landing.cit.com Open in urlscan Pro
104.17.71.206  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

• https://cm.everesttech.net/cm/dd?d_uuid=77993062973864856062590517511111797557 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxvvFQAAALIuZQOY

Request Chain 59

• https://c.bing.com/c.gif?uid=77993062973864856062590517511111797557&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=1957&dpuuid=333982C2F625686E32E890D9F74E6963

Request Chain 60

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1471674%26time%3D1662775061541%26url%3Dhttps%253A%252F%252Flanding.cit.com%252FApple-Thank-You.html%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&liSync=true&e_ipv6=AQLYe63SLof_HgAAAYMlHe4at4An3IiiREaBwGJG8DoLjWFGdkBBup-YrQmk8KTOng2A473t7g

Request Chain 62

• https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=77993062973864856062590517511111797557&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UZV9of5E2pHhW5KneD9oLh6HlB0.kFBy4Qg-~A

Request Chain 65

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXh2dkZRQUFBTEl1WlFPWQ== HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXh2dkZRQUFBTEl1WlFPWQ==&google_tc=

Request Chain 67

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YxvvFQAAALIuZQOY&expires=90

Request Chain 70

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxvvFQAAALIuZQOY HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxvvFQAAALIuZQOY&C=1

Request Chain 71

• https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
• https://ib.adnxs.com/setuid?entity=158&code=YxvvFQAAALIuZQOY HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYxvvFQAAALIuZQOY

Request Chain 72

• https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537148856&val=YxvvFQAAALIuZQOY

Request Chain 73

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxvvFQAAALIuZQOY

Request Chain 78

• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YxvvFQAAALIuZQOY&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YxvvFQAAALIuZQOY&img=1&__user_check__=1&sync_id=f4fb406f-30ab-11ed-94aa-1f057aaa0406

Request Chain 83

• https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
• https://www.facebook.com/fr/b.php?p=1531105787105294&e=YxvvFQAAALIuZQOY&t=2592000&o=0

Request Chain 85

• https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=77993062973864856062590517511111797557&_ct=img HTTP 302
• https://mid.rkdms.com/restricted

Request Chain 86

• https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
• https://dpm.demdex.net/ibs:dpid=139200&dpuuid=_s8SwLzpSiefw7-u0gIyvQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77993062973864856062590517511111797557

