www.thankyou.com
Open in
urlscan Pro
3.232.180.225
Public Scan
Submitted URL: http://thankyou.com/
Effective URL: https://www.thankyou.com/cms/thankyou/
Submission: On April 25 via manual from NL — Scanned from NL
Effective URL: https://www.thankyou.com/cms/thankyou/
Submission: On April 25 via manual from NL — Scanned from NL
Summary
This website contacted 17 IPs
in 4 countries
across 12 domains to perform 95 HTTP transactions.
The main IP is 3.232.180.225, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is www.thankyou.com.
The Cisco Umbrella rank of the primary domain is 406582.
TLS certificate: Issued by DigiCert EV RSA CA G2 on July 3rd 2023. Valid for: a year.
This is the only time www.thankyou.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert EV RSA CA G2 on July 3rd 2023. Valid for: a year.
This is the only time www.thankyou.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
12
3.232.180.225
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-180-225.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-180-225.compute-1.amazonaws.com
| thankyou.com | |
| www.thankyou.com |
46
163.171.128.172
(Frankfurt am Main, Germany)
ASN54994 (ML-1432-54994, CA)
ASN54994 (ML-1432-54994, CA)
| staticcontent.thankyou.com |
1
66.235.152.221
(United States)
ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-221.data.adobedc.net
ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-221.data.adobedc.net
| citicorpcreditservic.tt.omtrdc.net |
8
104.17.209.240
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| zn9rcvt7xh3iyd3sa-citifeedback.siteintercept.qualtrics.com | |
| siteintercept.qualtrics.com |
5
108.138.7.70
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-70.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-70.fra56.r.cloudfront.net
| content.blackhawknetwork.com |
8
65.9.66.24
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-24.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-24.fra56.r.cloudfront.net
| nexus.ensighten.com |
1
2a00:1450:4001:812::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
18.172.103.101
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net
| js.adsrvr.org |
1
216.200.122.11
(Portland, United States)
ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com
ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com
| gwmtracking.com |
2
142.250.186.70
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
| ad.doubleclick.net |
1
216.58.206.66
(United States)
ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
| adservice.google.com |
1
34.252.40.201
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-40-201.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-40-201.eu-west-1.compute.amazonaws.com
| sp.analytics.yahoo.com |
1
52.54.220.132
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-220-132.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-220-132.compute-1.amazonaws.com
| prod.report.nacustomerexperience.citi.com |
1
35.71.131.137
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| insight.adsrvr.org |
2
63.140.62.222
(United States)
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net
| metrics1.thankyou.com |
2
2.19.61.103
(Dublin, Ireland)
ASN16625 (AKAMAI-AS, US)
PTR: a2-19-61-103.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-19-61-103.deploy.static.akamaitechnologies.com
| static-assets.qualtrics.com | |
| co1.qualtrics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 60 |
thankyou.com
2 redirects
thankyou.com — Cisco Umbrella Rank: 343264 www.thankyou.com — Cisco Umbrella Rank: 406582 staticcontent.thankyou.com — Cisco Umbrella Rank: 459662 metrics1.thankyou.com — Cisco Umbrella Rank: 731604 |
3 MB |
| 13 |
qualtrics.com
zn9rcvt7xh3iyd3sa-citifeedback.siteintercept.qualtrics.com — Cisco Umbrella Rank: 772552 siteintercept.qualtrics.com — Cisco Umbrella Rank: 922 static-assets.qualtrics.com — Cisco Umbrella Rank: 26339 co1.qualtrics.com — Cisco Umbrella Rank: 8626 |
80 KB |
| 11 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3879 |
187 KB |
| 5 |
blackhawknetwork.com
