Submitted URL: http://www1.citibank.com.au/
Effective URL: https://www1.citibank.com.au/
Submission: On January 04 via api from US — Scanned from AU

Summary

This website contacted 32 IPs in 4 countries across 27 domains to perform 82 HTTP transactions. The main IP is 23.214.57.230, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www1.citibank.com.au.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 13th 2023. Valid for: a year.
This is the only time www1.citibank.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 23.214.57.230 16625 (AKAMAI-AS)
7 23.52.229.245 16625 (AKAMAI-AS)
4 23.198.63.128 16625 (AKAMAI-AS)
3 23.40.72.127 16625 (AKAMAI-AS)
1 6 44.206.92.227 14618 (AMAZON-AES)
1 142.250.204.8 15169 (GOOGLE)
1 52.220.171.73 16509 (AMAZON-02)
2 157.240.8.23 32934 (FACEBOOK)
3 23.52.239.49 16625 (AKAMAI-AS)
7 151.101.1.44 54113 (FASTLY)
1 4 204.79.197.200 8068 (MICROSOFT...)
1 35.244.142.80 396982 (GOOGLE-CL...)
1 184.24.255.246 16625 (AKAMAI-AS)
2 54.64.181.218 16509 (AMAZON-02)
2 216.239.36.54 15169 (GOOGLE)
1 172.217.167.98 15169 (GOOGLE)
2 157.240.8.35 32934 (FACEBOOK)
2 63.140.38.15 14618 (AMAZON-AES)
6 7 151.101.194.49 54113 (FASTLY)
1 63.140.38.186 14618 (AMAZON-AES)
1 1 18.141.15.108 16509 (AMAZON-02)
1 172.217.24.36 15169 (GOOGLE)
1 142.251.221.67 15169 (GOOGLE)
2 2 3.87.84.178 14618 (AMAZON-AES)
1 54.92.211.170 14618 (AMAZON-AES)
2 2 52.220.125.144 16509 (AMAZON-02)
1 142.251.221.66 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2 103.43.90.53 29990 (ASN-APPNEX)
1 2 35.244.159.8 15169 (GOOGLE)
1 207.65.33.82 62713 (AS-PUBMATIC)
6 141.226.229.48 200478 (TABOOLA-AS)
1 1 23.48.96.201 20940 (AKAMAI-ASN1)
1 23.48.96.153 20940 (AKAMAI-ASN1)
1 1 23.55.38.25 20940 (AKAMAI-ASN1)
1 23.55.38.58 20940 (AKAMAI-ASN1)
82 32
Apex Domain
Subdomains
Transfer
20 citibank.com
marketingportal.citibank.com
www.cdn.citibank.com — Cisco Umbrella Rank: 441971
721 KB
14 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
pips.taboola.com — Cisco Umbrella Rank: 1936
cds.taboola.com — Cisco Umbrella Rank: 2300
trc-events.taboola.com — Cisco Umbrella Rank: 2320
36 KB
9 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 8068
lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 16001
cm.everesttech.net — Cisco Umbrella Rank: 1969
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
2 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
citiau.demdex.net
8 KB
5 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1579
d9.flashtalking.com — Cisco Umbrella Rank: 3209
15 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 3609
ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 3614
66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net
1 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 692
c.bing.com — Cisco Umbrella Rank: 539
14 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 572
170 KB
4 citibank.com.au
www1.citibank.com.au
smetrics.citibank.com.au
63 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
i6.liadm.com — Cisco Umbrella Rank: 4366
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 930
491 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
876 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
2 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 4562
123 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
71 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1998
c.go-mpulse.net — Cisco Umbrella Rank: 850
51 KB
1 akstat.io
684d0d4c.akstat.io — Cisco Umbrella Rank: 94893
206 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1555
452 B
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 17400
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 6
455 B
1 omtrdc.net
citiau.tt.omtrdc.net
844 B
1 everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 11263
4 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 4632
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
75 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
82 27
Domain Requested by
13 marketingportal.citibank.com www1.citibank.com.au
marketingportal.citibank.com
7 www.cdn.citibank.com www1.citibank.com.au
6 trc-events.taboola.com marketingportal.citibank.com
6 sync-tm.everesttech.net 6 redirects www1.citibank.com.au
5 dpm.demdex.net 1 redirects www1.citibank.com.au
4 assets.adobedtm.com www1.citibank.com.au
assets.adobedtm.com
3 trc.taboola.com cdn.taboola.com
marketingportal.citibank.com
3 bat.bing.com www1.citibank.com.au
bat.bing.com
3 cdn.taboola.com www1.citibank.com.au
cdn.taboola.com
3 servedby.flashtalking.com www1.citibank.com.au
servedby.flashtalking.com
2 us-u.openx.net 1 redirects www1.citibank.com.au
2 ib.adnxs.com 1 redirects www1.citibank.com.au
2 sync.crwdcntrl.net 2 redirects
2 i.liadm.com 2 redirects
2 smetrics.citibank.com.au marketingportal.citibank.com
assets.adobedtm.com
2 www.facebook.com www1.citibank.com.au
2 us-central1-adaptive-growth.cloudfunctions.net marketingportal.citibank.com
2 d9.flashtalking.com servedby.flashtalking.com
d9.flashtalking.com
2 connect.facebook.net www1.citibank.com.au
connect.facebook.net
2 www1.citibank.com.au 1 redirects
1 684d0d4c.akstat.io s.go-mpulse.net
1 66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 image2.pubmatic.com www1.citibank.com.au
1 cds.taboola.com marketingportal.citibank.com
1 cm.g.doubleclick.net www1.citibank.com.au
1 c.bing.com 1 redirects
1 i6.liadm.com www1.citibank.com.au
1 pips.taboola.com marketingportal.citibank.com
1 www.google.com.au www1.citibank.com.au
1 www.google.com www1.citibank.com.au
1 cm.everesttech.net 1 redirects
1 citiau.tt.omtrdc.net marketingportal.citibank.com
1 lasteventf-tm.everesttech.net marketingportal.citibank.com
1 citiau.demdex.net assets.adobedtm.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 c.go-mpulse.net s.go-mpulse.net
1 www.everestjs.net assets.adobedtm.com
1 cdn.pdst.fm www1.citibank.com.au
1 pixel.everesttech.net www1.citibank.com.au
1 www.googletagmanager.com www1.citibank.com.au
1 s.go-mpulse.net www1.citibank.com.au
0 sync.search.spotxchange.com Failed www1.citibank.com.au
82 45

This site contains links to these domains. Also see Links.

Domain
www.citibank.com.au
Subject Issuer Validity Valid
marketingportal.citibank.com
DigiCert SHA2 Extended Validation Server CA
2023-02-13 -
2024-03-13
a year crt.sh
www.cdn.citibank.com
DigiCert EV RSA CA G2
2023-10-19 -
2024-11-18
a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2024-08-10
a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2023-04-05 -
2024-04-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.tmogul.com
Amazon RSA 2048 M01
2023-05-17 -
2024-06-14
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-13 -
2024-01-11
3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-14 -
2024-09-14
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2023-10-24 -
2024-04-21
6 months crt.sh
cdn.pdst.fm
GTS CA 1D4
2023-11-21 -
2024-02-19
3 months crt.sh
www.everestjs.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-25 -
2024-10-25
a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2
2023-07-19 -
2024-08-19
a year crt.sh
misc.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2024-10-26
a year crt.sh
smetrics.citibank.com.au
DigiCert SHA2 Extended Validation Server CA
2023-05-25 -
2024-06-06
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2023-08-22 -
2024-09-21
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-27 -
2024-02-19
3 months crt.sh
*.google.com.au
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www1.citibank.com.au/
Frame ID: B3E2BB7CC5BB6D7BBEE44D283D736C4E
Requests: 62 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
Frame ID: 333519E9DAA9A1F44367C456CA84C4B4
Requests: 4 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=155327.89426741368
Frame ID: 221D1B109C22ECB459901844D98DA38C
Requests: 5 HTTP requests in this frame

Frame: https://citiau.demdex.net/dest5.html?d_nsid=0
Frame ID: 14CCB708DC5F668233F719089B907B0E
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Citi Australia

Page URL History Show full URLs

  1. http://www1.citibank.com.au/ HTTP 301
    https://www1.citibank.com.au/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