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Apple-Thank-You.html Show response landing.cit.com/	11 KB 4 KB	579ms 186ms	Document text/html	104.17.71.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2d21b5bb3e2de507dbeb970c90f5f1340d7b9f14b1ce980d36f530ac98629ac Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control stale-while-revalidate=60, max-age=300, public cf-cache-status DYNAMIC cf-ray 74848ddc7ab49b2b-FRA content-encoding gzip content-type text/html; charset=utf-8 date Sat, 10 Sep 2022 01:57:40 GMT p3p CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT" server cloudflare vary *,Accept-Encoding x-asset-type LP x-cache-status HIT x-content-type-options nosniff x-mkto-nginx-cache true
GET H2	200	js Show response www.googletagmanager.com/gtag/	105 KB 41 KB	173ms 33ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4df90a29f2653d233aeb2e965c26895c56dd507094e5ca16af6e08829eee15e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:40 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41950 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:40 GMT
GET H2	200	firstPrint.css landing.directcapital.com/rs/284-LBB-572/images/	197 KB 31 KB	333ms 194ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.directcapital.com/rs/284-LBB-572/images/firstPrint.css Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 920cff036d816cb3640e0eda8979e73dd5567855c7d288cf54db9c9f7fe7a930 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 02:39:15 GMT server cloudflare etag "3c1357-315cc-5e72fefbb0503" vary Accept-Encoding content-type text/css cache-control public, max-age=60 accept-ranges bytes cf-ray 74848dde8dfd996f-FRA content-length 31666 expires Sat, 10 Sep 2022 01:58:40 GMT
GET H2	200	main-cosmic.css landing.directcapital.com/rs/284-LBB-572/images/	143 KB 19 KB	745ms 606ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.directcapital.com/rs/284-LBB-572/images/main-cosmic.css Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 139bf22d76a2700e621ddae1d8ed98e17afcfcebf9c16db50850f5f27d1464c8 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 02:39:14 GMT server cloudflare etag "3c1356-23a2b-5e72fefb8519b" vary Accept-Encoding content-type text/css cache-control public, max-age=60 accept-ranges bytes cf-ray 74848dde8dfe996f-FRA content-length 18991 expires Sat, 10 Sep 2022 01:58:40 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.2.0/css/	46 KB 11 KB	171ms 32ms	Stylesheet text/css	2606:4700:3032::ac43:a9f7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.2.0/css/all.css Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:40 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 259251 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id FKYAMC9WW245W6D6 x-amz-id-2 dZlCLYrUFn4iTRooUt/eibprQ41sOsi6scwdBi6cek5H0lm+jd9xs79PmpvUIs0qhqqGQzel9+c= last-modified Wed, 30 Jun 2021 15:41:36 GMT server cloudflare etag W/"20a9ce516eaea76da29a23adc43e8998" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEUw0%2BB8PqHpv%2FhWLXHTCqagkxmQZV%2Bm%2BecSDy6adz6KDx6WCbiHL6nHULDwOD58lb68OGpHO%2FcuHPXkfOYascqusyKyd9kOYcbSDPEFLK9fAYAePhNvJKDOYNZhjbtu%2B1E5iQFJ%2FHWiicObOroWSO3U"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 74848dde9e3059dd-MXP
GET H2	200	marketo-forms-cosmic.js Show response landing.directcapital.com/rs/284-LBB-572/images/	2 KB 1 KB	328ms 190ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.directcapital.com/rs/284-LBB-572/images/marketo-forms-cosmic.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f68e1d0bece6e52a4cdbcdb10acf8bdc4b965c0832cef14b368f8a20516e356 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 03:42:21 GMT server cloudflare etag "260ea9-7fc-5e730d16fdc58" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 accept-ranges bytes cf-ray 74848dde8e00996f-FRA content-length 583 expires Sat, 10 Sep 2022 01:58:40 GMT
GET H2	200	jquery-3-1-1.min.js Show response landing.cit.com/rs/284-LBB-572/images/	85 KB 30 KB	186ms 186ms	Script application/x-javascript	104.17.71.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.cit.com/rs/284-LBB-572/images/jquery-3-1-1.min.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/Apple-Thank-You.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 02:32:07 GMT server cloudflare etag "3c1351-152b5-5e72fd63b8c40" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 accept-ranges bytes cf-ray 74848dddab619b2b-FRA content-length 30080 expires Sat, 10 Sep 2022 01:58:40 GMT
GET H2	200	launch-679949560fa1.min.js Show response assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/	547 KB 123 KB	119ms 16ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 61af872190101669cf96a2a4ed2ffde346f982173ee736fc9d7fdf52c6af51d0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:40 GMT content-encoding gzip last-modified Mon, 29 Aug 2022 13:15:31 GMT server AkamaiNetStorage etag "9ceef9e1c897404e22fd7621fd74b678:1661778931.320484" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://landing.cit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 125181 expires Sat, 10 Sep 2022 02:57:40 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	164ms 26ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu|Droid+Sans Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1ea612b02f8a8d321a665632d223dc0c2185c4f2e63d9a5b8ebbca6bfbd5384b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 10 Sep 2022 01:57:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 10 Sep 2022 01:57:40 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 10 Sep 2022 01:57:40 GMT
GET H2	200	MarketoLogos_CIT_288x52_horizontal.gif landing.cit.com/rs/284-LBB-572/images/	4 KB 4 KB	190ms 189ms	Image image/gif	104.17.71.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landing.cit.com/rs/284-LBB-572/images/MarketoLogos_CIT_288x52_horizontal.gif Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3721f84ae175aaaeeaca6b1663bea177dc96ef6581703c6ca05d4687ebb14a52 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/Apple-Thank-You.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Sat, 27 Aug 2022 02:22:03 GMT server cloudflare etag "3c134a-e80-5e72fb24362bf" vary Accept-Encoding content-type image/gif cache-control public, max-age=60 accept-ranges bytes cf-ray 74848de26e2d9b2b-FRA content-length 3712 expires Sat, 10 Sep 2022 01:58:41 GMT
GET H2	200	forms2.min.js Show response 284-lbb-572.mktoweb.com/js/forms2/js/	208 KB 69 KB	745ms 491ms	Script application/x-javascript	104.16.92.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://284-lbb-572.mktoweb.com/js/forms2/js/forms2.min.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.92.80 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 04:32:58 GMT server cloudflare etag "501c3b-33e56-5e73186728bc9" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 74848de158c88fe0-FRA expires Sat, 10 Sep 2022 05:57:41 GMT
GET H2	200	cit-footer-logo-final.png na-ab33.marketo.com/rs/637-HHN-232/images/	2 KB 3 KB	339ms 127ms	Image image/png	104.16.95.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://na-ab33.marketo.com/rs/637-HHN-232/images/cit-footer-logo-final.png Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8aa15bc30271e18038a569622b36561f9be4accb743676f5e2463f79012205f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 03:01:04 GMT server cloudflare etag "126122d-903-5e7303dcbb306" vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 74848de3bf5890fa-FRA content-length 2307 expires Sat, 10 Sep 2022 05:57:41 GMT