content.blackhawknetwork.com — Cisco Umbrella Rank: 91830 |
150 KB |
| 2 |
doubleclick.net
2 redirects
ad.doubleclick.net — Cisco Umbrella Rank: 153 |
48 B |
| 2 |
adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1361 insight.adsrvr.org — Cisco Umbrella Rank: 622 |
4 KB |
| 1 |
citi.com
prod.report.nacustomerexperience.citi.com — Cisco Umbrella Rank: 19564 |
3 KB |
| 1 |
yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1556 |
501 B |
| 1 |
google.com
adservice.google.com — Cisco Umbrella Rank: 159 |
63 B |
| 1 |
gwmtracking.com
1 redirects
gwmtracking.com — Cisco Umbrella Rank: 22762 |
389 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
74 KB |
| 1 |
omtrdc.net
citicorpcreditservic.tt.omtrdc.net — Cisco Umbrella Rank: 31998 |
809 B |
| 95 | 12 |
| Domain | Requested by | |
|---|---|---|
| 46 | staticcontent.thankyou.com |
www.thankyou.com
staticcontent.thankyou.com |
| 11 | nexus.ensighten.com |
www.thankyou.com
nexus.ensighten.com |
| 11 | www.thankyou.com |
staticcontent.thankyou.com
|
| 10 | siteintercept.qualtrics.com |
zn9rcvt7xh3iyd3sa-citifeedback.siteintercept.qualtrics.com
staticcontent.thankyou.com siteintercept.qualtrics.com |
| 5 | content.blackhawknetwork.com | |
| 2 | metrics1.thankyou.com | 1 redirects |
| 2 | ad.doubleclick.net | 2 redirects |
| 1 | co1.qualtrics.com | |
| 1 | static-assets.qualtrics.com | |
| 1 | insight.adsrvr.org |
js.adsrvr.org
|
| 1 | prod.report.nacustomerexperience.citi.com |
staticcontent.thankyou.com
|
| 1 | sp.analytics.yahoo.com | |
| 1 | adservice.google.com | |
| 1 | gwmtracking.com | 1 redirects |
| 1 | js.adsrvr.org |
nexus.ensighten.com
|
| 1 | www.googletagmanager.com |
nexus.ensighten.com
|
| 1 | zn9rcvt7xh3iyd3sa-citifeedback.siteintercept.qualtrics.com |
www.thankyou.com
|
| 1 | citicorpcreditservic.tt.omtrdc.net |
staticcontent.thankyou.com
|
| 1 | thankyou.com | 1 redirects |
| 95 | 19 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| online.citi.com |
| www.citi.com |
| www.twitter.com |
| www.facebook.com |
| www.youtube.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| thankyou.com DigiCert EV RSA CA G2 |
2023-07-03 - 2024-07-17 |
a year | crt.sh |
| staticcontent.thankyou.com DigiCert EV RSA CA G2 |
2023-07-17 - 2024-08-16 |
a year | crt.sh |
| *.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-22 - 2024-09-21 |
a year | crt.sh |
| nexus.ensighten.com Amazon RSA 2048 M02 |
2023-09-29 - 2024-10-27 |
a year | crt.sh |
| *.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-27 - 2025-02-19 |
a year | crt.sh |
| content.blackhawknetwork.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
| real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2024-03-19 - 2024-09-11 |
6 months | crt.sh |
| prod.report.nacustomerexperience.citi.com DigiCert EV RSA CA G2 |
2023-05-19 - 2024-05-22 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.thankyou.com/cms/thankyou/
Frame ID: 2F3E4B67434A44453A38B6805F7FBF60
Requests: 94 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fwww.thankyou.com%2Fcms%2Fthankyou%2F&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=&td2=&td3=&td4=&td5=https://www.thankyou.com/cms/thankyou/&td6=homepage&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Frame ID: EA4D3BF1E308C89AE239BBDF66AAC685
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Citi ThankYou® Rewards - Redeem your ThankYou® Points for great rewardsPage URL History Show full URLs
-
http://thankyou.com/
HTTP 307
https://thankyou.com/ HTTP 302
https://www.thankyou.com/ Page URL
- https://www.thankyou.com/cms/thankyou/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Ensighten
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //nexus\.ensighten\.com/
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
URL: https://online.citi.com/US/JRS/portal/template.do?ID=CitiTravelLogin
Title: Here's Why You Should Book through the Citi TravelSM site
Title: Here's Why You Should Book through the Citi TravelSM site
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare/thank-you-rewards-credit-cards?cmp=bac_acquire_2403_Thankyou_rewards_bnr_hp