82
Requests

82 %
HTTPS

0 %
IPv6

27
Domains

45
Subdomains

32
IPs

4
Countries

1241 kB
Transfer

4619 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www1.citibank.com.au/ HTTP 301
    https://www1.citibank.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1704355888301 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1704355888301
Request Chain 55
  • https://cm.everesttech.net/cm/dd?d_uuid=25832308108508721471915624325004887610 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZZoMgAAAKKXxgN1
Request Chain 60
  • https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1 HTTP 303
  • https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&_li_chk=true&previous_uuid=05660e4ac39c47da87a214c49e18080d HTTP 303
  • https://i6.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
Request Chain 61
  • https://c.bing.com/c.gif?uid=25832308108508721471915624325004887610&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A40CA34916D64CE1CB2D9C890976545
Request Chain 62
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=25832308108508721471915624325004887610?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=25832308108508721471915624325004887610?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a5e6ff6d97e979f04832bdcf3c63441c
Request Chain 63
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZZZoMQAL9xd0VgBd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wlpab01RQUw5eGQwVmdCZA==&_test=ZZZoMQAL9xd0VgBd
Request Chain 67
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=ZZZoMQAL9xd0VgBd HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZZZoMQAL9xd0VgBd
Request Chain 68
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZZoMQAL9xd0VgBd HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZZZoMQAL9xd0VgBd
Request Chain 69
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZZZoMQAL9xd0VgBd
Request Chain 70
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZZZoMQAL9xd0VgBd&img=1
Request Chain 71
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZZZoMgAAAKKXxgN1&t=2592000&o=0
Request Chain 75
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p9rishfyu HTTP 302
  • https://ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 76
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p9rishfyu HTTP 302
  • https://66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net/eum/results.txt

82 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www1.citibank.com.au/
Redirect Chain
  • http://www1.citibank.com.au/
  • https://www1.citibank.com.au/
425 KB
59 KB
Document
General
Full URL
https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c5c98d4826ad19fd24bd91e22c5afe32324f3175433f0a1a484424fc79caa2de
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
public, max-age=1800
content-encoding
gzip
content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:11:27 GMT
etag
"1ca86-btU6Td78/gI9y+VnMEhGjRnRw0U"
expect-ct
max-age=0
expires
Thu, 04 Jan 2024 08:41:27 GMT
link
<https://marketingportal.citibank.com>; rel="preconnect", <https://marketingportal.citibank.com/msa/assets/styles/uiux.theme-base-au.css>; rel="preload"; as="style", <https://marketingportal.citibank.com/msa/assets/styles/uiux.theme-citi-blue-light.css>; rel="preload"; as="style", <https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/contactless-payment-citi-premier-card.jpg>; rel="preload"; as="image"; crossorigin="anonymous", <https://www.cdn.citibank.com/v1/augcb/cbol/files/images/logos/logo.png>; rel="preload"; as="image"; crossorigin="anonymous"
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
no-referrer
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1704355887263_400244798_1200223614_35_6331_1_6_255";dur=1
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-ratelimit-limit
10000
x-ratelimit-remaining
9999
x-ratelimit-reset
1704344392
x-xss-protection
0

Redirect headers

Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
0
Date
Thu, 04 Jan 2024 08:11:27 GMT
Expires
Thu, 04 Jan 2024 08:41:27 GMT
Location
https://www1.citibank.com.au/
Server
AkamaiGHost
Server-Timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1704355887250_400244805_85131451_21_7244_1_0_-";dur=1
uiux.theme-base-au.css
marketingportal.citibank.com/msa/assets/styles/
76 KB
9 KB
Stylesheet
General
Full URL
https://marketingportal.citibank.com/msa/assets/styles/uiux.theme-base-au.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
44202736a1f07eb7238674a443ee043424f3fa89b7e1663b1a8a1a731d265522
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.05093e17.1704341392.5310366f, 0.3e40db17.1704355887.4789f5b5
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887310_400244798_1200223669_38_10107_1_0_255";dur=1
content-length
8379
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 04:09:53 GMT
server
Akamai Resource Optimizer
etag
W/"1303d-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
text/css; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704341449
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
uiux.theme-citi-blue-light.css
marketingportal.citibank.com/msa/assets/styles/
75 KB
8 KB
Stylesheet
General
Full URL
https://marketingportal.citibank.com/msa/assets/styles/uiux.theme-citi-blue-light.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0518c50b8f0ca1f7ba01c80cb0eec09b78a42491b89a263c5b9c58bb1bc78013
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.c49654b8.1704340570.3f888a3a, 0.3e40db17.1704355887.4789f5b3
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887310_400244798_1200223667_35_10109_1_0_255";dur=1
content-length
7527
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:56:12 GMT
server
Akamai Resource Optimizer
etag
W/"12c28-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
text/css; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340785
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
contactless-payment-citi-premier-card.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/
27 KB
27 KB
Image
General
Full URL
https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/contactless-payment-citi-premier-card.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.229.245 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-229-245.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
348cf8dfd66cd924b4d3db7b4afd24bf0b752c8e99f9e5b6d0e71e619607a728

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:27 GMT
x-check-cacheable
YES
x-serial
773
server
Akamai Image Manager
last-modified
Thu, 04 Jan 2024 04:54:13 GMT
akamai-grn
0.3540db17.1704355887.5622d19c
vary
Origin
content-type
image/avif
access-control-allow-origin
https://www1.citibank.com.au
cache-control
private, no-transform, max-age=43200
content-length
27710
expires
Thu, 04 Jan 2024 20:11:27 GMT
logo.png
www.cdn.citibank.com/v1/augcb/cbol/files/images/logos/
1 KB
1 KB
Image
General
Full URL
https://www.cdn.citibank.com/v1/augcb/cbol/files/images/logos/logo.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.229.245 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-229-245.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:27 GMT
last-modified
Thu, 04 Jan 2024 04:53:46 GMT
server
Akamai Image Manager
akamai-grn
0.3540db17.1704355887.5622d198
vary
Origin
content-type
image/png
access-control-allow-origin
https://www1.citibank.com.au
cache-control
private, no-transform, max-age=43200
content-length
1040
expires
Thu, 04 Jan 2024 20:11:27 GMT
Interstate-Bold.woff2
marketingportal.citibank.com/msa/
50 KB
51 KB
Font
General
Full URL
https://marketingportal.citibank.com/msa/Interstate-Bold.woff2
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc23ba8d5567a8bd8b0185acf1bb1aabcc5cec8c8c1ed490945b57834599ea4a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 08:11:27 GMT
x-permitted-cross-domain-policies
none
akamai-grn
0.3e40db17.1704355887.4789f6c4
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887612_400244798_1200223940_38_5837_1_7_255";dur=1
content-length
51568
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 12 Oct 2023 02:56:54 GMT
etag
W/"c970-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
https://www1.citibank.com.au
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340714
x-ratelimit-limit
10000
accept-ranges
bytes
vary
Origin
expires
Thu, 04 Jan 2024 08:41:27 GMT
Interstate-Light.woff2
marketingportal.citibank.com/msa/
53 KB
54 KB
Font
General
Full URL
https://marketingportal.citibank.com/msa/Interstate-Light.woff2
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36f5959d29a589389a72cfbb32121fb47fcc3f0b703aef7d0e0bb6392233e136
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 08:11:27 GMT
x-permitted-cross-domain-policies
none
akamai-grn
0.3e40db17.1704355887.4789f6c5
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887619_400244798_1200223941_37_5835_1_0_255";dur=1
content-length
54204
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 12 Oct 2023 02:56:54 GMT
etag
W/"d3bc-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
https://www1.citibank.com.au
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340836
x-ratelimit-limit
10000
accept-ranges
bytes
vary
Origin
expires
Thu, 04 Jan 2024 08:41:27 GMT
Interstate-Regular.woff2
marketingportal.citibank.com/msa/
56 KB
57 KB
Font
General
Full URL
https://marketingportal.citibank.com/msa/Interstate-Regular.woff2
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1c3acba6f8d34eaf67cf89f75dc2aed4a4385cd913f52d10511cc9661789199
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 08:11:27 GMT
x-permitted-cross-domain-policies
none
akamai-grn
0.3e40db17.1704355887.4789f6c6
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887619_400244798_1200223942_36_5845_1_0_255";dur=1
content-length
57148
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 12 Oct 2023 02:56:54 GMT
etag
W/"df3c-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
https://www1.citibank.com.au
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340550
x-ratelimit-limit
10000
accept-ranges
bytes
vary
Origin
expires
Thu, 04 Jan 2024 08:41:27 GMT
launch-b730963fa5a7.min.js
assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/
593 KB
147 KB
Script
General
Full URL
https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7926d3722019e845f60fbdd057607bd9dd2fbe8db662e9d395e730109641ac1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:27 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 08:23:09 GMT
server
AkamaiNetStorage
etag
"0008249589364c0869ac8f6f28c38dcf:1698049389.279035"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 09:11:27 GMT
styles.107afff6ccde6023be7d.css
marketingportal.citibank.com/msa/
908 B
969 B
Stylesheet
General
Full URL
https://marketingportal.citibank.com/msa/styles.107afff6ccde6023be7d.css
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f51fc9316faa3d05b51d0ef5c51d095dbfdb8aa48bfdabaaf58f792c9dc0dcb7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.0ee5615e.1704341252.926eb07d, 0.3e40db17.1704355887.4789f5b4
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887312_400244798_1200223668_136_8917_1_0_255";dur=1
content-length
148
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 04:07:33 GMT
server
Akamai Resource Optimizer
etag
W/"38c-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
text/css; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704341639
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
xfs.js
marketingportal.citibank.com/msa/assets/augcb/vendor/js/
267 B
957 B
Script
General
Full URL
https://marketingportal.citibank.com/msa/assets/augcb/vendor/js/xfs.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
dfd7813d457c7e9dbec1aa447d797b177797a740b2d1869ed6e4d63b2da10d13
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.c49654b8.1704340596.3f88e783, 0.3e40db17.1704355887.4789f6ea
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887634_400244798_1200223978_53_6118_1_0_146";dur=1
content-length
127
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:56:38 GMT
server
Akamai Resource Optimizer
etag
W/"10b-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
application/javascript; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340715
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
xss.js
marketingportal.citibank.com/msa/assets/augcb/vendor/js/
380 B
1018 B
Script
General
Full URL
https://marketingportal.citibank.com/msa/assets/augcb/vendor/js/xss.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f996cda08b2649a38263ccf0d1ba02a5e6443c14976d17e92cd2d170c3024b93
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.c49654b8.1704340615.3f892c7c, 0.3e40db17.1704355887.4789f6eb
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887634_400244798_1200223979_33_6351_1_0_146";dur=1
content-length
186
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:56:56 GMT
server
Akamai Resource Optimizer
etag
W/"17c-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
application/javascript; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704341453
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
important-icon-84x84.png
www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/
802 B
1 KB
Image
General
Full URL
https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/important-icon-84x84.png
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.229.245 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-229-245.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7c4006ede4569b1a645059f458b9b6f5c118a554b02953c3645d55590338de0c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:27 GMT
x-check-cacheable
YES
x-serial
766
server
Akamai Image Manager
last-modified
Thu, 04 Jan 2024 04:53:48 GMT
akamai-grn
0.3540db17.1704355887.5622d1cc
content-type
image/png
cache-control
private, no-transform, max-age=43200
content-length
802
expires
Thu, 04 Jan 2024 20:11:27 GMT
Citi-Logo-White-1.png
www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/
1 KB
1 KB
Image
General
Full URL
https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/Citi-Logo-White-1.png
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.229.245 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-229-245.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b435b5d83d12c98a73e5d31b0dfac1ad33a66aed2b827446f928375408a35f31

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:27 GMT
last-modified
Thu, 04 Jan 2024 04:53:51 GMT
server
Akamai Image Manager
akamai-grn
0.3540db17.1704355887.5622d19d
vary
Origin
content-type
image/webp
access-control-allow-origin
https://www1.citibank.com.au
cache-control
private, no-transform, max-age=43200
content-length
1060
expires
Thu, 04 Jan 2024 20:11:27 GMT
runtime-es2015.674bbe013aad6f55137d.js
marketingportal.citibank.com/msa/
4 KB
3 KB
Script
General
Full URL
https://marketingportal.citibank.com/msa/runtime-es2015.674bbe013aad6f55137d.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
2541fe15a73104857ed3c54e554955982fb79e64add39bce7b166310f80db85c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.8d267368.1704340457.25c8d35a, 0.3e40db17.1704355887.4789f6e3
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887628_400244798_1200223971_49_6143_1_0_219";dur=1
content-length
1878
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:54:18 GMT
server
Akamai Resource Optimizer
etag
W/"fbf-WMZ42Hnhgru2T/eKnB3vjTKFuy0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
application/javascript; charset=utf-8
vary
Origin
access-control-allow-origin
https://www1.citibank.com.au
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340790
x-ratelimit-limit
10000
expires
Thu, 04 Jan 2024 08:41:27 GMT
polyfills-es2015.3eb67d07d32ce3387c26.js
marketingportal.citibank.com/msa/
36 KB
12 KB
Script
General
Full URL
https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
26b9c181b6e962215fb32524538c698feb486d76e450b4474fb6853d11cf3516
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.c49654b8.1704340452.3f86e77c, 0.3e40db17.1704355887.4789f6e4
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887635_400244798_1200223972_621_5331_1_0_219";dur=1
content-length
11253
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:54:13 GMT
server
Akamai Resource Optimizer
etag
W/"9103-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
application/javascript; charset=UTF-8
vary
Origin
access-control-allow-origin
https://www1.citibank.com.au
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340733
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
scripts.1bcb6fc81105d868064d.js
marketingportal.citibank.com/msa/
85 KB
28 KB
Script
General
Full URL
https://marketingportal.citibank.com/msa/scripts.1bcb6fc81105d868064d.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0d3692f62100e7674d2f1d06ce0171845f665c2bab2f7cecb11b59082d30ebe9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.5e267368.1704340448.359ebe7b, 0.3e40db17.1704355887.4789f6f7
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887644_400244798_1200223991_86_6778_2_0_146";dur=1
content-length
27537
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:54:10 GMT
server
Akamai Resource Optimizer
etag
W/"154af-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
application/javascript; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340838
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
main-es2015.73d3b48da321ee60b9b1.js
marketingportal.citibank.com/msa/
2 MB
349 KB
Script
General
Full URL
https://marketingportal.citibank.com/msa/main-es2015.73d3b48da321ee60b9b1.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
282e057a5e2cac1d182acc1fdcba803fdb4523712b53aed5f6de15589bbbab93
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.5e267368.1704340414.359e5dc5, 0.3e40db17.1704355887.4789f6e5
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887628_400244798_1200223973_55_6104_1_0_219";dur=1
content-length
356148
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:53:41 GMT
server
Akamai Resource Optimizer
etag
W/"1ffd6e-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
application/javascript; charset=UTF-8
vary
Origin
access-control-allow-origin
https://www1.citibank.com.au
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340733
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
s.go-mpulse.net/boomerang/ Frame 3335
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.40.72.127 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-72-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:27 GMT
content-encoding
br
last-modified
Sat, 23 Dec 2023 08:39:58 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
61-es2015.4d43d52ef6622ff13216.js
marketingportal.citibank.com/msa/
16 KB
5 KB
Script
General
Full URL
https://marketingportal.citibank.com/msa/61-es2015.4d43d52ef6622ff13216.js
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/runtime-es2015.674bbe013aad6f55137d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.57.230 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-57-230.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7b0877f5c5aa450b8414d2fbcc6296129b1f52d44d1cab3b7c89aeca26718065
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
date
Thu, 04 Jan 2024 08:11:27 GMT
akamai-grn
0.c49654b8.1704340441.3f86c440, 0.3e40db17.1704355887.4789f80f
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704355887905_400244798_1200224271_28_6598_1_0_146";dur=1
content-length
3846
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 04 Jan 2024 03:54:02 GMT
server
Akamai Resource Optimizer
etag
W/"3fdf-18b21d0ccf0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
9999
content-type
application/javascript; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=1800
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1704340838
x-ratelimit-limit
10000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 08:41:27 GMT
pay-with-points-920x520-050722.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/
37 KB
37 KB
Image
General
Full URL
https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/pay-with-points-920x520-050722.jpg
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.229.245 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-229-245.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2e1d1652559c4527088087f13194978d90937f45762f3a7f6f3a69d79a70e269