GET H2	200	styleguide.polyfill.min.js Show response landing.directcapital.com/rs/284-LBB-572/images/	94 KB 29 KB	194ms 194ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.directcapital.com/rs/284-LBB-572/images/styleguide.polyfill.min.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 525ced4f4b18f422eb980a6df3d20d6caa4708f8b8ad2bd15f6bd654f16de643 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 03:01:04 GMT server cloudflare etag "3c1362-177ad-5e7303dcce84f" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 accept-ranges bytes cf-ray 74848de258cf996f-FRA content-length 29755 expires Sat, 10 Sep 2022 01:58:41 GMT
GET H2	200	styleguide.masks.min.js Show response landing.directcapital.com/rs/284-LBB-572/images/	362 KB 83 KB	197ms 194ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.directcapital.com/rs/284-LBB-572/images/styleguide.masks.min.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cde91b64cf0430923c3b148ee53334577f543a709622d3e18059da89f69e8dbe Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 03:01:05 GMT server cloudflare etag "3c1364-5a65c-5e7303dcff1a7" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 cf-ray 74848de268e0996f-FRA expires Sat, 10 Sep 2022 01:58:41 GMT
GET H2	200	styleguide.components.min.js Show response landing.directcapital.com/rs/284-LBB-572/images/	369 KB 55 KB	197ms 194ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.directcapital.com/rs/284-LBB-572/images/styleguide.components.min.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28d65611d5b52af7f3693b83b959d7ac143bf4f574b69c16f7b910e5bb9af94a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 02:32:07 GMT server cloudflare etag "260e85-5c2ae-5e72fd6467949" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 cf-ray 74848de268e2996f-FRA expires Sat, 10 Sep 2022 01:58:41 GMT
GET H2	200	styleguide.charts.min.js Show response landing.directcapital.com/rs/284-LBB-572/images/	519 KB 129 KB	212ms 210ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.directcapital.com/rs/284-LBB-572/images/styleguide.charts.min.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94286ca58a1997c6bc8e198f493f80a05e8957875ca7dc7e86e615504cfe4e51 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Sat, 27 Aug 2022 03:01:04 GMT server cloudflare etag "3c1363-81ce9-5e7303dccec37" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 cf-ray 74848de268e3996f-FRA expires Sat, 10 Sep 2022 01:58:41 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net//	1 KB 1 KB	125ms 26ms	Script application/x-javascript	104.96.148.88 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net//munchkin.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-148-88.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Sat, 10 Sep 2022 01:57:40 GMT Content-Encoding gzip Last-Modified Thu, 25 Aug 2022 21:55:11 GMT Server AkamaiNetStorage ETag "652cf747f68f64e15276c347eb3aef37:1661464511.126488" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 740
GET H2	200	stripmkttok.js Show response landing.cit.com/js/	2 KB 848 B	187ms 185ms	Script application/x-javascript	104.17.71.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.cit.com/js/stripmkttok.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/Apple-Thank-You.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 16 Aug 2022 18:54:38 GMT server cloudflare etag "4e8ea5-602-5e66047b75780" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 accept-ranges bytes cf-ray 74848de26e2b9b2b-FRA content-length 678 expires Sat, 10 Sep 2022 05:57:41 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	57ms 15ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 3340 date Sat, 10 Sep 2022 01:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 10 Sep 2022 03:02:00 GMT
GET H2	200	ofc8kjj.js Show response use.typekit.net/	19 KB 7 KB	326ms 164ms	Script text/javascript	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/ofc8kjj.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash db3f9e57da58af7f3f38be55628605bce1715a360d88a40971310bbef2bfeb97 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip server nginx date Sat, 10 Sep 2022 01:57:41 GMT vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6848
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 207 B	23ms 22ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2464857&t=pageview&_s=1&dl=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2049843013&gjid=66248180&cid=2071950756.1662775061&tid=UA-8170919-5&_gid=1474238222.1662775061&_r=1&gtm=2ou970&z=447996907 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://landing.cit.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://landing.cit.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 442 B	100ms 28ms	XHR text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8170919-5&cid=2071950756.1662775061&jid=2049843013&gjid=66248180&_gid=1474238222.1662775061&_u=YEBAAUAAAAAAAC~&z=1101576560 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://landing.cit.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 10 Sep 2022 01:57:41 GMT content-type text/plain access-control-allow-origin https://landing.cit.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	id Show response dpm.demdex.net/	3 KB 2 KB	201ms 41ms	XHR application/json	52.209.70.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=13340C0F53DAAFAC0A490D45%40AdobeOrg&d_nsid=0&ts=1662775061046 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.70.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-70-49.eu-west-1.compute.amazonaws.com Software / Resource Hash 9791d0b7fe2afa6072e069a2205aa746e932ccce33fdd82d0d0ba05206fda3bb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://landing.cit.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-1-v039-0d94e4dd0.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID 33pEaMEHRwI= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://landing.cit.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 1140 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	64ms 15ms	Script application/javascript	199.232.136.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip last-modified Tue, 30 Aug 2022 15:04:19 GMT etag "d4de8398858246712016031c834bb061+gzip+gzip" vary Accept-Encoding,Host x-tw-cdn FT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" cache-control no-cache x-cache MISS, HIT accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 15317 x-served-by cache-iad-kjyo7100045-IAD, cache-hhn11566-HHN
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	33 KB 12 KB	16ms 16ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers unused62 8096267 date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://landing.cit.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12163 expires Sat, 10 Sep 2022 02:57:41 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	3 KB 2 KB	17ms 16ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers unused62 8096267 date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "2d1382c349d480b6b41574ac0c1af066:1644856531.739514" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://landing.cit.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1597 expires Sat, 10 Sep 2022 02:57:41 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	80ms 27ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8170919-5&cid=2071950756.1662775061&jid=2049843013&_u=YEBAAUAAAAAAAC~&z=774945240 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	79ms 27ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8170919-5&cid=2071950756.1662775061&jid=2049843013&_u=YEBAAUAAAAAAAC~&z=774945240 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	l use.typekit.net/af/09d302/00000000000000007735a14e/30/	47 KB 47 KB	104ms 26ms	Font application/font-woff2	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/09d302/00000000000000007735a14e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 3e2ccf5a974d78a6fdca5b2fe544a4fdeefb3bbe668d1deb95259d421fb3e514 Request headers Referer https://landing.cit.com/ Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT server nginx etag "59adf62a226d21141e081eeac74c10da912bdadf" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 48228