Title: Learn More
Title: Learn More
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/login.do
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/dataprivacyhub
Title: CA Privacy Hub
Title: CA Privacy Hub
Search URL Search Domain Scan URL
URL: https://www.twitter.com/Citibank/
Search URL Search Domain Scan URL
URL: https://www.facebook.com/Citibank/
Search URL Search Domain Scan URL
URL: https://www.youtube.com/citi
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://thankyou.com/
HTTP 307
https://thankyou.com/ HTTP 302
https://www.thankyou.com/ Page URL
- https://www.thankyou.com/cms/thankyou/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://thankyou.com/ HTTP 307
- https://thankyou.com/ HTTP 302
- https://www.thankyou.com/
- https://gwmtracking.com/p/v/1/5cf163b7f870814c0138c6b3/format/img HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=8825552;type=invmedia;cat=citi_005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=8825552;dc_pre=CIe9_p7u3YUDFb1ZCAQdXK4OLA;type=invmedia;cat=citi_005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
- https://adservice.google.com/ddm/fls/z/src=8825552;dc_pre=CIe9_p7u3YUDFb1ZCAQdXK4OLA;type=invmedia;cat=citi_005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
- https://metrics1.thankyou.com/b/ss/citicitityprod/1/JS-2.14.0/s98192804351853?AQB=1&ndh=1&pf=1&t=25%2F3%2F2024%2019%3A12%3A20%204%20-120&fid=1CCE8DDB0EF38E8A-2FE2A07BE922C091&ce=UTF-8&ns=citinaconsumer&pageName=homepage&g=https%3A%2F%2Fwww.thankyou.com%2Fcms%2Fthankyou%2F&r=https%3A%2F%2Fwww.thankyou.com%2F&c.&language=ENG&.c&ch=epsilon&server=thankyou.com&events=event9&c1=epsilon&v1=homepage&v2=Not%20Logged%20In&c3=homepage&c4=ENG&c9=homepage&v13=epsilon&v14=homepage&v15=1%3A00PM&v16=Thursday&v31=New&v32=1&c64=New&c65=1&c66=1%3A00PM&c67=Thursday&c74=https%3A%2F%2Fwww.thankyou.com%2Fcms%2Fthankyou%2F&c75=Citi%20TY%20AppMeasurement%202.14.0%20-%202019-AUG-15&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://metrics1.thankyou.com/b/ss/citicitityprod/1/JS-2.14.0/s98192804351853?AQB=1&pccr=true&vidn=3315477AFB894273-6000154844AF43C3&ndh=1&pf=1&t=25%2F3%2F2024%2019%3A12%3A20%204%20-120&fid=1CCE8DDB0EF38E8A-2FE2A07BE922C091&ce=UTF-8&ns=citinaconsumer&pageName=homepage&g=https%3A%2F%2Fwww.thankyou.com%2Fcms%2Fthankyou%2F&r=https%3A%2F%2Fwww.thankyou.com%2F&c.&language=ENG&.c&ch=epsilon&server=thankyou.com&events=event9&c1=epsilon&v1=homepage&v2=Not%20Logged%20In&c3=homepage&c4=ENG&c9=homepage&v13=epsilon&v14=homepage&v15=1%3A00PM&v16=Thursday&v31=New&v32=1&c64=New&c65=1&c66=1%3A00PM&c67=Thursday&c74=https%3A%2F%2Fwww.thankyou.com%2Fcms%2Fthankyou%2F&c75=Citi%20TY%20AppMeasurement%202.14.0%20-%202019-AUG-15&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
95 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
www.thankyou.com/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Primary Request
/
www.thankyou.com/cms/thankyou/ |
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.thankyou.com/ |
149 B 260 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.css
staticcontent.thankyou.com/cms/ng/ty-ang/dist/ty-cms/ |
242 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
at.js
staticcontent.thankyou.com/cms/js/citirewards/ty/usa/publicis/ |
119 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
runtime.js
staticcontent.thankyou.com/cms/ng/ty-ang/dist/ty-cms/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
polyfills.js
staticcontent.thankyou.com/cms/ng/ty-ang/dist/ty-cms/ |
34 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scripts.js
staticcontent.thankyou.com/cms/ng/ty-ang/dist/ty-cms/ |
106 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
staticcontent.thankyou.com/cms/ng/ty-ang/dist/ty-cms/ |
3 MB 858 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
delivery
citicorpcreditservic.tt.omtrdc.net/rest/v1/ |
296 B 809 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.woff
staticcontent.thankyou.com/cms/fonts/citirewards/ty/usa/ |
74 KB 74 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dl_config.json
