![](/screenshots/473c700d-9f53-4da3-83b5-21691e2c5d57.png)
www1.citibank.com.au
Open in
urlscan Pro
23.214.57.230
Public Scan
Effective URL: https://www1.citibank.com.au/
Submission: On January 04 via api from US — Scanned from AU
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 13th 2023. Valid for: a year.
This is the only time www1.citibank.com.au was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16625 (AKAMAI-AS, US)
PTR: a23-214-57-230.deploy.static.akamaitechnologies.com
www1.citibank.com.au | |
marketingportal.citibank.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-52-229-245.deploy.static.akamaitechnologies.com
www.cdn.citibank.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-198-63-128.deploy.static.akamaitechnologies.com
assets.adobedtm.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-40-72-127.deploy.static.akamaitechnologies.com
s.go-mpulse.net | |
c.go-mpulse.net | |
684d0d4c.akstat.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-92-227.compute-1.amazonaws.com
dpm.demdex.net | |
citiau.demdex.net |
ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-171-73.ap-southeast-1.compute.amazonaws.com
pixel.everesttech.net |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-52-239-49.deploy.static.akamaitechnologies.com
servedby.flashtalking.com |
ASN54113 (FASTLY, US)
cdn.taboola.com | |
trc.taboola.com | |
pips.taboola.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com | |
c.bing.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm |
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-255-246.deploy.static.akamaitechnologies.com
www.everestjs.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-181-218.ap-northeast-1.compute.amazonaws.com
d9.flashtalking.com |
ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net |
ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com |
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-15.data.adobedc.net
smetrics.citibank.com.au |
ASN54113 (FASTLY, US)
lasteventf-tm.everesttech.net | |
sync-tm.everesttech.net |
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-186.data.adobedc.net
citiau.tt.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-15-108.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
www.google.com.au |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-87-84-178.compute-1.amazonaws.com
i.liadm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-211-170.compute-1.amazonaws.com
i6.liadm.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-125-144.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net |
ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
cm.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-201.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-153.deploy.static.akamaitechnologies.com
ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-38-25.deploy.static.akamaitechnologies.com
trial-eum-clienttons-s.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-38-58.deploy.static.akamaitechnologies.com
66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
citibank.com
marketingportal.citibank.com www.cdn.citibank.com — Cisco Umbrella Rank: 441971 |
721 KB |
14 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255 trc.taboola.com — Cisco Umbrella Rank: 960 pips.taboola.com — Cisco Umbrella Rank: 1936 cds.taboola.com — Cisco Umbrella Rank: 2300 trc-events.taboola.com — Cisco Umbrella Rank: 2320 |
36 KB |
9 |
everesttech.net
7 redirects
pixel.everesttech.net — Cisco Umbrella Rank: 8068 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 16001 cm.everesttech.net — Cisco Umbrella Rank: 1969 sync-tm.everesttech.net — Cisco Umbrella Rank: 1396 |
2 KB |
6 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 313 citiau.demdex.net |
8 KB |
5 |
flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1579 d9.flashtalking.com — Cisco Umbrella Rank: 3209 |
15 KB |
4 |
akamaihd.net
2 redirects
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 3609 ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 3614 66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net |
1 KB |
4 |
bing.com