GET H2	200	l use.typekit.net/af/e30e66/00000000000000007735a151/30/	50 KB 51 KB	164ms 86ms	Font application/font-woff2	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/e30e66/00000000000000007735a151/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 3152e192826cd6895ab05c84646482c2aeea36ea43f6a0827135505101cdb051 Request headers Referer https://landing.cit.com/ Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT server nginx etag "fbf9f4dd567f809f0b1d8796375ca20f94a44758" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 51452
GET H2	200	l use.typekit.net/af/1416a9/00000000000000007735a15a/30/	46 KB 46 KB	109ms 32ms	Font application/font-woff2	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/1416a9/00000000000000007735a15a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash c7b46022c4ae5a1798ed9e45a83ed40aead7f761070cb9af515bff95855db307 Request headers Referer https://landing.cit.com/ Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT server nginx etag "bccec9a43405f07681ac803f830df18c2eea2bd9" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 47244
GET H2	200	l use.typekit.net/af/1c49b4/00000000000000007735a15b/30/	50 KB 50 KB	135ms 58ms	Font application/font-woff2	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/1c49b4/00000000000000007735a15b/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash d02aac8e3e7a20b2529c39c29b7adb085f508674d7e308fcbcbca78bdde23eb1 Request headers Referer https://landing.cit.com/ Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT server nginx etag "636cebdf5613833ce4fd55f3a4c1ce9cbe5721c5" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 50772
GET H2	200	l use.typekit.net/af/5e6988/00000000000000007735a163/30/	46 KB 46 KB	133ms 56ms	Font application/font-woff2	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/5e6988/00000000000000007735a163/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 94f721cea60b90692738a2e4ab2997bbf8228d7554a4d5c13a909f1d5af03cf2 Request headers Referer https://landing.cit.com/ Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT server nginx etag "6c7f6faf833b2ec0ec96352fe0a408d237d7154e" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 47152
GET H2	200	l use.typekit.net/af/37de2f/00000000000000007735a165/30/	49 KB 50 KB	136ms 59ms	Font application/font-woff2	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/37de2f/00000000000000007735a165/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 0ed04d996f15a249db19d44196e169ef0a0064ac66f57f44d922f8ea1283ae78 Request headers Referer https://landing.cit.com/ Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT server nginx etag "6adb05568d40e0495c3e9d8a12b91048bbac6bce" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 50548
GET H2	200	l use.typekit.net/af/61b4ba/00000000000000007735a167/30/	47 KB 47 KB	164ms 87ms	Font application/font-woff2	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/61b4ba/00000000000000007735a167/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 0424e19520bce927755b6b3e6a31fd16af5d494271e3db98516e08aa180b043f Request headers Referer https://landing.cit.com/ Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT server nginx etag "5fed17d5bea029195a99ba74b516f25ee725434b" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 48280
GET H2	200	l use.typekit.net/af/4b1947/00000000000000007735a16d/30/	50 KB 50 KB	163ms 87ms	Font application/font-woff2	2a02:26f0:10e::6860:5bb2 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/4b1947/00000000000000007735a16d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 6d150d3cefed725c5039070d9df20be290d9fa1c1db29783efa0e4e9376b8946 Request headers Referer https://landing.cit.com/ Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT server nginx etag "7ed1cf9d27a451b19bc92d34cb7e94f531919908" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 51400
GET H2	200	getForm Show response 284-lbb-572.mktoweb.com/index.php/form/	162 B 398 B	459ms 458ms	Script application/javascript	104.16.92.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://284-lbb-572.mktoweb.com/index.php/form/getForm?munchkinId=284-LBB-572&form=3893&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&callback=jQuery1124038178683157455073_1662775061203&_=1662775061204 Requested by Host: 284-lbb-572.mktoweb.com URL: https://284-lbb-572.mktoweb.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.92.80 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30d6beac55924a14f58256b970878488099cbeaf0689a0c7adae77fb79976e8 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cf-ray 74848de4ab248fe0-FRA cached false
GET H3	200	fa-brands-400.woff2 use.fontawesome.com/releases/v5.2.0/webfonts/	63 KB 63 KB	201ms 159ms	Font font/woff2	2606:4700:3032::ac43:a9f7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589 Request headers Referer https://use.fontawesome.com/releases/v5.2.0/css/all.css Origin https://landing.cit.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 6R6XS54NQXMZX25J alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 64144 x-amz-id-2 //O6U+vi5TlsdwWNg5ivzDTTZUBQNFFP/Lq3Hae1rLRjf++USeg+QxsON2bT3/pgH1GPwSeTeTg= last-modified Wed, 30 Jun 2021 15:41:55 GMT server cloudflare etag "6814d0e8136d34e313623eb7129d538e" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJHDrgMR%2BqfAsptuoSciCuWBhJHuBwsGULVaUdUNeRp0JENNOm8ynxkNu0hqLSGigAWyoF0GeSK4PDfVuj4sRo6web1%2Bz6VcKSNMz9V%2BD4gJZXFDALYAMcxadi8wHRUsxVQDFlR6w8zDRg1i%2F6LET92U"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 74848de52fd70f6e-MXP
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/162/	11 KB 5 KB	27ms 27ms	Script application/x-javascript	104.96.148.88 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/162/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net//munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-148-88.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Sat, 10 Sep 2022 01:57:41 GMT Content-Encoding gzip Last-Modified Fri, 01 Jul 2022 00:59:12 GMT Server AkamaiNetStorage ETag "75daf56f6191efe42577301908659c29:1656637152.894482" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 4677 Expires Mon, 19 Dec 2022 01:57:41 GMT
GET H/1.1	200 OK	dest5.html Show response citgroup.demdex.net/ Frame 5D92	7 KB 3 KB	224ms 40ms	Document text/html	52.209.70.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://citgroup.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.70.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-70-49.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://landing.cit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-2-v039-00a2419cb.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID bVXoWdppTIY= content-encoding gzip date Sat, 10 Sep 2022 01:57:41 GMT last-modified Tue, 6 Sep 2022 11:30:45 GMT transfer-encoding chunked vary accept-encoding