staticcontent.thankyou.com/cms/json/citirewards/datalayercontent/data/ty/ |
1 KB 927 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header.page
www.thankyou.com/cms/tyservice/ |
16 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tyMemberInfo-ajax.json
www.thankyou.com/ |
328 B 606 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tyGetCartCount-ajax.json
www.thankyou.com/ |
45 B 469 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tyoverlayconfiguration-us-eng.json
staticcontent.thankyou.com/cms/json/citirewards/tyoverlayconfiguration/data/ |
15 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
herobanner_unauth.json
staticcontent.thankyou.com/cms/json/citirewards/promotion/data/us-eng/fullwidth/ |
17 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
US-ANN-ENG.json
staticcontent.thankyou.com/cms/json/citirewards/waystoredeem/data/us-eng/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serviceprovider.page
www.thankyou.com/cms/tyservice/ |
7 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getFeaturedGiftCards.json
www.thankyou.com/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
partnerpromotions.page
www.thankyou.com/cms/tyservice/ |
17 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
US-ANN-ENG.json
staticcontent.thankyou.com/cms/json/citirewards/howitworksmodule/data/homepage/us-eng/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aquisition_off_ramp.json
staticcontent.thankyou.com/cms/json/citirewards/promotion/data/us-eng/fullwidth/ |
10 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stacked-cards.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/how-it-works/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mobile-device-vector.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/how-it-works/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shopping-bags.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/how-it-works/ |
36 KB 36 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Sans-Text-Regular.ttf
staticcontent.thankyou.com/cms/fonts/citirewards/ty/usa/citi-sans-font/ |
87 KB 87 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
glyphs.woff
staticcontent.thankyou.com/cms/fonts/citirewards/ty/usa/ |
8 KB 8 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
infoIcon.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
579 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_travel.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_giftcards.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_swp.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_cash.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_pwp.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_ptstransfer.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_ptsharing.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon_charitable.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-redeem/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Ensighten_Bootstrap_TY.js
www.thankyou.com/cms/js/citirewards/ty/usa/ |
721 B 549 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Acquisition-Ramp-Off-Desk-2X.png
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/Acquisition-off-ramp/ |
229 KB 229 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Acquisition-Ramp-Off-Mobile.png
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/Acquisition-off-ramp/ |
214 KB 214 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hero-banner-dsk.jpg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ |
102 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Sans-Text-Regular.otf
staticcontent.thankyou.com/cms/fonts/citirewards/ty/usa/citi-sans-font/ |
77 KB 78 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
travel-tablet.jpg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-explore-banner/ |
168 KB 168 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
travel-mobile.jpg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ways-to-explore-banner/ |
129 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citi-travel-logo.png
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/banner-carousel/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rocketTravel.png
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/banner-carousel/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gc-tab.jpg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/recommended-banner/ |
192 KB 193 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gc-mob.jpg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/recommended-banner/ |
186 KB 185 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bootstrap.js
nexus.ensighten.com/citi/typrod/ |
53 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
headerMegaMenuService.page
www.thankyou.com/cms/tyservice/ |
9 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
anonymous.json
staticcontent.thankyou.com/cms/json/citirewards/typageconfiguration/data/us-eng/ |
23 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zn9rcvt7xh3iyd3sa-citifeedback.siteintercept.qualtrics.com/SIE/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Thankyou.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/ |
7 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mob-signOn-icon.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
caret.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ |
521 B 994 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
user-icon.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/homepage-redesign/ |
296 B 796 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi.png
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer_X.svg
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/ |
117 KB 118 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer_facebook.png
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer_youtube.png
staticcontent.thankyou.com/cms/images/citirewards/ty/usa/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
82808.png
content.blackhawknetwork.com/gcmimages/product/large/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4639.jpg
content.blackhawknetwork.com/gcmimages/product/large/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
YLBN16BX0K496K5L57Z62SWVMK_0227202319:50:10.PNG
content.blackhawknetwork.com/gcmimages/product/large/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
X1NBF3512Q9MD8GWQ05QHX967R_0608202323:09:37.PNG
content.blackhawknetwork.com/gcmimages/product/large/ |
43 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AQ2PARJ2V8TZKQDNDRZTV1GTRR_0922202200:14:52.JPEG
content.blackhawknetwork.com/gcmimages/product/large/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 275 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/citi/typrod/ |
730 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
3d59b933a2f70b49e2ad8fc53d9aa141.js
nexus.ensighten.com/citi/typrod/code/ |
653 KB 165 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
43f23044b53314db56a83a54b79026ff.js
nexus.ensighten.com/citi/typrod/code/ |
7 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a873bf67f415eff77868b2d776bc28f9.js
nexus.ensighten.com/citi/typrod/code/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
12.ffd98a9d3b8cbf2075ed.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
74 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
203 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
e.gif
nexus.ensighten.com/error/ |
0 217 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
e.gif
nexus.ensighten.com/error/ |
0 220 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
src=8825552;dc_pre=CIe9_p7u3YUDFb1ZCAQdXK4OLA;type=invmedia;cat=citi_005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spp.pl
sp.analytics.yahoo.com/ |
43 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
6 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cls_report
prod.report.nacustomerexperience.citi.com/glassbox/reporting/798b2f12-9162-4a94-91ee-805d883ca266/ |
12 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
e.gif
nexus.ensighten.com/error/ |
0 218 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
e.gif
nexus.ensighten.com/error/ |
0 219 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
e.gif
nexus.ensighten.com/error/ |
0 219 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
up
insight.adsrvr.org/track/ Frame EA4D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
102 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7.8e62d1a979d0c1ed6038.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.63e783d0bfcf19085382.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
29 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
SliderModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
8 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s98192804351853
metrics1.thankyou.com/b/ss/citicitityprod/1/JS-2.14.0/ Redirect Chain
|
43 B 266 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
d2b7b238-be2e-4c4b-b797-84bfcd74d2cf
https://www.thankyou.com/ |
75 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
svg-close-btn-black-7.svg
static-assets.qualtrics.com/static/prototype-ui-modules/SharedGraphics/siteintercept/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popup_shadow_transparent.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Graphic.php
co1.qualtrics.com/WRQualtricsSiteIntercept/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
45 B 229 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
&lnn=-1&fn=&cid=1129&client=citi&publishPath=typrod&rid=3320523&did=652759&errorName=TypeError){kind=link}
&lnn=-1&fn=&cid=1129&client=citi&publishPath=typrod&rid=3320523&did=652759&errorName=TypeError){kind=link}
&lnn=-1&fn=&cid=1129&client=citi&publishPath=typrod&rid=3373579&did=660368&errorName=TypeError){kind=link}
&lnn=-1&fn=&cid=1129&client=citi&publishPath=typrod&rid=3373579&did=660368&errorName=TypeError){kind=link}
Verdicts & Comments Add Verdict or Comment
248 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 string| state string| tierCode string| sessionState string| countryCode string| languageCode string| sourceCode string| memberId string| pid string| sponsorType string| sponsorproductid object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| webpackChunkciti_angular function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched function| __zone_symbol__queueMicrotask function| $localize object| _self object| Prism object| tmObj object| kore number| messageHistoryLimit object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__orientationchangefalse object| dataLayer_epsilon string| currentURL object| prodURLs object| script object| ensBootstraps object| __zone_symbol__loadfalse object| Bootstrapper object| QSI object| WAFQualtricsWebpackJsonP-cloud-2.5.0 object| __zone_symbol__messagefalse object| _cls_config object| _detector object| __zone_symbol__visibilitychangetrue object| __zone_symbol__mousedowntrue object| __zone_symbol__keydowntrue object| __zone_symbol__touchstarttrue object| __zone_symbol__pointerdowntrue object| webVitals object| __zone_symbol__errorfalse object| __zone_symbol__securitypolicyviolationfalse object| __zone_symbol__copyfalse object| __zone_symbol__cutfalse object| __zone_symbol__pastefalse object| __zone_symbol__beforeunloadtrue object| __zone_symbol__resizetrue object| __zone_symbol__pagehidetrue object| __zone_symbol__pageshowtrue object| __zone_symbol__clicktrue object| convertize string| sObjectName string| sName function| s_gi function| s_pgicq function| AppMeasurement function| AppMeasurement_Module_AudienceManagement number| s_objectID number| s_giq object| s_c_il number| s_c_in object| s function| DIL object| citiData function| ttd_dom_ready function| TTDUniversalPixelApi object| ttdPixel object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__unloadfalse object| __zone_symbol__beforeunloadfalse object| _qsie object| google_tag_manager object| google_tag_data object| dataLayer function| gtag string| s_account number| d object| eo number| y object| dc object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd string| j object| __zone_symbol__scrollfalse object| s_i_citicitityprod object| __zone_symbol__touchendfalse function| qsiRequestAnimationFrame function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .thankyou.com/ | Name: check Value: true |
|
| .thankyou.com/ | Name: mbox Value: session#1aa9ddefb0ad4b79952b2a6daf102cef#1714067000|PC#1aa9ddefb0ad4b79952b2a6daf102cef.37_0#1777309940 |
|
| .thankyou.com/ | Name: mboxEdgeCluster Value: 37 |
|
| .thankyou.com/ | Name: CSESSIONID Value: 814f54ec57d4453bb58684b96f3d3b58490196922b0fee6a5257!1075760357 |
|
| .thankyou.com/ | Name: _cls_v Value: 11827e29-25e6-4ccd-b203-de174e16799e |
|
| .thankyou.com/ | Name: _cls_s Value: 204b75cc-5868-4c25-a1f9-06f7d0b4721f:0 |
|
| www.thankyou.com/ | Name: 7830 Value: error |
|
| .thankyou.com/ | Name: _gcl_au Value: 1.1.1732219892.1714065141 |
|
| .thankyou.com/ | Name: s_pers Value: %20s_fid%3D1CCE8DDB0EF38E8A-2FE2A07BE922C091%7C1871831540837%3B%20s_nr%3D1714065140839-New%7C1871745140839%3B%20s_vnum%3D1714514400845%2526vn%253D1%7C1714514400845%3B%20s_invisit%3Dtrue%7C1714066940845%3B%20gpv_pn%3Dhomepage%7C1714066940853%3B |
|
| .thankyou.com/ | Name: s_sess Value: %20s_ppv%3Dhomepage%3B%20s_cc%3Dtrue%3B |
|
| prod.report.nacustomerexperience.citi.com/ | Name: AWSALBCORS Value: cfARI1VJtBBgZwcEY/+kYKyg3G1LO+LDJCJmRgJYfCtC/qynvkr5JseEbZ0GV4Qvjpx0LoATPwlibcu0y/qR7FsYQ+CB5ej5Nev5/zo2qslKnpMcezRSpU7UX2ur |
|
| .thankyou.com/ | Name: s_vi Value: [CS]v1|3315477AFB894273-6000154844AF43C3[CE] |
|
| .thankyou.com/ | Name: cls_e Value: 204b75cc-5868-4c25-a1f9-06f7d0b4721f:16283308407737 |
|
| gwmtracking.com/ | Name: kwsu Value: 662a8ef502add1398be75bf3 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .doubleclick.net/ | Name: ar_debug Value: 1 |
|
| .doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31556952 |
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
citicorpcreditservic.tt.omtrdc.net
co1.qualtrics.com
content.blackhawknetwork.com
gwmtracking.com
insight.adsrvr.org
js.adsrvr.org
metrics1.thankyou.com
nexus.ensighten.com
prod.report.nacustomerexperience.citi.com
siteintercept.qualtrics.com
sp.analytics.yahoo.com
static-assets.qualtrics.com
staticcontent.thankyou.com
thankyou.com
www.googletagmanager.com
www.thankyou.com
zn9rcvt7xh3iyd3sa-citifeedback.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
108.138.7.70
142.250.186.70
163.171.128.172
18.172.103.101
2.19.61.103
216.200.122.11
216.58.206.66
2600:9000:206f:7a00:2:8f43:5780:93a1
2a00:1450:4001:812::2008
3.232.180.225
34.252.40.201
35.71.131.137
52.54.220.132
63.140.62.222
65.9.66.24
66.235.152.221
00d4fe211c31e22169e803e207b5b01159935464c7ece70bc673d3a3fd51b353
045805b38b1c154e4a9f390d53c07018c8db22be2748b627d9111c112dc938c2
071d4e2d6a25516c270e17ef9d3c8783bfed0f3a4fdfa53bd8c71fc010b0b419
077f749583ac7257763350e57e4d566ed638eddf5aa12d184bcefc120f926f8f
086d1ad485d9282ccaf5f69e7c3a7e2722c9be1a70282a6c472e6c2d25e9b136
0b5432891b80dda0ca9e09c84a6ad146f48ff37d89e1a988a4048c0aacd5cae3
0d5218f0439eeb2d6981866b1f82ce8c84122d6f2048941fedf2d9917441f47d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
15a15f92a187561e1c0d39d6c166f5b264a8fef219fcaa3136f96edb4835815d
1bd511e4e19d1a06980042a7ce5e8447a292e98062c67de72d7fc260b620200e
1f099b989771195014f11ecadea0f787ca5c297f1b141d8aa7925ec08f04a10b
2115a92c7b90329f5b009f5df20a882e9c23b04466548d3b603f3fdee411dadf
21fc46e2b5e3385eb0e50d1bd4b03af631b90c2c0f9e29c272cb8c9196988d6e
270ff221e754fc31cef71abade339e5d3d153f6f8a5fdd1f82b461062af46049
2b9a7bee60f83fe6c43269e3739bdbf4edf2beaa90ff60257d7be2a47c8bd2d3
2f1ba5fec31cfa37f54705c023052183491ad2e0c51056dec29dcba17b6329a5
3382f03beff4113e43e55cc733f6ccb56ec68aabe5599451a5dd740ecbbbc836
3413f39cd249518d8a55d2a8452365254357ce01e031980f88410679cde3f4be
3475964f410fcc1e1ef5cca4db5e7d2741982ae1298ffa3d6920e5a25b3356a9
366c45c029981e5b1b3e4e194a2a44e65b58f69ce7b214990eb4b294a83b7cd9
3e58e52212567844e76b14286a72e629b54b29aa477072dddbded207c66fa55d
3ff1cc6cace6be3168c1725bd575dd6d519cbeaac4ce6dcaaf284fe3d66739a3
4018d7f0a983131974acbea85f1be1a84c2cca541c584f98b5c5c83413913695
40792fc865ed3d7f5818dc210986024d53cadaf833674a1b8f3d80f3c5593fe3
4309d7bc448aa67cb5795e803fc6631f1d6216588613659beb7b1249c8973d00
47bdf70753c5337e743b6c8cd3b7ba5692ac3b6db817ff28c902752cb4eae502
48e35480287b7d704875cd33cd87f0543cb9a31847215347098788eabd66612a
4942d40127957c7f1d30de1c021113ccf44b26853310020c300915aa47e61dec
49c201d87188442e91300a9ed4963950f5fcac438e6c66cc7bee9c793d2fa7d0
49cde2f846132b4498460408f99d81fc092fde9ab031a7c3de1b2687248fcaad
4c4e2f3a3e9108485511f37e182e100de5dac5764d76eb3ffb6fe9515bdb1ed6
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff
4ee030aac7922ff6353f908029aa5bca8a91ffd302713c5454e7fa6d84becd45
506575b752d10714465811aec4dd67a7bfb471fcbc2e9619c1faad68c110759e
568c93139362af244b52493816d5de739612b3101e032383ec1741932de0ba15
623e2b9ea4b95be064e99782ba506d88cdd837741a6bac0a0b1b1c74ddfc9550
63cd710bc1d373090d44273090e93bd5d0d93c1f222823620415604b98b42538
68f59497b6ff411c298238bbaf77c971a5d88206559be2125b31d2d88936ef99
6bf6c76accb4c3733a7c0049386e866ef7ce960a052b8488cbf3fdd4b85af0ce
6d8676219701b6911ee43b2611049e8f7bed99400935a28bab01628ef6c35121
6de75de308d9e0a7017ad7c6d66ccbf701241163f3a1a90a5c861369a0fe1c1b
713b5da8815ecf12e4e7fed16a2902758c54648bf78631d153bd42381ce0a6eb
71583d0ea8a3ba09c815e923d396c952e3c786c5754dcb7b4b2e9755b228498d
72813bc0fc0bb82e5b3c56a86c3f5dcd021c12b8e9daf6f8f6c6a8280d13a181
777c66cda2bc4ad9ee788b8eafaa1068b7db5ab2cfcb7b9d343034f698721129
79db37dcd9a0afceb8f7a85e3eeb8ca68cce747c26ff8d22c05e0fafe5d106f5
7bdb0a8ad81263f634fd38eb6a7b279e8c7185c1c83ebce363c5ec2a4c40be23
7d2463fa62f7fed9609aeda9b99d35d23ddf6dcb27aad9f8f74a633a8ebe1440
82ef085267bafb14031e7456aadf53b800d3290ea7edc70b53c9396887ab2d7a
8b5d7437eafc39e962a3bcb774325caebd68c3fc8f1146f0dd9c9ec0b2d79f71
8cfe120dbd355ee74f2143f3d2a06ea9d58a02a4fc1be687c09047aa740f7950
8d6459012233aef6a1201d548a4fe7b52132efabb1d2ff1dead0e97faec5e2a7
934829d8d8f738903cef7d086895172e1ea132eecc47b4c63e68ff8beabc5888
9bf36a70a9a00b32e056acb26984ff4162fbc344a72b1b73d1d6283c951cce41
9c969cb606a9e470ae07e5908f9f57fba5406f8dd443c0bfe5ccb8b2cac88a3c
9dd262a029e2ba6a3a48a2f4b35f112ab04786607a7339da183e8ae94c1d100d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa253b5bf50990ee3d423ef20109e05b358366c9148d7bc2256ab03be7c21a68
b59976b251adb0a98439b7009be2fe983ab2e03ed4009e6878a20bb1c5689424
bcd5e3bc9e48191f80907b3b2838d694bdfa0a9f38206709e730c6662cbe69ca
c380686de9982b77804fe1bbe3b4908115e40a42ab9de638bbaf17becace7e37
c84ba3764f92d0c4a3a4f2c722db178b7e6fbfd4f923700a9ca6627d2a3ff777
c9ef6dc562a68b0be3b0ce92ebeb718d56d996c77ffa4630059d36c7ecd2efe2
cbe0018e20ef68e2ed565b2367f1b89d79dfcc990fd613979b0c901326d06aa8
cfee63b22a45f4f02e6e6baa93af19e68399a72f6ec390f2795e60dbd72988ba
d191d265ab212c1c4cd7d04f51e1d448380571e341a10a61e25266334b0f6f49
d1a5a7544b78eff46a77ac0260ed9fb4fbf65cb52a3c04ededa13d149a483069
d31b656e739f558cbd204d551bd9e76274c552de14f44ecc3c23d2971733d021
d550d8e857b562f09491dcd03c00faaa8cdd596de27f5d41db63f4694a8189ee
d674e403f8d44dd7cb8f1c04c45af9f0a874853f3cb756d25f61eb52079c6ae9
d80c768eece75e4dc3603ecbfe8eb774778b0fe8138efd8931f51ce1890e5557
d82d2414190b060277bd67337b1f5fd41cb70325dbe853c19e9acd881890f347
da9c6d41f68a69f85322a92dde0f86f64d519fe7959239df96fc7ee7f921c150
db178b1ccc51db98d079f14053fe3852cbe9078ec285dca57ac8f51a14da75e4
dc52880c44da27929bc4deb692355fdff81f00fde907349bd993ba6d2ea1b449
e32df789e40e80fdd64caa71cecb10fdcacd88043431c00202988e5ea68885a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81ce08b594280ccd908320af3ae31e09123c9cc10839da17c40dff326039d1f
eb4cffc4ed6ee9464735ff6c3f3a9d7ae398be47ea9d792c88d95a6bd11d749b
ed341c835a067a3d9fb48adee7b880afee9ceb92228658bc13bab0947a50db70
edbdf89ba4e3b1f18e6810ad29e4f24121cec174d546c972bc7b32835b9bfbe1
eef4562428295d9269847c3e4b855f3b62d67f275808de9fd1567a3c173b6387
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f112fbc03008261ab973a777119a807d0e95bc57eaa4cbf929d2492ab1cb536d
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f43e8f0aeb9c35bdd7587ad33f461c2b2415b53fa76a3a703ff473d50d29ebcd
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9