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:28 GMT
last-modified
Thu, 04 Jan 2024 04:53:39 GMT
server
Akamai Image Manager
akamai-grn
0.3540db17.1704355888.5622d3d3
vary
Origin
content-type
image/avif
access-control-allow-origin
https://www1.citibank.com.au
cache-control
private, no-transform, max-age=43200
content-length
37754
expires
Thu, 04 Jan 2024 20:11:28 GMT
citi-personal-loan-plus-920x520_r-0323.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/
25 KB
25 KB
Image
General
Full URL
https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/citi-personal-loan-plus-920x520_r-0323.jpg
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.229.245 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-229-245.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7cf731a63dbf62b57045dd2dfd16b2cc9d14c541dd7450d9f2d9f0008a5eede9

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:28 GMT
last-modified
Thu, 04 Jan 2024 04:53:39 GMT
server
Akamai Image Manager
akamai-grn
0.3540db17.1704355888.5622d3e8
vary
Origin
content-type
image/avif
access-control-allow-origin
https://www1.citibank.com.au
cache-control
private, no-transform, max-age=43200
content-length
25696
expires
Thu, 04 Jan 2024 20:11:28 GMT
rc-jb-hifi-home-tile-920x450.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/
51 KB
51 KB
Image
General
Full URL
https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2023/rc-jb-hifi-home-tile-920x450.jpg
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.229.245 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-229-245.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a1d48aefd0b04c9dbac6200b7c9f34cff61c7691e88cc395a9c82cdfbceb6b75

Request headers

Referer
Origin
https://www1.citibank.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:28 GMT
last-modified
Thu, 04 Jan 2024 04:54:26 GMT
server
Akamai Image Manager
akamai-grn
0.3540db17.1704355888.5622d3f3
vary
Origin
content-type
image/avif
access-control-allow-origin
https://www1.citibank.com.au
cache-control
private, no-transform, max-age=43200
content-length
52049
expires
Thu, 04 Jan 2024 20:11:28 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1704355888301
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1704355888301
3 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1704355888301
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
44.206.92.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-92-227.compute-1.amazonaws.com
Software
/
Resource Hash
9c254868f71d53c64e985fdd62e87c856e5d587c8fc647859250b5e0b3788a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-0d1ba4552.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
1Lkvi11zR5E=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www1.citibank.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1032
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-0f69d4637.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
zzyvRsDMS+E=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1704355888301
access-control-allow-origin
https://www1.citibank.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:26 GMT
server
AkamaiNetStorage
etag
"85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12243
expires
Thu, 04 Jan 2024 09:11:28 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:27 GMT
server
AkamaiNetStorage
etag
"9355415074dbdbd216a19b61ce931ab2:1642630707.219535"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1599
expires
Thu, 04 Jan 2024 09:11:28 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:27 GMT
server
AkamaiNetStorage
etag
"72152d82739a20813d7490454a0d252e:1642630707.464895"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8755
expires
Thu, 04 Jan 2024 09:11:28 GMT
js
www.googletagmanager.com/gtag/
209 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-784250228
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d6a3fe6f3f62867aad1b90b528e3d882817ba31901d25ac24d1ec0ae7ccc60a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76374
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jan 2024 08:11:28 GMT
7169
pixel.everesttech.net/rlsa/
0
152 B
Script
General
Full URL
https://pixel.everesttech.net/rlsa/7169
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.171.73 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-171-73.ap-southeast-1.compute.amazonaws.com
Software
AMO-RLSA/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:11:29 GMT
Server
AMO-RLSA/1.1
Connection
keep-alive
Content-Length
0
Content-Type
text/javascript
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jan 2024 08:11:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
RBV7HxFVcOjbBxvzlJcOmVqj00cZZeQjt8N3PrYOPO6emXGG5yjkJjasnTXA1iSkebaLLbR1AP/ZJSqOiRZZww==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
servedby.flashtalking.com/container/17079;119300;12701;iframe/ Frame 221D
5 KB
3 KB
Document
General
Full URL
https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=155327.89426741368
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.239.49 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-239-49.deploy.static.akamaitechnologies.com
Software
prod-xre-app3.syd11 /
Resource Hash
b58481c69d3f81d3a1bdb0ca3062975d8fa5ee48e252de5bae5d3f3ae8d1a5da
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2273
Content-Type
text/html
Date
Thu, 04 Jan 2024 08:11:28 GMT
Expires
Thu, 04 Jan 2024 08:11:28 GMT
Pragma
no-cache
Server
prod-xre-app3.syd11
Strict-Transport-Security
max-age=86400
Vary
Accept-Encoding
tfa.js
cdn.taboola.com/libtrc/unip/1212222/
64 KB
20 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1212222/tfa.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7a4fada78c459dd56b2f4958ded1caa00445a1b801baa553a0a755b2e6e69e7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
g7Nnj57WYix9xxYpgYxnfa0N_kydHvoN
content-encoding
gzip
via
1.1 varnish
date
Thu, 04 Jan 2024 08:11:28 GMT
x-amz-request-id
PHFN2GJ4X2KAQSMG
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
19970
x-amz-id-2
cT2k4ZW4sIsJgSxwhAwtCRwLOvqKYaCnhMYsZ/a9G0HDlgKFRkRuUdoTrHxR3cuuGFkZcKsHp6E=
x-served-by
cache-bfi-krnt7300082-BFI
last-modified
Sun, 31 Dec 2023 11:13:39 GMT
server
AmazonS3
x-timer
S1704355889.722652,VS0,VE79
etag
"7dac08a2ab112cf73e975b5501c3cd46"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 04 Jan 2024 08:11:28 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 278F5817B7B04F91B4E900B0FB8F074B Ref B: SYD03EDGE2110 Ref C: 2024-01-04T08:11:28Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
ping.min.js
cdn.pdst.fm/
26 KB
6 KB
Script
General
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 07:36:22 GMT
content-encoding
gzip
age
2106
x-guploader-uploadid
ABPtcPoMgxvyLwKlOmM0TQYtTlPY7L-u3sScp5jCN1wTkwiczTqWZ2yPCXbkKEwlrkbcL1VwsUgF6qYDCMWrnRb_jVAprg
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Thu, 04 Jan 2024 08:36:22 GMT
last-event-tag-latest.min.js
www.everestjs.net/static/le/
8 KB
4 KB
Script
General
Full URL
https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.255.246 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-255-246.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cc7d80a8a015d1a681162fe1ba47c67bb22fdc653cc0c2b66fc18733b372a278

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Date
Thu, 04 Jan 2024 08:11:28 GMT
Last-Modified
Wed, 13 Dec 2023 10:47:16 GMT
Server
AmazonS3
x-amz-request-id
JTJ7DBF8AVJ8HPQD
ETag
"8c6414c4813c1bf85d1f9478a637ba7c"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3155
x-amz-id-2
JTFUrbl4KEDTDn52NWKmdBrpX/1C0BxSDm5A7RjKkQeQ11eIwKdaUrOedIYpw29rrV3bYEwSCJA=
d9core
d9.flashtalking.com/ Frame 221D
11 KB
11 KB
Script
General
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=155327.89426741368
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.181.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-181-218.ap-northeast-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash
cff9dbc1b9c68869348062f32a0aeb541be7ec79603762227fe6d0c2dd2dab60