GET H2	200	id Show response citgroup.112.2o7.net/	2 B 267 B	102ms 26ms	XHR application/x-javascript	15.188.95.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://citgroup.112.2o7.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=13340C0F53DAAFAC0A490D45%40AdobeOrg&mid=77973615758267160552592425459100768708&ts=1662775061263 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-188-95-229.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://landing.cit.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 10 Sep 2022 01:57:41 GMT x-content-type-options nosniff server jag vary Origin p3p CP="This is not a P3P policy" access-control-allow-origin https://landing.cit.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-type application/x-javascript;charset=utf-8 content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=YxvvFQAAALIuZQOY dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=77993062973864856062590517511111797557 https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxvvFQAAALIuZQOY	42 B 942 B	42ms 41ms	Image image/gif	52.209.70.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxvvFQAAALIuZQOY Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol HTTP/1.1 Server 52.209.70.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-70-49.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v039-0799cb887.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID WJCf4/6WQkY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxvvFQAAALIuZQOY Date Sat, 10 Sep 2022 01:57:41 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response citbank.tt.omtrdc.net/rest/v1/	350 B 719 B	160ms 54ms	XHR application/json	18.202.61.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://citbank.tt.omtrdc.net/rest/v1/delivery?client=citbank&sessionId=09b58eecf9f54064af5a46ec6a754f02&version=2.9.0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.61.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-61-67.eu-west-1.compute.amazonaws.com Software / Resource Hash 61f29aa2417a11420644d2e9418b0a1e7a90bfd3600aa4adeb858def4fd85fc0 Request headers Referer https://landing.cit.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type text/plain Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List vary origin,access-control-request-method,access-control-request-headers,accept-encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://landing.cit.com access-control-allow-credentials true timing-allow-origin * x-request-id f74e06c8292f4e40e6a995a3eda35fa3
GET H2	200	iframe_api Show response www.youtube.com/	992 B 2 KB	86ms 34ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f347fcfc50a2369431e1317fd620a222e26e33e775a3bc19d117dc015f0389e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br x-content-type-options nosniff p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Sat, 10 Sep 2022 01:57:41 GMT
POST H/1.1	200 OK	visitWebPage 284-lbb-572.mktoresp.com/webevents/	2 B 318 B	948ms 163ms	Ping text/plain	192.28.147.68 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://284-lbb-572.mktoresp.com/webevents/visitWebPage?_mchNc=1662775061288&_mchCn=Apple-Thank-You&_mchId=284-LBB-572&_mchTk=_mch-cit.com-1662775061287-79525&_mchWs=j1RR&_mchHo=landing.cit.com&_mchPo=&_mchRu=%2FApple-Thank-You.html&_mchPc=https%3A&_mchVr=162&_mchEcid=13340C0F53DAAFAC0A490D45%40AdobeOrg%3A6%3A77973615758267160552592425459100768708&_mchHa=&_mchRe=&_mchQp= Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/162/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.147.68 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Sat, 10 Sep 2022 01:57:42 GMT Content-Encoding gzip Server nginx/1.20.1 Transfer-Encoding chunked Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive X-Request-Id 0a9109ab-3e06-424f-ac92-574e581b0f97
GET H3	200	www-widgetapi.js Show response www.youtube.com/s/player/977792fa/www-widgetapi.vflset/	161 KB 52 KB	48ms 15ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/977792fa/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d066e71f460f47d443274fbbb4b550bd1d68e2d4df4ad39e8117cdd3b3d9867 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:36:35 GMT content-encoding br x-content-type-options nosniff age 1266 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53533 x-xss-protection 0 last-modified Thu, 08 Sep 2022 00:15:07 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 10 Sep 2023 01:36:35 GMT
GET H2	200	p.gif p.typekit.net/	35 B 228 B	156ms 26ms	Image image/gif	2a02:26f0:10e::6860:5bb9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p.typekit.net/p.gif?s=1&k=ofc8kjj&ht=tk&h=landing.cit.com&f=24539.24540.24543.24544.24547.24548.24549.24552&a=4790362&js=1.21.0&app=typekit&e=js&_=1662775061389 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10e::6860:5bb9 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers unused62 8096267 date Sat, 10 Sep 2022 01:57:41 GMT last-modified Sat, 09 Oct 2021 06:43:10 GMT server nginx etag "616139fe-23" content-type image/gif access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 35
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	90ms 23ms	Script application/x-javascript	2a02:26f0:3500:16::215:14a0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip last-modified Fri, 12 Aug 2022 20:23:36 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=80153 accept-ranges bytes content-length 3063
GET H3	200	js Show response www.googletagmanager.com/gtag/	105 KB 41 KB	102ms 64ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9645697 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9ff518e7ce0cd3c8a3125ee46f2e60092105976804398fd115d82993d48d9fc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41974 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	105 KB 41 KB	126ms 89ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-8170919-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 21643f29e3bc4a84cfea42c9af50f05ab02a6aadabf61e9dd21df093d5434d6b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41949 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	105 KB 41 KB	70ms 34ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9313263&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4151ee72f9196e4c331de943e11b54e171065614fe168e79359752720ff261e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42079 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	105 KB 41 KB	67ms 32ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-395987-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 12c80f181ad8454b296667b61571079ad4a876bba486537e200005311d01d7fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41913 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	105 KB 41 KB	81ms 50ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9240034&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b755b4d8b94f93377b32c38d1d0d81554d63bb775cada532779ac9400182a677 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41978 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	114 KB 45 KB	107ms 76ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1047334356&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bfd59510e72ef41028ea52e80ce93ddab54182b8682c0139082f25afb8f5d7db Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46111 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	114 KB 45 KB	99ms 68ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1017898439&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 785cade122ecba0bec068079b96f577560f50005702c0fb00518ce3bee4c5bd7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46066 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	