1 redirects
bat.bing.com — Cisco Umbrella Rank: 692 c.bing.com — Cisco Umbrella Rank: 539 |
14 KB |
4 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 572 |
170 KB |
4 |
citibank.com.au
1 redirects
www1.citibank.com.au smetrics.citibank.com.au |
63 KB |
3 |
liadm.com
2 redirects
i.liadm.com — Cisco Umbrella Rank: 979 i6.liadm.com — Cisco Umbrella Rank: 4366 |
1 KB |
2 |
openx.net
1 redirects
us-u.openx.net — Cisco Umbrella Rank: 930 |
491 B |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 356 |
2 KB |
2 |
crwdcntrl.net
2 redirects
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419 |
876 B |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
1 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 |
2 KB |
2 |
cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 4562 |
123 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240 |
71 KB |
2 |
go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1998 c.go-mpulse.net — Cisco Umbrella Rank: 850 |
51 KB |
1 |
akstat.io
684d0d4c.akstat.io — Cisco Umbrella Rank: 94893 |
206 B |
1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1555 |
452 B |
1 |
google.com.au
www.google.com.au — Cisco Umbrella Rank: 17400 |
455 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 6 |
455 B |
1 |
omtrdc.net
citiau.tt.omtrdc.net |
844 B |
1 |
everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 11263 |
4 KB |
1 |
pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 4632 |
6 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
75 KB |
0 |
spotxchange.com
Failed
sync.search.spotxchange.com Failed |
|
82 | 27 |
Domain | Requested by | |
---|---|---|
13 | marketingportal.citibank.com |
www1.citibank.com.au
marketingportal.citibank.com |
7 | www.cdn.citibank.com |
www1.citibank.com.au
|
6 | trc-events.taboola.com |
marketingportal.citibank.com
|
6 | sync-tm.everesttech.net |
6 redirects
www1.citibank.com.au
|
5 | dpm.demdex.net |
1 redirects
www1.citibank.com.au
|
4 | assets.adobedtm.com |
www1.citibank.com.au
assets.adobedtm.com |
3 | trc.taboola.com |
cdn.taboola.com
marketingportal.citibank.com |
3 | bat.bing.com |
www1.citibank.com.au
bat.bing.com |
3 | cdn.taboola.com |
www1.citibank.com.au
cdn.taboola.com |
3 | servedby.flashtalking.com |
www1.citibank.com.au
servedby.flashtalking.com |
2 | us-u.openx.net |
1 redirects
www1.citibank.com.au
|
2 | ib.adnxs.com |
1 redirects
www1.citibank.com.au
|
2 | sync.crwdcntrl.net | 2 redirects |
2 | i.liadm.com | 2 redirects |
2 | smetrics.citibank.com.au |
marketingportal.citibank.com
assets.adobedtm.com |
2 | www.facebook.com |
www1.citibank.com.au
|
2 | us-central1-adaptive-growth.cloudfunctions.net |
marketingportal.citibank.com
|
2 | d9.flashtalking.com |
servedby.flashtalking.com
d9.flashtalking.com |
2 | connect.facebook.net |
www1.citibank.com.au
connect.facebook.net |
2 | www1.citibank.com.au | 1 redirects |
1 | 684d0d4c.akstat.io |
s.go-mpulse.net
|
1 | 66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net | |
1 | trial-eum-clienttons-s.akamaihd.net | 1 redirects |
1 | ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net | |
1 | trial-eum-clientnsv4-s.akamaihd.net | 1 redirects |
1 | image2.pubmatic.com |
www1.citibank.com.au
|
1 | cds.taboola.com |
marketingportal.citibank.com
|
1 | cm.g.doubleclick.net |
www1.citibank.com.au
|
1 | c.bing.com | 1 redirects |
1 | i6.liadm.com |
www1.citibank.com.au
|
1 | pips.taboola.com |
marketingportal.citibank.com
|
1 | www.google.com.au |
www1.citibank.com.au
|
1 | www.google.com |
www1.citibank.com.au
|
1 | cm.everesttech.net | 1 redirects |
1 | citiau.tt.omtrdc.net |
marketingportal.citibank.com
|
1 | lasteventf-tm.everesttech.net |
marketingportal.citibank.com
|
1 | citiau.demdex.net |
assets.adobedtm.com
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | c.go-mpulse.net |
s.go-mpulse.net
|
1 | www.everestjs.net |
assets.adobedtm.com
|
1 | cdn.pdst.fm |
www1.citibank.com.au
|
1 | pixel.everesttech.net |
www1.citibank.com.au
|
1 | www.googletagmanager.com |
www1.citibank.com.au
|
1 | s.go-mpulse.net |
www1.citibank.com.au
|
0 | sync.search.spotxchange.com Failed |
