg8igAAAMahxw_u&img=1&__user_check__=1&sync_id=e681619f-8ad9-11eb-9266-12b1ce323a06
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFg8igAAAMahxw_u&t=2592000&o=0
155 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() www.citizensbank.com/promo/ Redirect Chain
|
28 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Full-width-fixed-layout.css
www.citizensbank.com/iwov-resources/fixed-layout/ |
68 KB 12 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.citizensbank.com/assets/CB_resources/styles/ |
919 KB 176 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalComponents.css
www.citizensbank.com/assets/CB_resources/styles/ |
416 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.0.min.js
www.citizensbank.com/assets/CB_resources/scripts/vendor/ |
84 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
www.citizensbank.com/assets/CB_resources/scripts/vendor/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-bottom.min.js
www.citizensbank.com/assets/CB_resources/scripts/vendor/ |
720 KB 186 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-top.min.js
www.citizensbank.com/assets/CB_resources/scripts/vendor/ |
20 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalComponents.min.js
www.citizensbank.com/assets/CB_resources/scripts/ |
130 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
svgxuse.min.js
www.citizensbank.com/assets/CB_resources/scripts/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fullwidthlayout.css
www.citizensbank.com/assets/CB_resources/styles/ |
68 KB 12 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/citizensbank/prod/ |
377 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5a7f79a0
www.citizensbank.com/akam/11/ |
32 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FeatureSingleParentERLstandard.jpg
www.citizensbank.com/assets/CB_resources/images/global/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
personalization_disclosure.js
www.citizensbank.com/assets/CB_resources/scripts/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.min.js
www.citizensbank.com/assets/CB_resources/scripts/ |
252 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CitiSans-Roman.woff
www.citizensbank.com/assets/CB_resources/fonts/citi-sans/ |
31 KB 32 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
firstevent
citizensbank.demdex.net/ Redirect Chain
|
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cbds-icons.svg
www.citizensbank.com/assets/CB_resources/images/cbds-icons/ |
211 KB 81 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cbds-icons-brand.svg
www.citizensbank.com/assets/CB_resources/images/cbds-icons/ |
207 KB 80 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero_promoERL_DT_NR_1280x385.jpg
www.citizensbank.com/assets/CB_resources/images/global/ |
158 KB 158 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FiraSans-Medium.woff
www.citizensbank.com/assets/CB_resources/fonts/fira-sans/ |
182 KB 183 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FiraSans-Regular.woff
www.citizensbank.com/assets/CB_resources/fonts/fira-sans/ |
179 KB 179 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FiraSans-SemiBold.woff
www.citizensbank.com/assets/CB_resources/fonts/fira-sans/ |
193 KB 194 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/citizensbank/prod/ |
1 KB 580 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-bottom.min.js
www.citizensbank.com/assets/CB_resources/scripts/vendor/ |
720 KB 186 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6c85796837ef649ba57141723a09e957.js
nexus.ensighten.com/citizensbank/prod/code/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
31875a588c03e1409e1fce57931d24b4.js
nexus.ensighten.com/citizensbank/prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6bdfc920663d3ba20db5c7e0a4ab8603.js
nexus.ensighten.com/citizensbank/prod/code/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4217a834e7eaf0a34ca14e6686936ce5.js
nexus.ensighten.com/citizensbank/prod/code/ |
15 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
06a87a7a8d5e5b4fb48e0bdb55621460.js
nexus.ensighten.com/citizensbank/prod/code/ |
102 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5ce127e560254e9af8def495df915456.js
nexus.ensighten.com/citizensbank/prod/code/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23f4acbc397f892ed23b3c685b5ef72b.js
nexus.ensighten.com/citizensbank/prod/code/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
084ec8d8f33399609c33a4ceb996af2d.js
nexus.ensighten.com/citizensbank/prod/code/ |
830 B 1013 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoanAgents.xml
www.citizensbank.com/assets/CB_resources/XML/ |
210 KB 14 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DomainUrl.json
www.citizensbank.com/assets/CB_resources/Json/ |
4 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
undefined.json
www.citizensbank.com/assets/CB_resources/json/label_lookup/ |
6 KB 7 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RegionValues.json
www.citizensbank.com/assets/CB_resources/json/label_lookup/ |
690 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() citizensbank.demdex.net/ Frame 9672 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smetrics.citizensbank.com/ |
48 B 516 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YFg8igAAAMahxw_u
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
s.pinimg.com/ct/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oct.js
static.ads-twitter.com/ Redirect Chain
|
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dnb_coretag_v3.min.js
cdn-0.d41.co/tags/ |
1 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.gstatic.com/wcm/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
nebula-cdn.kampyle.com/wu/356861/onsite/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
91 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
vid1005.d41.co/sync/ |
0 820 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero_promoERL_MB_NR_480x192.jpg