114 KB 45 KB	88ms 58ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-668781034&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9e9369207f2b9592493c9bcc1d5fb8eb5dcceca5e9ff0893ed192bbc7c22f731 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46087 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	114 KB 45 KB	95ms 65ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-700891725&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-8170919-5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 05f269e706e9bbc25e1907dac1879e7574cbaded179af4aab2f44189b2fdb0fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46088 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	114 KB 45 KB	102ms 72ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-700891725&l=dataLayer Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9419a14ec1a7609748b39988e756ee1f397107c982f8630bbcbdc0e46907a2e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46085 x-xss-protection 0 last-modified Sat, 10 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 10 Sep 2022 01:57:41 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	16ms 15ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2464857&t=pageview&_s=1&dl=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAC~&jid=&gjid=&cid=2071950756.1662775061&tid=UA-8170919-5&_gid=1474238222.1662775061&gtm=2ou970&z=597322069 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Fri, 09 Sep 2022 14:52:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 39885 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com/WRSiteInterceptEngine/	7 KB 4 KB	153ms 46ms	Script application/javascript	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_780vxsPP4ZyL7dr Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53cfecdd7c51655f0b0a5689259a94297594578b4e5f11106d234e329b56f3a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 198299 cf-polished origSize=8487 cf-ray 74848de6e80299cc-CDG edge-control max-age=604800 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"2127-i8WuwZZwtuRujCKnaZVrllRW2xY" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H/1.1	200 OK	ibs:dpid=1957&dpuuid=333982C2F625686E32E890D9F74E6963 dpm.demdex.net/ Frame 5D92 Redirect Chain https://c.bing.com/c.gif?uid=77993062973864856062590517511111797557&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=1957&dpuuid=333982C2F625686E32E890D9F74E6963	42 B 948 B	41ms 41ms	Image image/gif	52.209.70.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1957&dpuuid=333982C2F625686E32E890D9F74E6963 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol HTTP/1.1 Server 52.209.70.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-70-49.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers DCS dcscanary-prod-irl1-1-v045-0349b3582.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID sGoHiKvtSoY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Sat, 10 Sep 2022 01:57:41 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A09905F24D684F0DA764EEF5587F0059 Ref B: FRAEDGE1412 Ref C: 2022-09-10T01:57:41Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://dpm.demdex.net/ibs:dpid=1957&dpuuid=333982C2F625686E32E890D9F74E6963 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1471674%26time%3D1662775061541%26url%3Dhttps%253A%252F%252Flanding.cit.com%252FAp... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&liSync=true&e_ipv6=AQLYe63SLof_HgAAAYMlHe4at4An3IiiREaBwGJG8D...	0 265 B	243ms 160ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&liSync=true&e_ipv6=AQLYe63SLof_HgAAAYMlHe4at4An3IiiREaBwGJG8DoLjWFGdkBBup-YrQmk8KTOng2A473t7g Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 8F762C6C7F0F479C97E46E62613F588C Ref B: FRAEDGE1318 Ref C: 2022-09-10T01:57:42Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXoSPztq0fZQNn6r+sNOg== x-li-fabric prod-ltx1 Redirect headers date Sat, 10 Sep 2022 01:57:41 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: C19344BA1B054D95A93601DD66179E7B Ref B: FRAEDGE1105 Ref C: 2022-09-10T01:57:41Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&liSync=true&e_ipv6=AQLYe63SLof_HgAAAYMlHe4at4An3IiiREaBwGJG8DoLjWFGdkBBup-YrQmk8KTOng2A473t7g x-li-proto http/2 content-length 0 x-li-uuid AAXoSPzp84XxZYzIkvBntw==
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	41 KB 16 KB	162ms 25ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-1017898439&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15690 x-xss-protection 0 server cafe etag 13194339052015637803 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 10 Sep 2022 01:57:41 GMT
GET H/1.1	200 OK	ibs:dpid=30646 dpm.demdex.net/ Frame 5D92 Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=77993062973864856062590517511111797557&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UZV9of5E2pHhW5KneD9oLh6HlB0.kFBy4Qg-~A	42 B 942 B	41ms 41ms	Image image/gif	52.209.70.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UZV9of5E2pHhW5KneD9oLh6HlB0.kFBy4Qg-~A Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol HTTP/1.1 Server 52.209.70.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-70-49.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v039-058c836b5.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID 3hUwljv8RvM= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers date Sat, 10 Sep 2022 01:57:41 GMT via http/1.1 spdc0104.pbp.ir2.yahoo.com (ApacheTrafficServer) server ATS age 0 strict-transport-security max-age=31536000 content-type text/html;charset=utf-8 location https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UZV9of5E2pHhW5KneD9oLh6HlB0.kFBy4Qg-~A content-length 0
GET H2	200	11.4dc17d50d8eb18566aef.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	61 KB 19 KB	44ms 44ms	Script application/javascript	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/11.4dc17d50d8eb18566aef.chunk.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=landing.cit.com Requested by Host: zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com URL: https://zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_780vxsPP4ZyL7dr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 087ffde713af10751722998e46fd7a0f04826fb2849a6b4dd70c2c65ced26bba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 190732 cf-polished origSize=62932 cf-ray 74848de7a88699cc-CDG edge-control max-age=604800 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Wed, 24 Aug 2022 17:32:10 GMT server cloudflare etag W/"f5d4-182d0e95990" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	2 KB 1 KB	70ms 70ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_780vxsPP4ZyL7dr&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: siteintercept.qualtrics.com URL: https://siteintercept.qualtrics.com/dxjsmodule/11.4dc17d50d8eb18566aef.chunk.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=landing.cit.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0ede41fc4b35438e6f8a6be5c847311de69e773693e059fc40555c90983ed08 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://landing.cit.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload timing-allow-origin * referrer-policy strict-origin-when-cross-origin server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin https://landing.cit.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id f738f8311b331d60 cf-ray 74848de8490199cc-CDG