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:11:28 GMT
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
transfer-encoding
chunked
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
/
servedby.flashtalking.com/spot/7/17079;119300;12701/ Frame 221D
42 B
342 B
Image
General
Full URL
https://servedby.flashtalking.com/spot/7/17079;119300;12701/?U1=&U2=&U3=&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=155327.89426741368&ft_trackID=17043558-8837-87C9-11BE-A66756427BAC
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=155327.89426741368
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.239.49 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-239-49.deploy.static.akamaitechnologies.com
Software
prod-xre-app4.syd11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=155327.89426741368
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:11:28 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app4.syd11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Thu, 04 Jan 2024 08:11:28 GMT
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/
2 B
123 B
Fetch
General
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json
Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 04 Jan 2024 08:11:29 GMT
content-encoding
gzip
server
Google Frontend
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
2d70f6c6ac8df9b5342e8c26a68a3a46
cache-control
private
function-execution-id
vkvhmusohlj8
access-control-allow-headers
Content-Type, Accept
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame
0
0
Preflight
General
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www1.citibank.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:11:28 GMT
function-execution-id
fzl8oqg6q8zv
server
Google Frontend
x-cloud-trace-context
12ffbbd2408eed6a0797b96f0fc43ab6
config.json
c.go-mpulse.net/api/ Frame 3335
6 KB
2 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX&d=www1.citibank.com.au&t=5681186&v=1.720.0&if=&sl=0&si=d67fc8c8-6562-4c1e-8cd1-0b2ece261f1c-s6q9f3&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=405779
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.40.72.127 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-72-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0221669695a1cc0421e53f5fad42a273ee9c29f02ddc6f078d6ba3563b75457c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:11:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1326
204597980046534
connect.facebook.net/signals/config/
74 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/204597980046534?v=2.9.138&r=stable&domain=www1.citibank.com.au
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
2ce93de727b78e09d9cfc5845a7b8ba54345a3161e203c28a8e97e9d108eaf6e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Jan 2024 08:11:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17085
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
25wUzIKFC79T8HMwtho5G8O9Woai+w9VpWTGu0CQs8EUrcEork3mkKoqWDAnw6qUBf8PxEpd9dacoN8rhVBkJg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/784250228/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784250228/?random=1704355888673&cv=11&fst=1704355888673&bg=ffffff&guid=ON&async=1&gtm=45be4130h2v9126741953&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww1.citibank.com.au%2F&hn=www.googleadservices.com&frm=0&tiba=Citi%20Australia&auid=539066393.1704355889&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-784250228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
5495ba562e9dea1006869cf51dffd77aab6f572ba245c3b45159dca8c0706f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1257
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=204597980046534&ev=PageView&dl=https%3A%2F%2Fwww1.citibank.com.au&rl=&if=false&ts=1704355888702&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.2.1704355888700.1704278384&pm=1&hrl=66d87e&ler=empty&it=1704355888654&coo=false&tm=1&cs_cc=1&cas=4211105855647366%2C4910180779055960%2C1251448961647265&rqm=GET
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www1.citibank.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Jan 2024 08:11:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
5680232.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/5680232.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 04 Jan 2024 08:11:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 56A500919E2C4644BBD7EDADD2DE8409 Ref B: SYD03EDGE2110 Ref C: 2024-01-04T08:11:28Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
360 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5680232&Ver=2&mid=0be38ba5-de20-4c5d-b656-a88929cbfe9c&sid=dcb97720aad811ee9f6271076a21247b&vid=dcb9a2f0aad811ee94999d676a432d3d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Citi%20Australia&kw=credit%20cards,%20credit%20card,%20insurance,%20home%20loans,%20mortgages,%20deposits,%20personal%20loans,%20personal%20loan,%20deposit%20account,%20savings%20account,%20savings%20accounts,%20foreign%20exchange,%20debit%20cards&p=https%3A%2F%2Fwww1.citibank.com.au%2F&r=&lt=896&evt=pageLoad&sv=1&rn=962861
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jan 2024 08:11:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 05DD8CD35D5748EAAA93A6AD7654019D Ref B: SYD03EDGE2110 Ref C: 2024-01-04T08:11:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1212222/trc/3/
2 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1212222/trc/3/json?tim=1704355888912&data=%7B%22id%22%3A908%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704355888906%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww1.citibank.com.au%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcititermdeposits-au-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww1.citibank.com.au%2F%22%2C%22tim%22%3A1704355888911%2C%22ref%22%3Anull%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1212222/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9f398759cac938494ed83bc2320dc9d695930046761978c80b42868cb9c4011

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
52
date
Thu, 04 Jan 2024 08:11:29 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
40762
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-krnt7300082-BFI
x-log-content-encoding
gzip
server
nginx
x-timer
S1704355889.987967,VS0,VE52
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
lgc
d9.flashtalking.com/ Frame 221D
103 B
720 B
XHR
General
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.181.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-181-218.ap-northeast-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash
22f61a2e56189d048c93f172708871202feb25886189aae3868291f75363a827

Request headers

Referer
https://servedby.flashtalking.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 04 Jan 2024 08:11:28 GMT
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://servedby.flashtalking.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
103
unip
trc.taboola.com/1212222/log/3/
0
593 B
XHR
General
Full URL
https://trc.taboola.com/1212222/log/3/unip?en=page_view&item-url=https%3A%2F%2Fwww1.citibank.com.au%2F&tim=1704355888911&ref=null&cv=20231231-4-RELEASE&tos=214&ssd=1&scd=0&vi=1704355888906&ri=2722d9005f917356e45180694429a0fa&sd=v2_449a4732bc6c6260110a639a83a5c6d5_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQvv5JGIr-m5zNMSABKAEw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
43
date
Thu, 04 Jan 2024 08:11:29 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
40674
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-krnt7300082-BFI
pragma
no-cache
server
nginx
x-timer
S1704355889.194916,VS0,VE43
content-type
image/gif
access-control-allow-origin
https://www1.citibank.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1212222/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 04 Jan 2024 08:11:29 GMT
x-amz-request-id
E5BMFHQVVWZTX9K1
age
2343
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EuVPdt7Z6kYw97siGwuAO2Mnyc4SOderKG58H2ZlhaOotasTGOVhhNfH3nkMbYK+5OhWGP1bFzE=
x-served-by
cache-bfi-krnt7300082-BFI
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1704355889.195600,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
51
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
930
eid.es5.js
cdn.taboola.com/scripts/
17 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1212222/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 04 Jan 2024 08:11:29 GMT
x-amz-request-id
ANWD8HG8KKVY769A
age
17363
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
Cvu4RV2CtVFS0LQCKJc60OfTEUOORQlVKc4bsgv9L8GJZ6M6NzSCTHk3izodyufVJoH2rU346Ck=
x-served-by
cache-bfi-krnt7300082-BFI
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-timer
S1704355889.196090,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
93
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
9785
json
trc.taboola.com/1499623/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1499623/trc/3/json?tim=1704355889127&data=%7B%22id%22%3A854%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1%22%2C%22vi%22%3A1704355888906%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww1.citibank.com.au%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcititermdeposits-au-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704355888916%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww1.citibank.com.au%2F%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1212222/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e6e0790e117585960217ec3ccbc12b28917ae0942d8f0ef5411cb964c469bcc7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Thu, 04 Jan 2024 08:11:29 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
40679
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-krnt7300082-BFI
x-log-content-encoding
gzip
server
nginx
x-timer
S1704355889.197631,VS0,VE58
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
dest5.html
citiau.demdex.net/ Frame 14CC
7 KB
3 KB
Document
General
Full URL
https://citiau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.92.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-92-227.compute-1.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Jan 2024 08:11:29 GMT
dcs
dcs-prod-va6-2-v053-0e6a9b62f.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 17 Nov 2023 11:15:17 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
7u+CuVBRRCc=
id
smetrics.citibank.com.au/
48 B
465 B
XHR
General
Full URL
https://smetrics.citibank.com.au/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&mid=30796973832455128181437097865197604123&ts=1704355889172
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-15.data.adobedc.net
Software
jag /
Resource Hash
72876d23befce4c325468e46239c39f2443689015be2f76f0e252450f598109f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jan 2024 08:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www1.citibank.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
/
lasteventf-tm.everesttech.net/
0
217 B
XHR
General
Full URL
https://lasteventf-tm.everesttech.net/?_les_imsOrgId=9D2361D45DFA6F800A495FEF@AdobeOrg&_les_sdid=24E5431E7E6D3996-66B46481E49461BA&_les_last_search_click=&_les_rsid=citiau-au-prod&_les_mid=30796973832455128181437097865197604123&_les_rampid_env=&_les_url=https%3A%2F%2Fwww1.citibank.com.au%2F
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 04 Jan 2024 08:11:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704355890.567110,VS0,VE0
x-cache
MISS
content-type
text/plain
access-control-allow-origin
https://www1.citibank.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-bfi-krnt7300033-BFI
delivery
citiau.tt.omtrdc.net/rest/v1/
349 B
844 B
XHR
General
Full URL
https://citiau.tt.omtrdc.net/rest/v1/delivery?client=citiau&sessionId=2a2770a038c9479f80971e7003b6fda6&version=2.3.2
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.186 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-186.data.adobedc.net
Software
jag /
Resource Hash
cbd5480872fbe450fc59076b49fc00f618598b840a524aaca5434401a7aa92a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:11:29 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www1.citibank.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
363220f2-a1b7-4ab0-9c8a-7bc791653bce
ibs:dpid=411&dpuuid=ZZZoMgAAAKKXxgN1
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=25832308108508721471915624325004887610
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZZoMgAAAKKXxgN1
42 B
714 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZZoMgAAAKKXxgN1
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
44.206.92.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-92-227.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-03564d7a1.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
rBSoCq6YR8s=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZZoMgAAAKKXxgN1
Date
Thu, 04 Jan 2024 08:11:30 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
www.google.com/pagead/1p-user-list/784250228/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/784250228/?random=1704355888673&cv=11&fst=1704355200000&bg=ffffff&guid=ON&async=1&gtm=45be4130h2v9126741953&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww1.citibank.com.au%2F&frm=0&tiba=Citi%20Australia&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IXSHyCi4UQRm4wTlzGrF3hIGazL1Ag&random=3586771642&rmt_tld=0&ipr=y
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/784250228/
42 B
455 B
Image
General
Full URL
https://www.google.com.au/pagead/1p-user-list/784250228/?random=1704355888673&cv=11&fst=1704355200000&bg=ffffff&guid=ON&async=1&gtm=45be4130h2v9126741953&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww1.citibank.com.au%2F&frm=0&tiba=Citi%20Australia&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IXSHyCi4UQRm4wTlzGrF3hIGazL1Ag&random=3586771642&rmt_tld=1&ipr=y
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servedby.flashtalking.com/track/119300;12701;403;17043558-8837-87C9-11BE-A66756427BAC/ Frame 221D
42 B
342 B
Image
General
Full URL
https://servedby.flashtalking.com/track/119300;12701;403;17043558-8837-87C9-11BE-A66756427BAC/?ft_data=d9:055d0a39f6944bf49af52620540e232c;d9s:055d0a39f6944bf49af52620540e232c&cachebuster=106919.54621918498
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.239.49 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-239-49.deploy.static.akamaitechnologies.com
Software
prod-xre-app1.syd11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=155327.89426741368
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:11:29 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app1.syd11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Thu, 04 Jan 2024 08:11:29 GMT
/
pips.taboola.com/
4 B
183 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-bne12522-BNE
date
Thu, 04 Jan 2024 08:11:29 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www1.citibank.com.au
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
66627
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
  • https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&_li_chk=true&previous_uuid=05660e4ac39c47da87a214c49e18080d
  • https://i6.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
43 B
274 B
Image
General
Full URL
https://i6.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
HTTP/1.1
Server
54.92.211.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-92-211-170.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:11:31 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/66627?bidder_id=88068&bidder_uuid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
Date
Thu, 04 Jan 2024 08:11:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
ibs:dpid=1957&dpuuid=0A40CA34916D64CE1CB2D9C890976545
dpm.demdex.net/ Frame 14CC
Redirect Chain
  • https://c.bing.com/c.gif?uid=25832308108508721471915624325004887610&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A40CA34916D64CE1CB2D9C890976545
42 B
714 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A40CA34916D64CE1CB2D9C890976545
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
44.206.92.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-92-227.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://citiau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0c0d8dc9b.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
u+qu4tY6S10=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B7F8C0D2261C4B608FE2A203F98C7B1B Ref B: SYD03EDGE2110 Ref C: 2024-01-04T08:11:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0A40CA34916D64CE1CB2D9C890976545
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=121998&dpuuid=a5e6ff6d97e979f04832bdcf3c63441c
dpm.demdex.net/ Frame 14CC
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=25832308108508721471915624325004887610?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=25832308108508721471915624325004887610?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a5e6ff6d97e979f04832bdcf3c63441c
42 B
715 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a5e6ff6d97e979f04832bdcf3c63441c
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
44.206.92.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-92-227.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://citiau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-0cfbd0968.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
RIFKZOcqRTI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a5e6ff6d97e979f04832bdcf3c63441c
cache-control
no-cache
x-server
10.42.30.120
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 14CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wlpab01RQUw5eGQwVmdCZA==&_test=ZZZoMQAL9xd0VgBd
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wlpab01RQUw5eGQwVmdCZA==&_test=ZZZoMQAL9xd0VgBd
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://citiau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-bfi-krnt7300033-BFI
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704355890.892477,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wlpab01RQUw5eGQwVmdCZA==&_test=ZZZoMQAL9xd0VgBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&mbl=ZmFsc2U=
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 04 Jan 2024 08:11:30 GMT
cache-control
no-store
server
nginx
btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 14CC
0
0

ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 14CC
0
0

bounce
ib.adnxs.com/ Frame 14CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=ZZZoMQAL9xd0VgBd
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZZZoMQAL9xd0VgBd
43 B
902 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZZZoMQAL9xd0VgBd
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://citiau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
an-x-request-uuid
ee93c805-63d6-453a-8bf3-5e247b6f01e5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.165; 66.203.112.165; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
an-x-request-uuid
fcb312f1-f545-4a21-8bc0-71d95bd2546c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZZZoMQAL9xd0VgBd
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.165; 66.203.112.165; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 14CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZZoMQAL9xd0VgBd
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZZZoMQAL9xd0VgBd
43 B
171 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZZZoMQAL9xd0VgBd
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://citiau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZZZoMQAL9xd0VgBd
date
Thu, 04 Jan 2024 08:11:30 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 14CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZZZoMQAL9xd0VgBd
1 B
452 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZZZoMQAL9xd0VgBd
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://citiau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 01:44:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-bfi-krnt7300033-BFI
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704355890.184055,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZZZoMQAL9xd0VgBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 14CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZZZoMQAL9xd0VgBd&img=1
0
0

b.php
www.facebook.com/fr/ Frame 14CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZZZoMgAAAKKXxgN1&t=2592000&o=0
43 B
977 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZZZoMgAAAKKXxgN1&t=2592000&o=0
Requested by
Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol
H2
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://citiau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
date
Thu, 04 Jan 2024 00:11:30 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
public
x-fb-debug
Ranmn8+fx414m+e55OTmVjfFOKyzufdwp013z8zWHPsTZviq11A58HlYA0ftIa/8aOtFH62X1YTJsCrn6hK3NA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Thu, 04 Jan 2024 00:11:30 PST

Redirect headers

x-served-by
cache-bfi-krnt7300033-BFI
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704355890.438758,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZZZoMgAAAKKXxgN1&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
unip
trc-events.taboola.com/1212222/log/3/
0
526 B
XHR
General
Full URL
https://trc-events.taboola.com/1212222/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=0&ssd=1&est=1704355888909&ver=36&isls=true&src=i&invt=1500&msa=1570&rv=1&tim=1704355890470&vi=1704355888906&ri=2722d9005f917356e45180694429a0fa&sd=v2_449a4732bc6c6260110a639a83a5c6d5_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQvv5JGIr-m5zNMSABKAEw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww1.citibank.com.au%2F
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www1.citibank.com.au
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1499623/log/3/
0
525 B
XHR
General
Full URL
https://trc-events.taboola.com/1499623/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1704355888909&ver=36&isls=true&src=i&invt=1500&msa=1570&rv=1&tim=1704355890471&vi=1704355888906&ri=835169fbeb59dd9ca284a2b81f92475a&sd=v2_99007bfb8acab7421eed59d0d0628669_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQ58NbGIr-m5zNMSABKAMw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww1.citibank.com.au%2F
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www1.citibank.com.au
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
s02043275421593
smetrics.citibank.com.au/b/ss/citiau-au-prod/10/JS-2.22.4-LDQM/
3 KB
3 KB
Script
General
Full URL
https://smetrics.citibank.com.au/b/ss/citiau-au-prod/10/JS-2.22.4-LDQM/s02043275421593?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=4%2F0%2F2024%2016%3A11%3A31%204%20-480&d.&nsid=0&jsonv=1&.d&sdid=24E5431E7E6D3996-66B46481E49461BA&mid=30796973832455128181437097865197604123&aamlh=7&ce=UTF-8&ns=citiau&cdp=3&fpCookieDomainPeriods=3&pageName=AU%3APublic%3AHome&g=https%3A%2F%2Fwww1.citibank.com.au%2F&cc=AUD&ch=Public&server=www1.citibank.com.au&events=event2%3Dundefined&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=Web&v1=Web&c2=Australia&v2=Australia&v3=prod&c4=Thursday%20%2C%207%3A11%20PM&v4=Thursday%20%2C%207%3A11%20PM&c5=New&v5=New&c6=30796973832455128181437097865197604123&v6=30796973832455128181437097865197604123&c7=anon&v7=1&c8=SiteCatalyst%20Base%20Code%20JS%202.22.0&v8=SiteCatalyst%20Base%20Code%20JS%202.22.0&c15=AU%3APublic&v15=AU%3APublic&c16=AU%3APublic%3AHome&v16=AU%3APublic%3AHome&c19=pre-login%20content%20page&v19=pre-login%20content%20page&c20=AU%3APublic%3AHome&v20=AU%3APublic%3AHome&c21=https%3A%2F%2Fwww1.citibank.com.au%2F&v21=https%3A%2F%2Fwww1.citibank.com.au%2F&c22=https%3A%2F%2Fwww1.citibank.com.au%2F&v22=https%3A%2F%2Fwww1.citibank.com.au%2F&c24=en&v24=en&v119=Prospect&v130=anon&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-15.data.adobedc.net
Software
jag /
Resource Hash
4eb85852456b28f2f55bdddc3c6d992ea224cebdb447eb45b2d151d0f5301642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-aam-tid
i4rVl7eeSJE=
date
Thu, 04 Jan 2024 08:11:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
2714
x-xss-protection
1; mode=block
dcs
dcs-prod-va6-2-v053-0abfeb8fd.edge-va6.demdex.com 7 ms
pragma
no-cache
last-modified
Fri, 05 Jan 2024 08:11:31 GMT
server
jag
etag
3660076407623548928-4617933884355276543
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 03 Jan 2024 08:11:31 GMT
results.txt
ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net/eum/ Frame 3335
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p9rishfyu
  • https://ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
23.48.96.153 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:11:32 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Thu, 04 Jan 2024 08:11:31 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
results.txt
66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net/eum/ Frame 3335
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p9rishfyu
  • https://66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
23.55.38.58 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-38-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:11:33 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Thu, 04 Jan 2024 08:11:32 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
/
684d0d4c.akstat.io/
0
206 B
Ping
General
Full URL
https://684d0d4c.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.40.72.127 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-72-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:11:32 GMT
content-type
image/gif
access-control-allow-origin
https://www1.citibank.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Thu, 04 Jan 2024 08:11:32 GMT
unip
trc-events.taboola.com/1212222/log/3/
0
526 B
XHR
General
Full URL
https://trc-events.taboola.com/1212222/log/3/unip?en=pre_d_eng_tb&tos=4562&scd=0&ssd=1&est=1704355888909&ver=36&isls=true&src=i&invt=3000&msa=1570&rv=1&tim=1704355893472&vi=1704355888906&ri=2722d9005f917356e45180694429a0fa&sd=v2_449a4732bc6c6260110a639a83a5c6d5_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQvv5JGIr-m5zNMSABKAEw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww1.citibank.com.au%2F
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www1.citibank.com.au
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1499623/log/3/
0
526 B
XHR
General
Full URL
https://trc-events.taboola.com/1499623/log/3/unip?en=pre_d_eng_tb&tos=4563&scd=0&ssd=1&est=1704355888909&ver=36&isls=true&src=i&invt=3000&msa=1570&rv=1&tim=1704355893473&vi=1704355888906&ri=835169fbeb59dd9ca284a2b81f92475a&sd=v2_99007bfb8acab7421eed59d0d0628669_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQ58NbGIr-m5zNMSABKAMw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww1.citibank.com.au%2F
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www1.citibank.com.au
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1212222/log/3/
0
526 B
XHR
General
Full URL
https://trc-events.taboola.com/1212222/log/3/unip?en=pre_d_eng_tb&tos=10565&scd=0&ssd=1&est=1704355888909&ver=36&isls=true&src=i&invt=6000&msa=1570&rv=1&tim=1704355899474&vi=1704355888906&ri=2722d9005f917356e45180694429a0fa&sd=v2_449a4732bc6c6260110a639a83a5c6d5_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQvv5JGIr-m5zNMSABKAEw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww1.citibank.com.au%2F
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www1.citibank.com.au
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1499623/log/3/
0
526 B
XHR
General
Full URL
https://trc-events.taboola.com/1499623/log/3/unip?en=pre_d_eng_tb&tos=10565&scd=0&ssd=1&est=1704355888909&ver=36&isls=true&src=i&invt=6000&msa=1570&rv=1&tim=1704355899475&vi=1704355888906&ri=835169fbeb59dd9ca284a2b81f92475a&sd=v2_99007bfb8acab7421eed59d0d0628669_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQ58NbGIr-m5zNMSABKAMw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE&ui=b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww1.citibank.com.au%2F
Requested by
Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/polyfills-es2015.3eb67d07d32ce3387c26.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www1.citibank.com.au
pragma
no-cache
date
Thu, 04 Jan 2024 08:11:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZZZoMQAL9xd0VgBd&img=1

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| getCookie function| mergeObjects function| setCitiDatafromCookie object| citiDataUser object| citiData function| prebootInitFn object| prebootData object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart number| value1 number| value2 string| splChars string| url object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| closeWebview function| $ function| jQuery object| __zone_symbol__beforeunloadfalse object| __zone_symbol__pagehidefalse object| __zone_symbol__pageshowfalse object| __zone_symbol__DOMContentLoadedfalse function| saveAs object| __zone_symbol__storagefalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__scrollfalse object| __zone_symbol__clickfalse object| __zone_symbol__beforeprintfalse object| __zone_symbol__afterprintfalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__focusfalse object| _satellite boolean| __satelliteLoaded object| ad_cloud object| __zone_symbol__loadfalse function| getTimeParting object| adobe function| Visitor object| s_c_il number| s_c_in object| __zone_symbol__messagefalse object| __zone_symbol__loadtrue object| __zone_symbol__event-view-endtrue object| __zone_symbol__spaPageViewtrue object| __zone_symbol__LeadSubmitCompleteEventtrue object| __zone_symbol__LeadSubmitEventtrue object| __zone_symbol__LeadStartEventtrue object| __zone_symbol__adobeEventtrue function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| dataLayer function| fbq function| _fbq object| _tfa object| uetq function| pdst object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL function| endOfDatePeriod function| AdCloudEvent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_bae9b360d1 function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError number| BOOMR_configt object| __zone_symbol__scrolltrue object| __zone_symbol__orientationchangetrue function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray number| BOOMR_onload function| isSafari11Plus function| getDomain object| s_i_citiau-au-prod function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