www1.citibank.com.au
|
82 | 45 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.citibank.com.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
marketingportal.citibank.com DigiCert SHA2 Extended Validation Server CA |
2023-02-13 - 2024-03-13 |
a year | crt.sh |
www.cdn.citibank.com DigiCert EV RSA CA G2 |
2023-10-19 - 2024-11-18 |
a year | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.tmogul.com Amazon RSA 2048 M01 |
2023-05-17 - 2024-06-14 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-10-13 - 2024-01-11 |
3 months | crt.sh |
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-14 - 2024-09-14 |
a year | crt.sh |
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-10-23 - 2024-11-22 |
a year | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 01 |
2023-10-24 - 2024-04-21 |
6 months | crt.sh |
cdn.pdst.fm GTS CA 1D4 |
2023-11-21 - 2024-02-19 |
3 months | crt.sh |
www.everestjs.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-25 - 2024-10-25 |
a year | crt.sh |
tag.device9.com Go Daddy Secure Certificate Authority - G2 |
2023-07-19 - 2024-08-19 |
a year | crt.sh |
misc.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
smetrics.citibank.com.au DigiCert SHA2 Extended Validation Server CA |
2023-05-25 - 2024-06-06 |
a year | crt.sh |
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-08-11 - 2024-09-11 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-22 - 2024-09-21 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-11-27 - 2024-02-19 |
3 months | crt.sh |
*.google.com.au GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www1.citibank.com.au/
Frame ID: B3E2BB7CC5BB6D7BBEE44D283D736C4E
Requests: 62 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
Frame ID: 333519E9DAA9A1F44367C456CA84C4B4
Requests: 4 HTTP requests in this frame
Frame:
https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=155327.89426741368
Frame ID: 221D1B109C22ECB459901844D98DA38C
Requests: 5 HTTP requests in this frame
Frame:
https://citiau.demdex.net/dest5.html?d_nsid=0
Frame ID: 14CCB708DC5F668233F719089B907B0E
Requests: 11 HTTP requests in this frame
Screenshot
![](/screenshots/473c700d-9f53-4da3-83b5-21691e2c5d57.png)
Page Title
Citi AustraliaPage URL History Show full URLs
-
http://www1.citibank.com.au/
HTTP 301
https://www1.citibank.com.au/ Page URL
Detected technologies
Detected patterns
- adnxs\.(?:net|com)
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/OpenX.png)
Detected patterns
- https?://[^/]*\.openx\.net
![](/vendor/wappa/icons/PubMatic.png)
Detected patterns
- https?://[^/]*\.pubmatic\.com
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: About Us
Search URL Search Domain Scan URL
Title: Travelling Overseas
Search URL Search Domain Scan URL
Title: Statement and Notices
Search URL Search Domain Scan URL
Title: Citi Mobile® App
Search URL Search Domain Scan URL
Title: Mobile Wallets
Search URL Search Domain Scan URL
Title: Online Security
Search URL Search Domain Scan URL
Title: Sign On
Search URL Search Domain Scan URL
Title: Sign on to Citi Online
Search URL Search Domain Scan URL
Title: Application Status >
Search URL Search Domain Scan URL
Title: Activate your Card >
Search URL Search Domain Scan URL
Title: Switch to eStatements >
Search URL Search Domain Scan URL
Title: Email Us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www1.citibank.com.au/
HTTP 301
https://www1.citibank.com.au/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1704355888301 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1704355888301
- https://cm.everesttech.net/cm/dd?d_uuid=25832308108508721471915624325004887610 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZZoMgAAAKKXxgN1
- https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1 HTTP 303
- https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&_li_chk=true&previous_uuid=05660e4ac39c47da87a214c49e18080d HTTP 303
- https://i6.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
- https://c.bing.com/c.gif?uid=25832308108508721471915624325004887610&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A40CA34916D64CE1CB2D9C890976545
- https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=25832308108508721471915624325004887610?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=25832308108508721471915624325004887610?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a5e6ff6d97e979f04832bdcf3c63441c
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZZZoMQAL9xd0VgBd HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wlpab01RQUw5eGQwVmdCZA==&_test=ZZZoMQAL9xd0VgBd
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=ZZZoMQAL9xd0VgBd HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZZZoMQAL9xd0VgBd
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZZoMQAL9xd0VgBd HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZZZoMQAL9xd0VgBd
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZZZoMQAL9xd0VgBd
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZZZoMQAL9xd0VgBd&img=1
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZZZoMgAAAKKXxgN1&t=2592000&o=0
- https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p9rishfyu HTTP 302
- https://ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net/eum/results.txt
- https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p9rishfyu HTTP 302
- https://66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net/eum/results.txt
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www1.citibank.com.au/ Redirect Chain
|
425 KB 59 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uiux.theme-base-au.css
marketingportal.citibank.com/msa/assets/styles/ |
76 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uiux.theme-citi-blue-light.css
marketingportal.citibank.com/msa/assets/styles/ |
75 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contactless-payment-citi-premier-card.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/ |
27 KB 27 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.cdn.citibank.com/v1/augcb/cbol/files/images/logos/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Interstate-Bold.woff2
marketingportal.citibank.com/msa/ |
50 KB 51 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Interstate-Light.woff2
marketingportal.citibank.com/msa/ |
53 KB 54 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Interstate-Regular.woff2
marketingportal.citibank.com/msa/ |
56 KB 57 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-b730963fa5a7.min.js
assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/ |
593 KB 147 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.107afff6ccde6023be7d.css
marketingportal.citibank.com/msa/ |
908 B 969 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xfs.js
marketingportal.citibank.com/msa/assets/augcb/vendor/js/ |
267 B 957 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xss.js
marketingportal.citibank.com/msa/assets/augcb/vendor/js/ |
380 B 1018 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
important-icon-84x84.png
www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/ |
802 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Citi-Logo-White-1.png
www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-es2015.674bbe013aad6f55137d.js
marketingportal.citibank.com/msa/ |
4 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills-es2015.3eb67d07d32ce3387c26.js
marketingportal.citibank.com/msa/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.1bcb6fc81105d868064d.js
marketingportal.citibank.com/msa/ |
85 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-es2015.73d3b48da321ee60b9b1.js
marketingportal.citibank.com/msa/ |
2 MB 349 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
s.go-mpulse.net/boomerang/ Frame 3335 |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61-es2015.4d43d52ef6622ff13216.js
marketingportal.citibank.com/msa/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pay-with-points-920x520-050722.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/ |
37 KB 37 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
citi-personal-loan-plus-920x520_r-0323.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/ |
25 KB 25 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rc-jb-hifi-home-tile-920x450.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/ |
51 KB 51 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rd
dpm.demdex.net/id/ Redirect Chain
|
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
209 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7169
pixel.everesttech.net/rlsa/ |
0 152 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
servedby.flashtalking.com/container/17079;119300;12701;iframe/ Frame 221D |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1212222/ |
64 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping.min.js
cdn.pdst.fm/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
last-event-tag-latest.min.js
www.everestjs.net/static/le/ |
8 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d9core
d9.flashtalking.com/ Frame 221D |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
servedby.flashtalking.com/spot/7/17079;119300;12701/ Frame 221D |
42 B 342 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ |
2 B 123 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
c.go-mpulse.net/api/ Frame 3335 |
6 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
204597980046534
connect.facebook.net/signals/config/ |
74 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/784250228/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5680232.js
bat.bing.com/p/action/ |
0 117 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 360 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
trc.taboola.com/1212222/trc/3/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
lgc
d9.flashtalking.com/ Frame 221D |
103 B 720 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc.taboola.com/1212222/log/3/ |
0 593 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cds-pips.js
cdn.taboola.com/scripts/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eid.es5.js
cdn.taboola.com/scripts/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
trc.taboola.com/1499623/trc/3/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
citiau.demdex.net/ Frame 14CC |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smetrics.citibank.com.au/ |
48 B 465 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
lasteventf-tm.everesttech.net/ |
0 217 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
delivery
citiau.tt.omtrdc.net/rest/v1/ |
349 B 844 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=411&dpuuid=ZZZoMgAAAKKXxgN1
dpm.demdex.net/ Redirect Chain
|
42 B 714 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/784250228/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com.au/pagead/1p-user-list/784250228/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
servedby.flashtalking.com/track/119300;12701;403;17043558-8837-87C9-11BE-A66756427BAC/ Frame 221D |
42 B 342 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
pips.taboola.com/ |
4 B 183 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
66627
i6.liadm.com/s/ Redirect Chain
|
43 B 274 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=1957&dpuuid=0A40CA34916D64CE1CB2D9C890976545
dpm.demdex.net/ Frame 14CC Redirect Chain
|
42 B 714 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=121998&dpuuid=a5e6ff6d97e979f04832bdcf3c63441c
dpm.demdex.net/ Frame 14CC Redirect Chain
|
42 B 715 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 14CC Redirect Chain
|
170 B 409 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cds.taboola.com/ |
0 82 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 14CC |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 14CC |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bounce
ib.adnxs.com/ Frame 14CC Redirect Chain
|
43 B 902 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 14CC Redirect Chain
|
43 B 171 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 14CC Redirect Chain
|
1 B 452 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
partner
sync.search.spotxchange.com/ Frame 14CC Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b.php
www.facebook.com/fr/ Frame 14CC Redirect Chain
|
43 B 977 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1212222/log/3/ |
0 526 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1499623/log/3/ |
0 525 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s02043275421593
smetrics.citibank.com.au/b/ss/citiau-au-prod/10/JS-2.22.4-LDQM/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
results.txt
ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net/eum/ Frame 3335 Redirect Chain
|
8 B 312 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
results.txt
66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net/eum/ Frame 3335 Redirect Chain
|
8 B 312 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
684d0d4c.akstat.io/ |
0 206 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1212222/log/3/ |
0 526 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1499623/log/3/ |
0 526 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1212222/log/3/ |
0 526 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1499623/log/3/ |
0 526 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sync-tm.everesttech.net
- URL
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
- Domain
- sync-tm.everesttech.net
- URL
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
- Domain
- sync.search.spotxchange.com
- URL
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZZZoMQAL9xd0VgBd&img=1
Verdicts & Comments Add Verdict or Comment
241 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| documentPictureInPicture function| getCookie function| mergeObjects function| setCitiDatafromCookie object| citiDataUser object| citiData function| prebootInitFn object| prebootData object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart number| value1 number| value2 string| splChars string| url object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| closeWebview function| $ function| jQuery object| __zone_symbol__beforeunloadfalse object| __zone_symbol__pagehidefalse object| __zone_symbol__pageshowfalse object| __zone_symbol__DOMContentLoadedfalse function| saveAs object| __zone_symbol__storagefalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__scrollfalse object| __zone_symbol__clickfalse object| __zone_symbol__beforeprintfalse object| __zone_symbol__afterprintfalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__focusfalse object| _satellite boolean| __satelliteLoaded object| ad_cloud object| __zone_symbol__loadfalse function| getTimeParting object| adobe function| Visitor object| s_c_il number| s_c_in object| __zone_symbol__messagefalse object| __zone_symbol__loadtrue object| __zone_symbol__event-view-endtrue object| __zone_symbol__spaPageViewtrue object| __zone_symbol__LeadSubmitCompleteEventtrue object| __zone_symbol__LeadSubmitEventtrue object| __zone_symbol__LeadStartEventtrue object| __zone_symbol__adobeEventtrue function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| dataLayer function| fbq function| _fbq object| _tfa object| uetq function| pdst object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL function| endOfDatePeriod function| AdCloudEvent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_bae9b360d1 function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError number| BOOMR_configt object| __zone_symbol__scrolltrue object| __zone_symbol__orientationchangetrue function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray number| BOOMR_onload function| isSafari11Plus function| getDomain object| s_i_citiau-au-prod function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners43 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.taboola.com/merkle-au-citibankconsumerlending-sc/ | Name: taboola_session_id Value: v2_99007bfb8acab7421eed59d0d0628669_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQ58NbGIr-m5zNMSABKAMw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE |
|
.taboola.com/cititermdeposits-au-sc/ | Name: taboola_session_id Value: v2_449a4732bc6c6260110a639a83a5c6d5_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQvv5JGIr-m5zNMSABKAEw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE |
|
i.liadm.com/s | Name: _li_ss Value: CgsKCQj_____BxD8Fg |
|
.citibank.com.au/ | Name: at_check Value: true |
|
www1.citibank.com.au/ | Name: __pdst Value: 840fb7a2ff83485797a11655a6f54acc |
|
.citibank.com.au/ | Name: _gcl_au Value: 1.1.539066393.1704355889 |
|
.citibank.com.au/ | Name: _fbp Value: fb.2.1704355888700.1704278384 |
|
.citibank.com.au/ | Name: _uetsid Value: dcb97720aad811ee9f6271076a21247b |
|
.citibank.com.au/ | Name: _uetvid Value: dcb9a2f0aad811ee94999d676a432d3d |
|
.demdex.net/ | Name: demdex Value: 25832308108508721471915624325004887610 |
|
.bing.com/ | Name: MUID Value: 0A40CA34916D64CE1CB2D9C890976545 |
|
.bat.bing.com/ | Name: MR Value: 0 |
|
.taboola.com/ | Name: t_gid Value: b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1 |
|
.taboola.com/ | Name: t_pt_gid Value: b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1 |
|
.www1.citibank.com.au/ | Name: AMCVS_9D2361D45DFA6F800A495FEF%40AdobeOrg Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.flashtalking.com/ | Name: _D9J Value: 78bd0558b4b5464484d5f09a088406c4 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.citibank.com.au/ | Name: adcloud Value: {%22_les_v%22:%22y%2Ccitibank.com.au%2C1704357689%22} |
|
.dpm.demdex.net/ | Name: dpm Value: 25832308108508721471915624325004887610 |
|
.citibank.com.au/ | Name: mbox Value: session#2a2770a038c9479f80971e7003b6fda6#1704357749|PC#2a2770a038c9479f80971e7003b6fda6.34_0#1767600690 |
|
.crwdcntrl.net/ | Name: _cc_dc Value: 2 |
|
.crwdcntrl.net/ | Name: _cc_id Value: a5e6ff6d97e979f04832bdcf3c63441c |
|
.citibank.com.au/ | Name: s_ecid Value: MCMID%7C30796973832455128181437097865197604123 |
|
.liadm.com/ | Name: lidid Value: 05660e4a-c39c-47da-87a2-14c49e18080d |
|
.openx.net/ | Name: i Value: d8b72fca-cefa-4d55-a6c2-35f9ed0b0cca|1704355890 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZZZoMgAAAKKXxgN1 |
|
.demdex.net/ | Name: dextp Value: 1957-1-1704355889398|121998-1-1704355889499|144230-1-1704355889600|144231-1-1704355889703|144232-1-1704355889804|144233-1-1704355889910|144234-1-1704355890013|144235-1-1704355890114|144236-1-1704355890214|144237-1-1704355890316 |
|
.adnxs.com/ | Name: uuid2 Value: 6243212556725522718 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2Ilad@17P!]tbPl1MwL(!R7qUY#QP@8->HYU<yXQIyDY?n<Ek%XLaE<QG=%9sk?bIRwi:w9Ld1Iu_b7_pSf?(lOfM!x(6k*fF#a |
|
.www1.citibank.com.au/ | Name: AMCV_9D2361D45DFA6F800A495FEF%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19727%7CMCMID%7C30796973832455128181437097865197604123%7CMCAAMLH-1704960689%7C7%7CMCAAMB-1704960689%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1704363089s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19734%7CvVersion%7C5.2.0 |
|
.pubmatic.com/ | Name: KRTBCOOKIE_218 Value: 4056-ZZZoMQAL9xd0VgBd&KRTB&22978-ZZZoMQAL9xd0VgBd&KRTB&23194-ZZZoMQAL9xd0VgBd&KRTB&23209-ZZZoMQAL9xd0VgBd |
|
.pubmatic.com/ | Name: PugT Value: 1704332668 |
|
.citibank.com.au/ | Name: s_nr30 Value: 1704355891541-New |
|
.citibank.com.au/ | Name: s_vnc365 Value: 1735891891542%26vn%3D1 |
|
.citibank.com.au/ | Name: s_ivc Value: true |
|
.citibank.com.au/ | Name: s_gpv Value: AU%3APublic%3AHome |
|
.citibank.com.au/ | Name: gpv_Page Value: AU%3APublic%3AHome |
|
.citibank.com.au/ | Name: RT Value: "z=1&dm=citibank.com.au&si=41505908-aefb-4beb-a7fa-545d6991c0b2&ss=lqyxhn5s&sl=1&tt=3bs&bcn=%2F%2F684d0d4c.akstat.io%2F&ld=3bu" |
|
.citibank.com.au/ | Name: s_cc Value: true |
|
.citibank.com.au/ | Name: s_plt Value: 4.31 |
|
.citibank.com.au/ | Name: s_pltp Value: AU%3APublic%3AHome |
|
.www1.citibank.com.au/ | Name: aam_uuid Value: 25832308108508721471915624325004887610 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob: |
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net
684d0d4c.akstat.io
assets.adobedtm.com
bat.bing.com
c.bing.com
c.go-mpulse.net
cdn.pdst.fm
cdn.taboola.com
cds.taboola.com
citiau.demdex.net
citiau.tt.omtrdc.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d9.flashtalking.com
dpm.demdex.net
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net
image2.pubmatic.com
lasteventf-tm.everesttech.net
marketingportal.citibank.com
pips.taboola.com
pixel.everesttech.net
s.go-mpulse.net
servedby.flashtalking.com
smetrics.citibank.com.au
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
trc-events.taboola.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
us-central1-adaptive-growth.cloudfunctions.net
us-u.openx.net
www.cdn.citibank.com
www.everestjs.net
www.facebook.com
www.google.com
www.google.com.au
www.googletagmanager.com
www1.citibank.com.au
sync-tm.everesttech.net
sync.search.spotxchange.com
103.43.90.53
141.226.224.32
141.226.229.48
142.250.204.8
142.251.221.66
142.251.221.67
151.101.1.44
151.101.194.49
157.240.8.23
157.240.8.35
172.217.167.98
172.217.24.36
18.141.15.108
184.24.255.246
204.79.197.200
207.65.33.82
216.239.36.54
23.198.63.128
23.214.57.230
23.40.72.127
23.48.96.153
23.48.96.201
23.52.229.245
23.52.239.49
23.55.38.25
23.55.38.58
3.87.84.178
35.244.142.80
35.244.159.8
44.206.92.227
52.220.125.144
52.220.171.73
54.64.181.218
54.92.211.170
63.140.38.15
63.140.38.186
0221669695a1cc0421e53f5fad42a273ee9c29f02ddc6f078d6ba3563b75457c
0518c50b8f0ca1f7ba01c80cb0eec09b78a42491b89a263c5b9c58bb1bc78013
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3692f62100e7674d2f1d06ce0171845f665c2bab2f7cecb11b59082d30ebe9
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
22f61a2e56189d048c93f172708871202feb25886189aae3868291f75363a827
2541fe15a73104857ed3c54e554955982fb79e64add39bce7b166310f80db85c
26b9c181b6e962215fb32524538c698feb486d76e450b4474fb6853d11cf3516
282e057a5e2cac1d182acc1fdcba803fdb4523712b53aed5f6de15589bbbab93
2ce93de727b78e09d9cfc5845a7b8ba54345a3161e203c28a8e97e9d108eaf6e
2e1d1652559c4527088087f13194978d90937f45762f3a7f6f3a69d79a70e269
348cf8dfd66cd924b4d3db7b4afd24bf0b752c8e99f9e5b6d0e71e619607a728
36f5959d29a589389a72cfbb32121fb47fcc3f0b703aef7d0e0bb6392233e136
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44202736a1f07eb7238674a443ee043424f3fa89b7e1663b1a8a1a731d265522
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb85852456b28f2f55bdddc3c6d992ea224cebdb447eb45b2d151d0f5301642
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5495ba562e9dea1006869cf51dffd77aab6f572ba245c3b45159dca8c0706f05
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
72876d23befce4c325468e46239c39f2443689015be2f76f0e252450f598109f
7926d3722019e845f60fbdd057607bd9dd2fbe8db662e9d395e730109641ac1a
7b0877f5c5aa450b8414d2fbcc6296129b1f52d44d1cab3b7c89aeca26718065
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c4006ede4569b1a645059f458b9b6f5c118a554b02953c3645d55590338de0c
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
7cf731a63dbf62b57045dd2dfd16b2cc9d14c541dd7450d9f2d9f0008a5eede9
9c254868f71d53c64e985fdd62e87c856e5d587c8fc647859250b5e0b3788a53
a1d48aefd0b04c9dbac6200b7c9f34cff61c7691e88cc395a9c82cdfbceb6b75
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8
b1c3acba6f8d34eaf67cf89f75dc2aed4a4385cd913f52d10511cc9661789199
b435b5d83d12c98a73e5d31b0dfac1ad33a66aed2b827446f928375408a35f31
b58481c69d3f81d3a1bdb0ca3062975d8fa5ee48e252de5bae5d3f3ae8d1a5da
b9f398759cac938494ed83bc2320dc9d695930046761978c80b42868cb9c4011
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c5c98d4826ad19fd24bd91e22c5afe32324f3175433f0a1a484424fc79caa2de
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cbd5480872fbe450fc59076b49fc00f618598b840a524aaca5434401a7aa92a0
cc7d80a8a015d1a681162fe1ba47c67bb22fdc653cc0c2b66fc18733b372a278
cff9dbc1b9c68869348062f32a0aeb541be7ec79603762227fe6d0c2dd2dab60
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4
d6a3fe6f3f62867aad1b90b528e3d882817ba31901d25ac24d1ec0ae7ccc60a0
d7a4fada78c459dd56b2f4958ded1caa00445a1b801baa553a0a755b2e6e69e7
dfd7813d457c7e9dbec1aa447d797b177797a740b2d1869ed6e4d63b2da10d13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e0790e117585960217ec3ccbc12b28917ae0942d8f0ef5411cb964c469bcc7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51fc9316faa3d05b51d0ef5c51d095dbfdb8aa48bfdabaaf58f792c9dc0dcb7
f996cda08b2649a38263ccf0d1ba02a5e6443c14976d17e92cd2d170c3024b93
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc23ba8d5567a8bd8b0185acf1bb1aabcc5cec8c8c1ed490945b57834599ea4a