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5D92 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXh2dkZRQUFBTEl1WlFPWQ== https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXh2dkZRQUFBTEl1WlFPWQ==&google_tc=	170 B 188 B	59ms 26ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXh2dkZRQUFBTEl1WlFPWQ==&google_tc= Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXh2dkZRQUFBTEl1WlFPWQ==&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 345 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/700891725/	2 KB 2 KB	116ms 63ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700891725/?random=1662775061810&cv=9&fst=1662775061810&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&auid=383364891.1662775062&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e76f0757694c207aca69fad0391588651b0f12106ec67518d57b1662b5aadaa6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1025 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 5D92 Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YxvvFQAAALIuZQOY&expires=90	0 239 B	96ms 16ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YxvvFQAAALIuZQOY&expires=90 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/gif Redirect headers pragma no-cache date Sat, 10 Sep 2022 01:57:41 GMT via 1.1 varnish server Varnish x-timer S1662775062.910331,VS0,VE0 x-served-by cache-cdg20734-CDG x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YxvvFQAAALIuZQOY&expires=90 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	200	/ www.google.com/pagead/1p-user-list/700891725/	42 B 64 B	64ms 29ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/700891725/?random=1662775061810&cv=9&fst=1662771600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&async=1&fmt=3&is_vtc=1&random=3383240747&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/700891725/	42 B 64 B	62ms 27ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/700891725/?random=1662775061810&cv=9&fst=1662771600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&async=1&fmt=3&is_vtc=1&random=3383240747&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 5D92 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxvvFQAAALIuZQOY https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxvvFQAAALIuZQOY&C=1	43 B 874 B	54ms 34ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxvvFQAAALIuZQOY&C=1 Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H3 Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers cf-ray 74848deaba889a00-FRA pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grmy9QrOj2NjAQ3k2239dimToASSCmBFM5iscAefk2tqOs0qmQDtp3drEKyWmaBWreJV6AR%2BHT1q8OKy3YCuRcismdJObSqQXLLAEZtpTl93Px4sExvLpfOnaeWWit5kYnw66%2BpMIxcVng%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35SKwgpdwES6mz75Sk26L3gu0I4kgEO95E%2FZQLewZDcJX8IVP0pL3M4gG1aKzA868y%2Bmphy6SgxdtYp9hT%2BwFsYqr222KJ7UGlOuSs99eH911Zqw1Iy18bkADwq%2FqZd5gzTM4YThF9%2FLaw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=88&external_user_id=YxvvFQAAALIuZQOY&C=1 cache-control no-cache cf-ray 74848dea39ead367-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 5D92 Redirect Chain https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D https://ib.adnxs.com/setuid?entity=158&code=YxvvFQAAALIuZQOY https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYxvvFQAAALIuZQOY	43 B 1 KB	24ms 24ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYxvvFQAAALIuZQOY Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Pragma no-cache Date Sat, 10 Sep 2022 01:57:42 GMT X-Proxy-Origin 193.27.14.44; 193.27.14.44; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 7d2feed2-7b11-46de-8376-9ce012a05767 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sat, 10 Sep 2022 01:57:42 GMT X-Proxy-Origin 193.27.14.44; 193.27.14.44; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 729a7c12-bc4e-453c-b79f-e156eda074b7 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYxvvFQAAALIuZQOY Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 5D92 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D https://us-u.openx.net/w/1.0/sd?id=537148856&val=YxvvFQAAALIuZQOY	43 B 273 B	63ms 24ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537148856&val=YxvvFQAAALIuZQOY Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT via 1.1 google server OXGW/0.0.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT via 1.1 varnish server Varnish x-timer S1662775062.209082,VS0,VE0 x-served-by cache-cdg20734-CDG x-cache HIT location https://us-u.openx.net/w/1.0/sd?id=537148856&val=YxvvFQAAALIuZQOY cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 5D92 Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxvvFQAAALIuZQOY	0 225 B	120ms 21ms	Image text/html	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxvvFQAAALIuZQOY Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H2 Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:41 GMT content-encoding gzip server nginx cache-control no-store, no-cache, private p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-type text/html; charset=utf-8 Redirect headers pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT via 1.1 varnish server Varnish x-timer S1662775062.311627,VS0,VE0 x-served-by cache-cdg20734-CDG x-cache HIT location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxvvFQAAALIuZQOY cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	RCc9c0d0a313094b67ae65efd6a3a230dc-source.min.js Show response assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/	971 B 797 B	16ms 15ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/RCc9c0d0a313094b67ae65efd6a3a230dc-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash d83e10b035461434af5a55fdee9d05f2b25b1d4247035cc550068d1595d8943c Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:42 GMT content-encoding gzip last-modified Mon, 29 Aug 2022 13:15:32 GMT server AkamaiNetStorage etag "1b4e5cf2013f9c70528739de22a7c913:1661778932.254515" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://landing.cit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 532 expires Sat, 10 Sep 2022 02:57:42 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	27ms 27ms	Script application/x-javascript	104.96.148.88 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-148-88.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Sat, 10 Sep 2022 01:57:42 GMT Content-Encoding gzip Last-Modified Thu, 25 Aug 2022 21:55:11 GMT Server AkamaiNetStorage ETag "652cf747f68f64e15276c347eb3aef37:1661464511.126488" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 740
GET H2	200	RCd372b36788194cdea6299a2835e3a23d-source.min.js Show response assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/	5 KB 2 KB	16ms 15ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/RCd372b36788194cdea6299a2835e3a23d-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash ca008650bc8e214efe3984de3bb68c687c113534d04f3c7a2169bef7e6b9d06d Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:42 GMT content-encoding gzip last-modified Mon, 29 Aug 2022 13:15:32 GMT server AkamaiNetStorage etag "1b4e5cf2013f9c70528739de22a7c913:1661778932.254515" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://landing.cit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 1444 expires Sat, 10 Sep 2022 02:57:42 GMT
GET H2	200	RC0f4346e708914bc99beff1bca6a18fe0-source.min.js Show response assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/	784 B 660 B	16ms 16ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/RC0f4346e708914bc99beff1bca6a18fe0-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 74cac2928a65542ec11eb7da2bbddcbbd7b3694ff96a0f21f5ecbb151b3b746c Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:42 GMT content-encoding gzip last-modified Mon, 29 Aug 2022 13:15:32 GMT server AkamaiNetStorage etag "1b4e5cf2013f9c70528739de22a7c913:1661778932.254515" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://landing.cit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 395 expires Sat, 10 Sep 2022 02:57:42 GMT