43 Cookies

Domain/Path Name / Value
.taboola.com/merkle-au-citibankconsumerlending-sc/ Name: taboola_session_id
Value: v2_99007bfb8acab7421eed59d0d0628669_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQ58NbGIr-m5zNMSABKAMw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE
.taboola.com/cititermdeposits-au-sc/ Name: taboola_session_id
Value: v2_449a4732bc6c6260110a639a83a5c6d5_b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1_1704355889_1704355889_CNawjgYQvv5JGIr-m5zNMSABKAEw4QE4kaQOQNWmD0jWndsDUPUDWABgAGiX1Mza_5njnMEBcAE
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxD8Fg
.citibank.com.au/ Name: at_check
Value: true
www1.citibank.com.au/ Name: __pdst
Value: 840fb7a2ff83485797a11655a6f54acc
.citibank.com.au/ Name: _gcl_au
Value: 1.1.539066393.1704355889
.citibank.com.au/ Name: _fbp
Value: fb.2.1704355888700.1704278384
.citibank.com.au/ Name: _uetsid
Value: dcb97720aad811ee9f6271076a21247b
.citibank.com.au/ Name: _uetvid
Value: dcb9a2f0aad811ee94999d676a432d3d
.demdex.net/ Name: demdex
Value: 25832308108508721471915624325004887610
.bing.com/ Name: MUID
Value: 0A40CA34916D64CE1CB2D9C890976545
.bat.bing.com/ Name: MR
Value: 0
.taboola.com/ Name: t_gid
Value: b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
.taboola.com/ Name: t_pt_gid
Value: b5958e76-3184-4405-b2ff-a7be0401301d-tuctc8fedb1
.www1.citibank.com.au/ Name: AMCVS_9D2361D45DFA6F800A495FEF%40AdobeOrg
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.flashtalking.com/ Name: _D9J
Value: 78bd0558b4b5464484d5f09a088406c4
.c.bing.com/ Name: MR
Value: 0
.citibank.com.au/ Name: adcloud
Value: {%22_les_v%22:%22y%2Ccitibank.com.au%2C1704357689%22}
.dpm.demdex.net/ Name: dpm
Value: 25832308108508721471915624325004887610
.citibank.com.au/ Name: mbox
Value: session#2a2770a038c9479f80971e7003b6fda6#1704357749|PC#2a2770a038c9479f80971e7003b6fda6.34_0#1767600690
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: a5e6ff6d97e979f04832bdcf3c63441c
.citibank.com.au/ Name: s_ecid
Value: MCMID%7C30796973832455128181437097865197604123
.liadm.com/ Name: lidid
Value: 05660e4a-c39c-47da-87a2-14c49e18080d
.openx.net/ Name: i
Value: d8b72fca-cefa-4d55-a6c2-35f9ed0b0cca|1704355890
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZZoMgAAAKKXxgN1
.demdex.net/ Name: dextp
Value: 1957-1-1704355889398|121998-1-1704355889499|144230-1-1704355889600|144231-1-1704355889703|144232-1-1704355889804|144233-1-1704355889910|144234-1-1704355890013|144235-1-1704355890114|144236-1-1704355890214|144237-1-1704355890316
.adnxs.com/ Name: uuid2
Value: 6243212556725522718
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2Ilad@17P!]tbPl1MwL(!R7qUY#QP@8->HYU<yXQIyDY?n<Ek%XLaE<QG=%9sk?bIRwi:w9Ld1Iu_b7_pSf?(lOfM!x(6k*fF#a
.www1.citibank.com.au/ Name: AMCV_9D2361D45DFA6F800A495FEF%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19727%7CMCMID%7C30796973832455128181437097865197604123%7CMCAAMLH-1704960689%7C7%7CMCAAMB-1704960689%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1704363089s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19734%7CvVersion%7C5.2.0
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-ZZZoMQAL9xd0VgBd&KRTB&22978-ZZZoMQAL9xd0VgBd&KRTB&23194-ZZZoMQAL9xd0VgBd&KRTB&23209-ZZZoMQAL9xd0VgBd
.pubmatic.com/ Name: PugT
Value: 1704332668
.citibank.com.au/ Name: s_nr30
Value: 1704355891541-New
.citibank.com.au/ Name: s_vnc365
Value: 1735891891542%26vn%3D1
.citibank.com.au/ Name: s_ivc
Value: true
.citibank.com.au/ Name: s_gpv
Value: AU%3APublic%3AHome
.citibank.com.au/ Name: gpv_Page
Value: AU%3APublic%3AHome
.citibank.com.au/ Name: RT
Value: "z=1&dm=citibank.com.au&si=41505908-aefb-4beb-a7fa-545d6991c0b2&ss=lqyxhn5s&sl=1&tt=3bs&bcn=%2F%2F684d0d4c.akstat.io%2F&ld=3bu"
.citibank.com.au/ Name: s_cc
Value: true
.citibank.com.au/ Name: s_plt
Value: 4.31
.citibank.com.au/ Name: s_pltp
Value: AU%3APublic%3AHome
.www1.citibank.com.au/ Name: aam_uuid
Value: 25832308108508721471915624325004887610

1 Console Messages

Source Level URL
Text
network error URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZZZoMQAL9xd0VgBd&img=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66-203-112-165_s-23-55-38-25_ts-1704355892-clienttons-s.akamaihd.net
684d0d4c.akstat.io
assets.adobedtm.com
bat.bing.com
c.bing.com
c.go-mpulse.net
cdn.pdst.fm
cdn.taboola.com
cds.taboola.com
citiau.demdex.net
citiau.tt.omtrdc.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d9.flashtalking.com
dpm.demdex.net
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
ilfxbjixgbqmszmwnazq-p9rish-7ea6897f1-clientnsv4-s.akamaihd.net
image2.pubmatic.com
lasteventf-tm.everesttech.net
marketingportal.citibank.com
pips.taboola.com
pixel.everesttech.net
s.go-mpulse.net
servedby.flashtalking.com
smetrics.citibank.com.au
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
trc-events.taboola.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
us-central1-adaptive-growth.cloudfunctions.net
us-u.openx.net
www.cdn.citibank.com
www.everestjs.net
www.facebook.com
www.google.com
www.google.com.au
www.googletagmanager.com
www1.citibank.com.au
sync-tm.everesttech.net
sync.search.spotxchange.com
103.43.90.53
141.226.224.32
141.226.229.48
142.250.204.8
142.251.221.66
142.251.221.67
151.101.1.44
151.101.194.49
157.240.8.23
157.240.8.35
172.217.167.98
172.217.24.36
18.141.15.108
184.24.255.246
204.79.197.200
207.65.33.82
216.239.36.54
23.198.63.128
23.214.57.230
23.40.72.127
23.48.96.153
23.48.96.201
23.52.229.245
23.52.239.49
23.55.38.25
23.55.38.58
3.87.84.178
35.244.142.80
35.244.159.8
44.206.92.227
52.220.125.144
52.220.171.73
54.64.181.218
54.92.211.170
63.140.38.15
63.140.38.186
0221669695a1cc0421e53f5fad42a273ee9c29f02ddc6f078d6ba3563b75457c
0518c50b8f0ca1f7ba01c80cb0eec09b78a42491b89a263c5b9c58bb1bc78013
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3692f62100e7674d2f1d06ce0171845f665c2bab2f7cecb11b59082d30ebe9
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
22f61a2e56189d048c93f172708871202feb25886189aae3868291f75363a827
2541fe15a73104857ed3c54e554955982fb79e64add39bce7b166310f80db85c
26b9c181b6e962215fb32524538c698feb486d76e450b4474fb6853d11cf3516
282e057a5e2cac1d182acc1fdcba803fdb4523712b53aed5f6de15589bbbab93
2ce93de727b78e09d9cfc5845a7b8ba54345a3161e203c28a8e97e9d108eaf6e
2e1d1652559c4527088087f13194978d90937f45762f3a7f6f3a69d79a70e269
348cf8dfd66cd924b4d3db7b4afd24bf0b752c8e99f9e5b6d0e71e619607a728
36f5959d29a589389a72cfbb32121fb47fcc3f0b703aef7d0e0bb6392233e136
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44202736a1f07eb7238674a443ee043424f3fa89b7e1663b1a8a1a731d265522
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb85852456b28f2f55bdddc3c6d992ea224cebdb447eb45b2d151d0f5301642
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5495ba562e9dea1006869cf51dffd77aab6f572ba245c3b45159dca8c0706f05
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
72876d23befce4c325468e46239c39f2443689015be2f76f0e252450f598109f
7926d3722019e845f60fbdd057607bd9dd2fbe8db662e9d395e730109641ac1a
7b0877f5c5aa450b8414d2fbcc6296129b1f52d44d1cab3b7c89aeca26718065
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c4006ede4569b1a645059f458b9b6f5c118a554b02953c3645d55590338de0c
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
7cf731a63dbf62b57045dd2dfd16b2cc9d14c541dd7450d9f2d9f0008a5eede9
9c254868f71d53c64e985fdd62e87c856e5d587c8fc647859250b5e0b3788a53
a1d48aefd0b04c9dbac6200b7c9f34cff61c7691e88cc395a9c82cdfbceb6b75
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8
b1c3acba6f8d34eaf67cf89f75dc2aed4a4385cd913f52d10511cc9661789199
b435b5d83d12c98a73e5d31b0dfac1ad33a66aed2b827446f928375408a35f31
b58481c69d3f81d3a1bdb0ca3062975d8fa5ee48e252de5bae5d3f3ae8d1a5da
b9f398759cac938494ed83bc2320dc9d695930046761978c80b42868cb9c4011
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c5c98d4826ad19fd24bd91e22c5afe32324f3175433f0a1a484424fc79caa2de
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cbd5480872fbe450fc59076b49fc00f618598b840a524aaca5434401a7aa92a0
cc7d80a8a015d1a681162fe1ba47c67bb22fdc653cc0c2b66fc18733b372a278
cff9dbc1b9c68869348062f32a0aeb541be7ec79603762227fe6d0c2dd2dab60
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4
d6a3fe6f3f62867aad1b90b528e3d882817ba31901d25ac24d1ec0ae7ccc60a0
d7a4fada78c459dd56b2f4958ded1caa00445a1b801baa553a0a755b2e6e69e7
dfd7813d457c7e9dbec1aa447d797b177797a740b2d1869ed6e4d63b2da10d13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e0790e117585960217ec3ccbc12b28917ae0942d8f0ef5411cb964c469bcc7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51fc9316faa3d05b51d0ef5c51d095dbfdb8aa48bfdabaaf58f792c9dc0dcb7
f996cda08b2649a38263ccf0d1ba02a5e6443c14976d17e92cd2d170c3024b93
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc23ba8d5567a8bd8b0185acf1bb1aabcc5cec8c8c1ed490945b57834599ea4a