www.citizensbank.com/assets/CB_resources/images/global/ |
47 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
call-tracking_7.js
www.gstatic.com/call-tracking/ |
54 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
95 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=477&dpuuid=818d3a4701eecc704e0d951a7bc642d19e1ed7478d1007bcb36f75fbc1cf3ba4b0da87c991749652
dpm.demdex.net/ Frame 9672 Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.dec9de31.js
s.pinimg.com/ct/lib/ |
49 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
707569535948495
connect.facebook.net/signals/config/ |
27 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
delivery
citizensbank.tt.omtrdc.net/rest/v1/ |
2 KB 973 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
api5039.d41.co/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=134096&dpuuid=2021032206432300031768984029
dpm.demdex.net/ Frame 9672 Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
34 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/83789770/configuration/applications/taglets/ |
264 KB 95 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEPeLgiG5wTBcexSF0WXOYBc&google_cver=1
dpm.demdex.net/ Frame 9672 Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s63222911344582
smetrics.citizensbank.com/b/ss/citizensbankdotcomprod/1/JS-2.5.0/ |
43 B 354 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/770144981/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/940365237/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/826923884/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/894893351/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/935344641/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/938156881/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/936821595/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/933247469/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/942049220/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/940611339/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/935775867/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Edfi.json
www.citizensbank.com/assets/CB_resources/json/rates/ |
186 KB 16 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1121&dpuuid=875739025333698246
dpm.demdex.net/ Frame 9672 Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
accdn.lpsnmedia.net/api/account/83789770/configuration/setting/accountproperties/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zones
accdn.lpsnmedia.net/api/account/83789770/configuration/le-campaigns/ |
2 KB 504 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/938156881/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/938156881/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/935344641/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/935344641/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/940365237/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/940365237/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/826923884/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/826923884/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/770144981/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/770144981/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/894893351/ |
42 B 352 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/894893351/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/936821595/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/936821595/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 9672 Redirect Chain
|
42 B 933 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/935775867/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/935775867/ |
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/940611339/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/940611339/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/942049220/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/942049220/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/933247469/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/933247469/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=121998&dpuuid=a24596ccf30e78b4ee4bbac2b37c2a0b
dpm.demdex.net/ Frame 9672 Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.js
t.a3cloud.net/AM-141554/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
435349033276053
connect.facebook.net/signals/config/ |
27 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=CJv85I6mw-8CFVM-GwodYDIFuA;src=8253365;type=allpgs;cat=allpageu;ord=1;num=9059221248103;gtm=2od3a0;auiddc=2041106448.1616395403;u2=https%253A%252F%252Fwww.citizensbank.com%252Fprom...
8253365.fls.doubleclick.net/ Frame 17B9 Redirect Chain
|
642 B 901 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic1614351842046.js
nebula-cdn.kampyle.com/us/wu/356861/onsite/ |
412 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1021 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detector-dom.min.js
cdn.glassboxcdn.com/citizen/com/p/ |
308 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
conversion.js
www.googleadservices.com/pagead/ |
41 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obtp.js
amplify.outbrain.com/cp/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pixel
cm.g.doubleclick.net/ Frame 9672 Redirect Chain
|
170 B 201 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 81 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/37272EEE-17C5-70B4-EA6F-C6F8796CE694/ |
0 932 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 9672 Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cachedClickId
tr.outbrain.com/ |
35 B 239 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unifiedPixel
tr.outbrain.com/ |
43 B 256 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CJv85I6mw-8CFVM-GwodYDIFuA;src=8253365;type=allpgs;cat=allpageu;ord=1;num=9059221248103;gtm=2od3a0;auiddc=*;u2=https%253A%252F%252Fwww.citizensbank.com%252Fpromo%252Frefi-dm.aspx;u3=https%25...
adservice.google.com/ddm/fls/z/ Frame 17B9 |
42 B 262 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame 9672 Redirect Chain
|
43 B 1003 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CitiSans-Bold.woff
www.citizensbank.com/assets/CB_resources/fonts/citi-sans/ |
31 KB 31 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
pixel_5a7f79a0
www.citizensbank.com/akam/11/ |
0 793 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
setuid
ib.adnxs.com/ Frame 9672 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 9672 Redirect Chain
|
43 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Pug
image2.pubmatic.com/AdServer/ Frame 9672 Redirect Chain
|
1 B 809 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 9672 Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b.php
www.facebook.com/fr/ Frame 9672 Redirect Chain
|
43 B 520 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bct
mid.rkdms.com/ Frame 9672 |
0 52 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ Frame F598 |
39 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
refererrestrictions
accdn.lpsnmedia.net/api/account/83789770/configuration/domainprotection/ Frame F598 |
429 B 380 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ |
38 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame 3CF5 |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
authorize
va.idp.liveperson.net/api/account/83789770/anonymous/ Frame 3CF5 |
678 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
83789770
va.v.liveperson.net/api/js/ |
242 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
83789770
va.v.liveperson.net/api/js/ |
111 B 854 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/37272EEE-17C5-70B4-EA6F-C6F8796CE694/ |
282 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cls_report
report.citizen.glassboxdigital.io/glassbox/reporting/37272EEE-17C5-70B4-EA6F-C6F8796CE694/ |
0 770 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
83789770
va.v.liveperson.net/api/js/ |
73 B 823 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api5039.d41.co
- URL
- https://api5039.d41.co/api/?req=api5039&form=json
Verdicts & Comments Add Verdict or Comment
296 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| _gsScope object| geolocator object| ccCalcAmountInput object| ccCalcRateInput object| ccCalcPromoRate object| ccCalcPromoLength number| promoRate number| promoLength object| updateAmountButtons object| updateRateButtons object| srLabelContainers function| cleanInputAmount function| cleanInputRate function| checkNewValue function| handleCalcButtonClick function| updateAmountButtonLabels function| updateRateButtonLabels function| addComma function| addDecimal function| calculateSavings function| inputDigitsOnly function| handleAmountChange function| handleRateChange function| DotComAnalytics object| Foundation object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| InfoBubble function| Cookies function| URLPolyfill function| LoaderPolyfill object| System object| SystemJS object| Typeahead object| Handlebars function| moment function| pluralize object| html5 object| Modernizr object| respond function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| _typeof object| core object| __core-js_shared__ object| global function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| MicroModal object| ensBootstraps object| Bootstrapper object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor string| sName object| parts string| subdomain string| upperleveldomain function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq object| today object| currentDate number| sundays number| currentDayNum string| ctzomnitureacct object| s function| DIL number| s_objectID number| s_giq function| $data number| _delay function| _log function| $globals function| $getData function| StageConsoleLog string| targetParamsSegments string| personalizedAudienceType function| CZAAMCallback function| targetPageParams object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| jQuery1910933958306340235 string| bazadebezolkohpepadr string| Year number| yyyy object| defaultCreativeElement_DS number| jsonTimeout_DS function| swapLeaderboard_DS function| displayElement_DS function| forceLeaderboardDisplay_DS object| CTZ object| Dotcom string| BASE_URL function| publish function| subscribe function| unsubscribe object| _gmMarkers object| _gmOpenMarkers object| jQuery19107531680648126964 object| RATE_PROMISE function| getNMLSUrl function| init function| bind undefined| define function| css_browser_selector function| pintrk object| dataLayer function| gtag function| fbq function| _fbq function| _googWcmImpl string| _googWcmAk function| _googWcmGet object| lpTag string| s_account object| ss function| getUrlVars function| getIntUrlVars function| endOfDatePeriod function| AppMeasurement_Module_Integrate object| google_tag_manager object| google_tag_data function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl object| dnbvid object| KAMPYLE_EMBED object| twttr object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| s_i_citizensbankdotcomprod function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| _extends string| urhehlevkedkilrobacf object| proxyless object| lpMTagConfig string| f0 string| _linkedin_data_partner_id string| src function| obApi function| lintrk boolean| _already_called_lintrk object| _cls_config object| _detector object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata function| boundHandleLoadFormEvent object| google_conversion_id object| google_conversion_format object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_enable_display_cookie_match object| google_gtag_event_data object| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| google_conversion_date object| google_conversion_time object| google_conversion_js_version object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments31 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.citizensbank.demdex.net/ | Name: citizensbank Value: 88347204950197699381551880157661097117 |
|
.citizensbank.com/ | Name: s_ppv Value: https%253A%2F%2Fwww.citizensbank.com%2Fpromo%2Frefi-dm.aspx%253FWT.mc_id%253DDM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%2526WT.tsrc%253DDM-EPIC%2C36%2C36%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP |
|
.citizensbank.com/ | Name: s_lv Value: 1616395403481 |
|
.citizensbank.com/ | Name: s_ivc Value: true |
|
.citizensbank.com/ | Name: s_ev20 Value: %5B%5B%27DM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%27%2C%271616395403480%27%5D%5D |
|
.citizensbank.com/ | Name: s_cc Value: true |
|
.citizensbank.com/ | Name: s_nr30 Value: 1616395403479-New |
|
.citizensbank.com/ | Name: s_campaign Value: DM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com |
|
.citizensbank.com/ | Name: ak_bmsc Value: CF9F9C85DFF1D72B63B1D7CF1E88F13C02116484E63400008A3C586051B29822~plAhZ7Ac5cEiKDUbqEN2XRbimBJVBUnSkUD7weTTBGfWKbe5Cca41LgT6kph7ll7JABRrBIJt42Ceb40SlocIZ2voYy7U4apehYbjR5uX++ZVyjxqde3YoBc2RNVwsUBOBowUmGDAXttpcrQsEBsog46neqKiMDEi1pw5z9n64H4hMqCESZO+dDt4N2+UlWal1JM41kWQAnGvt+8dTfvi6eUdmEcR7piMYts4RoXfWoa61euDDajfiJCLaTDUVvNTWtGTIuKbpnlM3kSvrrjW0pCkBA0eaEVa2R/i5jAtgTZzCi1BxoFwcwGQ6ndZDQ3oY0rVBZQx+QaZY8bnSD9RE/haP8Uq7fP+DIVj/vONse88= |
|
.demdex.net/ | Name: dextp Value: 60-1-1616395402774|843-1-1616395402878|771-1-1616395403066|1121-1-1616395403189|30064-1-1616395403367|121998-1-1616395403468 |
|
.citizensbank.com/ | Name: s_cpmcvp Value: %5B%5B%27DM-EPIC-_-ERL-_-v1-_-CB-_-reficitizens.com%27%2C%271616395403096%27%5D%5D |
|
.citizensbank.com/ | Name: s_nr Value: 1616395403094-New |
|
.citizensbank.com/ | Name: bm_sz Value: 52833421EA87FA0930FEA758500916DF~YAAQhGQRAsR1Zz14AQAAkXusWAsplowZDx0HZmtfs/u+of83VFtGV71isqe+KfEAvyB06Q4utnK/y/Bc2MLkefeyjVTvAlXaeZ9iHa86jYwGFrcm5XAGIylB/zgAVwmW2VEFw0eapFibKE7PklXVKn0UCE8CVy9kACgLgQURdGwTkSGLQRogVyYPRnfjiOjzoR4E8zKh |
|
.citizensbank.com/ | Name: s_ppvl Value: %5B%5BB%5D%5D |
|
.citizensbank.com/ | Name: _abck Value: 3CE4B3CF5F03D80D04F9DF861DE9145D~-1~YAAQhGQRAsV1Zz14AQAAkXusWAX4TglEXYz0hA8hXazFVYQYcBIKefuABenV3M2tibR6wmCPBSIFcbhNMbcUHJwdaGNW5pxPQg0J7gY02nVfoz8VTMny7q4Twxs0JD0kRYEe16xbwL0d4NHhpH1WjFGxZqr6YGvrWxpOG002gRHUdqzyVee6JaHwMvOrIIzApHbZbvwvWWf5OjKQsK4stm3Bq/08Dd9BU6hN1aT2yMqQS/1ViVtYjTxmc4NL2QgDRqXXPlM0LdFTt16vMwcdc1sDVuOld+1eqIi2/vbNH3HIYwNwlEGXExn7a3zYV2qhJ7lSSfww1+l9G7eFh6LH2aBaBgZRubPUG2vV2EL9xY4twXDMq/cHf9Be5KaBrApZMbk=~-1~-1~-1 |
|
.citizensbank.com/ | Name: AMCV_4C3B0C3755C3822E7F000101%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18709%7CMCMID%7C88326941269122575891551016450092765946%7CMCAAMLH-1617000202%7C6%7CMCAAMB-1617000202%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1616402602s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18716%7CvVersion%7C4.4.0 |
|
.citizensbank.com/ | Name: mbox Value: session#37cccb9305604601b0b8469aa228d139#1616397263|PC#37cccb9305604601b0b8469aa228d139.37_0#1679640204 |
|
.citizensbank.com/ | Name: mboxEdgeCluster Value: 37 |
|
.citizensbank.com/ | Name: _fbp Value: fb.1.1616395402818.1053344905 |
|
.demdex.net/ | Name: demdex Value: 88347204950197699381551880157661097117 |
|
.citizensbank.com/ | Name: _gcl_au Value: 1.1.2041106448.1616395403 |
|
.citizensbank.com/ | Name: s_ecid Value: MCMID%7C88326941269122575891551016450092765946 |
|
.citizensbank.com/ | Name: s_vncm Value: 1617227999480%26vn%3D1 |
|
.citizensbank.com/ | Name: s_lv_s Value: First%20Visit |
|
.citizensbank.com/ | Name: AMCVS_4C3B0C3755C3822E7F000101%40AdobeOrg Value: 1 |
|
.citizensbank.com/ | Name: gpv_p5 Value: Datalayer%3ACBDL%20Missing |
|
.citizensbank.com/ | Name: bm_sv Value: FE78F644CD4D8D760D44FCFF5527208E~l6V/LIFIPZ5HjcZAUHD/dqxZqs/uwPqqCLwvKJLXIuZ6yuGJM07SIzaebNyPHhhpIyafru8mzd5MpgOM/apB813oh8sButY7AXLnsoXFXguyoV0zcqamJVKA1rrHnikW/fPlFjA5HLuURNNVBtbyQjATEXLhkm/zC9RKJyzxuFI= |
|
.citizensbank.com/ | Name: gpv_v51 Value: no%20value |
|
.citizensbank.com/ | Name: at_check Value: true |
|
.demdex.net/ | Name: DST Value: |
|
www.citizensbank.com/ | Name: fcf-done Value: true |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8253365.fls.doubleclick.net
accdn.lpsnmedia.net
adservice.google.com
amplify.outbrain.com
analytics.twitter.com
api5039.d41.co
cdn-0.d41.co
cdn.glassboxcdn.com
citizensbank.demdex.net
citizensbank.tt.omtrdc.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
mid.rkdms.com
nebula-cdn.kampyle.com
nexus.ensighten.com
p.rfihub.com
pixel.rubiconproject.com
platform.twitter.com
ps.eyeota.net
px.ads.linkedin.com
reficitizens.com
report.citizen.glassboxdigital.io
s.pinimg.com
secure.adnxs.com
smetrics.citizensbank.com
snap.licdn.com
static.ads-twitter.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
t.a3cloud.net
t.co
tr.outbrain.com
udc-neb.kampyle.com
us-u.openx.net
va.idp.liveperson.net
va.v.liveperson.net
vid1005.d41.co
www.citizensbank.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.reficitizens.com
x.dlx.addthis.com
api5039.d41.co
104.244.42.195
104.244.42.197
13.226.159.65
142.250.186.130
151.101.114.49
151.101.12.157
151.101.13.175
172.217.16.130
172.217.18.102
173.209.247.163
178.249.97.23
178.249.97.98
178.249.97.99
18.195.42.228
184.30.20.241
184.30.21.80
185.64.190.80
185.94.180.126
193.0.160.129
208.89.12.87
208.89.15.170
23.79.128.219
23.79.152.128
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:47b
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:808::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a02:26f0:2100:2b7::9ef
2a02:26f0:7100:191::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:9::84
3.121.27.153
3.230.231.237
34.249.66.13
34.250.153.194
35.181.18.61
35.241.45.82
35.244.159.8
35.244.174.68
37.252.172.249
52.0.112.135
52.30.140.199
52.51.251.137
52.7.27.156
65.9.58.24
69.173.144.138
70.42.32.31
00e620e20c6702401f5eaf4017e05dc246d0362325a1da0a9138cb92f30e5ebe
0512091378364938364736d69d8b65dae8518ade49b060a09e586e7547078709
058a6744139e14c8ac23b134eb4eefabb1da58a83d51f26f671e52f374861e5c
092977b0c5e63d7dda80b68bcbaf06424cb3143024009b1a423aefcc1c639505
099f26afddcf975428e4205d351df61607b903b0dd19ce2373b7daef236eba44
0ac066ea7b84dce468591eb26f06032b276e7beeba0b252e6aed82a42e3110d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f974f8961c7b47f2d154b589b464bb4c8590dbaba7c8785ab003b841cd00573
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
147fcd199201763d92dcf779829b2a900d67f729007d5fa67edb1135f4c0ebf8
14da567268f2e7d6838b6dd754e24c15b8aed0f2e809273cb7ffbdcc2b534d14
16b105969dc0a9bda8a9adacd904b3bceb179a456c2f02e30ee942ce77973e4c
16e78a19219bad8da0361faf24f25496cc8ce8e3785e3b749a1bd7f94fb9d645
17b8f162163398996a4f7cf37adf42247eb30ec0b8b04be81464dae5e9ffd8da
186be2a2b1f2ed2d7ec5fb57886c4314533681b6f2c17db0b199f15505e255b8
1b551573e244d9d50b6a3ee2029c0dcae85c680d28f0c8aa6f252e35808e1105
1d0e4ce14c99eccd65be94eb5bdeb25f093c9cae8332944e4d31bb21fdfa30af
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1f83356d095393a0d8901dbab29705225e49315c0044e81f188faad1b916dcd5
22ea77b6dcd200e8fe29e940ba184e92e63b99cf70ec3d2c2ed10f1d51c0dc44
30269a15ba944a83a1a41afe10f7c34581fc0ddc4b025a0f15cd42d415c338aa
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
40884e075a085b74a8b9882e18d5e0af7f633c0bc893a799e23e491e438cdb12
42d12cb9da51e295a03346442a918b96c2679a4c34e149a4b9b8041c44d3daa2
454c813ac1783e8451b3a2cb419c2ab5c5178d75f28350b3bbd846bf8573cdd7
467c96cea9f2e294e2025b75cf78a8e7b6218f787d3ab64124b68b8b70c1f35a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ecb40504492a65ecb983d2995dc84d5edb568c6925e24fec02517aa4b7c578
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5682d3aca3ab2c00829d68f8a1bc323d9df431947ef8fddbc6429a6760281dce
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab
58a633eefb4033818b1bc7c072ffb55ce01df098b117a9ee825f7cde0e75b132
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5da9b4fe7d16823fe362bec0e4bf89e4bf323857372f735e149d77bac97cf42e
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60853ffa7c884185672752d9b307e1b72c720d65cc32938bf171fad0fa12b9b4
6102d66c70f158d608ef2f7be3abc1660cea2a9ab043e3d9e0fa4e08ea8dce64
612dfb35c7cbc4e9dd40b82ca488898ed88ec9bdc69b09275ceda4a0deb039ef
67de7ed01c93030a3147d4e28da97163c51b73595f60e8fd3815ceaafc22d288
6a0ea553733805afd783355dc1ae47645bcc8de7df70b37d3521f1161a0e88b0
6a5798778d60179cb6a7bc147ff98034e3712f22cdfc83ae5ec0bf7681c0d437
6a8dad6f44c63c15538b3eecdc39146569f092abdf75950621a483b46646c27c
6ac5a599be08c51bf07d3f6e2b3f9172ec22624fbaddaf3ad72007a7ab422c53
6f281ec709cfc45e0590ed3295a10790f7b4f388502080fc149e2a5b8bb16bb0
756c297efd068ca97232d5605a762524d744e5d8a72f85064d11938735d44ee2
77fdce3f96c466e0e63cea93818f4c26f5d9b5d65c1e42d472765e79dfb74e19
78eb996bddcc84915aa262d829de460b6d8e6b9a5585fdba460323f157087131
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c28e560805ac5591ed8481a7769d91594cfb53197d909cc13f0a38860ec0ecf
7e562da9919bfc6e7839c5be11b15437fcd7d5ca8fb1a4910a5408a18aa439f4
7e672026160743fbe794abd0e6de4fc53a9fdb66c4f1035433f9ceca2fdb6581
7e8b4cc02ac8b8291847c59bf8b845694a01a28c6266394592de618b0d4c2079
7ea5bd8f2764383b9047cb667d13de73359575c4ac0062ffd48c9fa6f1348eb1
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8336ca8f8565fbd7ea092d3cc6a3edee57062fa7ad1ec10189b96115c672bcc0
850420a74b035447dcf888c73803e7588d07aa16c80c3ee326c7c575186bd001
8a049c4e19a85c375e1a9849936b4448c1f4f6d578a041e3d183409bc9e142a6
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a52194331127325d7362193eeebff6f08da8e62552033d72c2c8cf24405d038
8f0a63a9178a7baf09fddcc3579f0af0459bf386d3e848ed288b9eb81c8dd3fd
8fb02f5837ab60d14e758220e4a5e3f42e31725be5e403ba021de8c8822e1b87
97c32edd8e2e55b77194ef2b9fa0580835955a6eee5aac3de157818c4a081758
98208519d1546af16865c74031fb39f5cf528d2d4dc9890419a9c6ac16bd9505
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a53ab2865052f54fc5d7a114ecd2974c6dd5163dfd458977734dd71835d3f8f4
a676f200166b61d2152b0ab8ca65cd56b37d5c22eb2297ed10ed690676948524
a9e9be4c5a9b33943544a4aff64a7c1a1a326bfd42e72741f8f02a6dd3be88ee
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae988ac013b608ee162bdeb63670150c0930aa3d3da498aa1c4a6ea20d3bd3f5
b0a826fa53a52c446352d13c02654eff897691e910dbf3a3d79b44757fd37fea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21c19d1563c99e64c7342f05529fa976397056cb99a20931c3801c4207168a3
b472b83e2c69813abdceedb00934c6a1216bff241069a2c5e3133a0b257c980e
b692269877d83a2c21c5c5270d96cd4001d628310867d2a09da27dd1e3e5ffff
b716ff0ff473e10ef37240dc9bafe82210bf36e6f34741521abde9fa89a9fa82
b7237ab2f32630980f8e2bef0c19e044a3ba2e8570d42df76a808be322ba809c
b81b17bae754eccf9acfeb930f76a65888aac590380d455b12abf9d22577864a
b866a58e02b01ca9537cb6d024f348f7373c88b94a92d310560885c93de8abd2
be8203b0564e013054a06f543a4ece3c9ff7b3f387617641b20b9ed76023dda8
c0177a9d7d0dbd059739c8fc3ededc84d9ed022f0d6f5fc99b2011ae7523882c
c13a431a6d7b00e9af56cf15dea871aa26f140a33e768f870dd69694ebef9e11
c5ef3901d459d84f279d0a48907aaeb370c71f426cc781fdef4b637a64ca9923
c88ee0fb26b0b8b8e800826b925fcb10d93c876652b65f999ee298da0f1613b9
c8b724d1006d1d199aaa955dac8b2b109aa6b3fc8319f0a37ae50c927348664c
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
c9b63150cca46a40dd39716425ca5e12866cedd21de2b58df9848b7375ab6b80
cc0088fc4ee1443b5e02e2b0fd132156357dcfb32d1897d9a05f2c5aa037fe5c
cca76cc5e2d6bfd6714e4d5e8946ee82d58a792f3f4ea0a2793cee132792208d
cd80f939017b60fa0b20b5d913a45a4824779f0f2bbfc6f5dc05565bbcf287d9
cde08ed564be938130e53f8b4d0eed438fdd0155489ec500ea9a82999ee946dd
ce30cb36b19e083ed7afc365521b8a20f893e4fed9384e70f7bc8d55fb39c2f6
d043adafaaac6411c4214756adde082f82c63277106d0fe001a370e5582eeaf7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2c0743ba1485334ad7b8a678ae6dce077443e6674329d859879623148fcd95c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e937825e75b713d33a96f51418baa447e7794693d8e28e5a2b13899aa436b85b
e9a8c62397446e85f663ac744c6e33136e190f5b495dbde76fd208f500159dae
ebf781a2cf30c61e4eff90c1b828810204e8e6e77d473e73e29a0a0821e76a31
eca3f6f6bd68a45def7c211455849daa9a4cbdce159b0267a66dd76504fa4285
edb6815a0c46447b235c6ea2fa73e26291d82e8dc33b233857890944dcc9fe66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0065bce5049fe72f813963f19e01cbaf5fe0c9934c1d6b070f7bf89943f10db
f2d4a4438cfc89cdd5d281506b480a4547c2ada2739b50113070e38ab67eeb27
f8524daa5aee01526fc97d28b72c264f1c451433fb48e70bd2cd7786dca31d93
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
fd51fb8d821ea59b4dd96a7a3f9dc72a4d3d85567a3b092373114af4713dc02e
fdf574a00175ab8c213fc7d1b15abf5b818d7e1345d1673aff7409a18504276a
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df