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 5D92 Redirect Chain https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YxvvFQAAALIuZQOY&img=1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YxvvFQAAALIuZQOY&img=1&__user_check__=1&sync_id=f4fb406f-30ab-11ed-94aa-1f057aaa0406	43 B 549 B	24ms 24ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YxvvFQAAALIuZQOY&img=1&__user_check__=1&sync_id=f4fb406f-30ab-11ed-94aa-1f057aaa0406 Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Sat, 10 Sep 2022 01:57:42 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 100 Connection keep-alive Content-Length 43 Redirect headers Date Sat, 10 Sep 2022 01:57:42 GMT Server nginx Location /partner?adv_id=6409&uid=YxvvFQAAALIuZQOY&img=1&__user_check__=1&sync_id=f4fb406f-30ab-11ed-94aa-1f057aaa0406 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 131 Connection keep-alive Content-Length 0
GET H3	200	iframe_api Show response www.youtube.com/	992 B 517 B	33ms 33ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: landing.cit.com URL: https://landing.cit.com/Apple-Thank-You.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f347fcfc50a2369431e1317fd620a222e26e33e775a3bc19d117dc015f0389e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sat, 10 Sep 2022 01:57:42 GMT content-encoding br x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Sat, 10 Sep 2022 01:57:42 GMT
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	4 KB 2 KB	80ms 16ms	Script application/x-javascript	13.225.85.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/launch-679949560fa1.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.85.149 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-85-149.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Fri, 09 Sep 2022 17:37:43 GMT Content-Encoding gzip Last-Modified Thu, 24 Sep 2020 15:15:34 GMT Server AmazonS3 Age 74717 ETag W/"98d98b3499058b76d58073cf8ede2f10" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop FRA2-C2 X-Amz-Cf-Id 16LV8P1XjA88AUPV_ooJppvVE0fVSg6Ip-XZsVCGvuBzOPvmr0Ozpg==
GET H2	200	s02813392048979 citgroup.112.2o7.net/b/ss/citg-citglob-prod/1/JS-2.22.4-LCUM/	43 B 223 B	28ms 28ms	Image image/gif	15.188.95.229 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://citgroup.112.2o7.net/b/ss/citg-citglob-prod/1/JS-2.22.4-LCUM/s02813392048979?AQB=1&ndh=1&pf=1&t=10%2F8%2F2022%201%3A57%3A42%206%200&sdid=68015586B736AF77-201198FE45FA1E80&mid=77973615758267160552592425459100768708&aamlh=6&ce=UTF-8&g=https%3A%2F%2Flanding.cit.com%2Fapple-thank-you.html&c.&getPreviousValue=3.0&.c&cc=USD&events=event28%3D1%2Cevent60%3D2.849%2Cevent61&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c3=https%3A%2F%2Flanding.cit.com%2Fapple-thank-you.html&v3=https%3A%2F%2Flanding.cit.com%2Fapple-thank-you.html&v4=New&c5=en-US&c6=apple-thank-you.html&v9=25&c13=77973615758267160552592425459100768708&v14=77973615758267160552592425459100768708&c16=25&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=13340C0F53DAAFAC0A490D45%40AdobeOrg&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-188-95-229.eu-west-3.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://landing.cit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT x-content-type-options nosniff last-modified Sun, 11 Sep 2022 01:57:42 GMT server jag etag 3570782256091463680-4619849842440919929 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private content-type image/gif;charset=utf-8 content-length 43 x-xss-protection 1; mode=block expires Fri, 09 Sep 2022 01:57:42 GMT
GET H2	200	up Show response insight.adsrvr.org/track/ Frame E758	0 182 B	144ms 40ms	Document text/html	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=vxv1tyr&ref=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&upid=cbayhei&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://landing.cit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private,no-cache, must-revalidate content-type text/html date Sat, 10 Sep 2022 01:57:42 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319
GET H2	200	b.php www.facebook.com/fr/ Frame 5D92 Redirect Chain https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 https://www.facebook.com/fr/b.php?p=1531105787105294&e=YxvvFQAAALIuZQOY&t=2592000&o=0	43 B 565 B	116ms 60ms	Image image/gif	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/fr/b.php?p=1531105787105294&e=YxvvFQAAALIuZQOY&t=2592000&o=0 Protocol H2 Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 18:57:42 PDT content-encoding br x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-fb-rlafr 0 pragma public x-fb-debug idH+TlGVqLbRLo18agITk9Sk+FkjjG68e+U9GJI77VsqWFmukMp6QnQgqUGqrrNOfqb80ycpBb3nX90dSxsSoQ== cross-origin-opener-policy same-origin-allow-popups strict-transport-security max-age=15552000; preload report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type image/gif vary Accept-Encoding cache-control public, max-age=0 expires Fri, 09 Sep 2022 18:57:42 PDT Redirect headers pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT via 1.1 varnish server Varnish x-timer S1662775063.511471,VS0,VE0 x-served-by cache-cdg20734-CDG x-cache HIT location https://www.facebook.com/fr/b.php?p=1531105787105294&e=YxvvFQAAALIuZQOY&t=2592000&o=0 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	cm trc.taboola.com/sg/adobe/1/ Frame 5D92	43 B 369 B	129ms 56ms	Image image/gif	2a04:4e42:600::300 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94 Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-vcl-time-ms 27 pragma no-cache date Sat, 10 Sep 2022 01:57:42 GMT via 1.1 varnish server nginx x-timer S1662775063.689919,VS0,VE27 x-served-by cache-mxp6950-MXP x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	200	restricted mid.rkdms.com/ Frame 5D92 Redirect Chain https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=77993062973864856062590517511111797557&_ct=img https://mid.rkdms.com/restricted	0 0	106ms 106ms	Image text/html	3.231.36.173 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://mid.rkdms.com/restricted Protocol H2 Server 3.231.36.173 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-36-173.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Redirect headers location /restricted date Sat, 10 Sep 2022 01:57:42 GMT server nginx content-length 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 5D92 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t https://dpm.demdex.net/ibs:dpid=139200&dpuuid=_s8SwLzpSiefw7-u0gIyvQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77993062973864856062590517511111797557	43 B 479 B	111ms 111ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77993062973864856062590517511111797557 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://citgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Pragma no-cache Date Sat, 10 Sep 2022 01:57:43 GMT Vary Content-Type,Accept-Encoding,User-Agent Server Server x-amz-rid WHFEKXYS1XEA844SHABW Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers DCS dcs-prod-irl1-2-v039-0aee38a19.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID Z0yiLsGDRIE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77993062973864856062590517511111797557 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC