![](/screenshots/4c661c09-f5d9-4603-9fa7-d8ac00cd8057.png)
landing.cit.com
Open in
urlscan Pro
104.17.71.206
Public Scan
Submission Tags: @phishunt_io
Submission: On September 10 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 16th 2022. Valid for: a year.
This is the only time landing.cit.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-96-148-88.deploy.static.akamaitechnologies.com
munchkin.marketo.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-70-49.eu-west-1.compute.amazonaws.com
dpm.demdex.net | |
citgroup.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
citgroup.112.2o7.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-98-180.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-61-67.eu-west-1.compute.amazonaws.com
citbank.tt.omtrdc.net |
ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com |
ASN13335 (CLOUDFLARENET, US)
zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com | |
siteintercept.qualtrics.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com |
ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net
js.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-36-173.compute-1.amazonaws.com
mid.rkdms.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141 |
472 KB |
10 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 1044 p.typekit.net — Cisco Umbrella Rank: 1273 |
395 KB |
9 |
everesttech.net
9 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1651 sync-tm.everesttech.net — Cisco Umbrella Rank: 949 |
2 KB |
7 |
directcapital.com
landing.directcapital.com |
348 KB |
6 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 297 citgroup.demdex.net — Cisco Umbrella Rank: 51446 |
9 KB |
6 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 553 |
140 KB |
4 |
linkedin.com
3 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 894 www.linkedin.com — Cisco Umbrella Rank: 847 px4.ads.linkedin.com — Cisco Umbrella Rank: 6869 |
3 KB |
4 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 |
3 KB |
4 |
cit.com
landing.cit.com |
38 KB |
3 |
amazon-adsystem.com
2 redirects
s.amazon-adsystem.com — Cisco Umbrella Rank: 415 |
2 KB |
3 |
qualtrics.com
zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com — Cisco Umbrella Rank: 844325 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1517 |
23 KB |
3 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 91 |
55 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94 |
20 KB |
3 |
marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 6777 |
8 KB |
2 |
rkdms.com
1 redirects
mid.rkdms.com — Cisco Umbrella Rank: 1500 |
71 B |
2 |
adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2308 insight.adsrvr.org — Cisco Umbrella Rank: 908 |
3 KB |
2 |
spotxchange.com
1 redirects
sync.search.spotxchange.com — Cisco Umbrella Rank: 778 |
1 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 329 |
2 KB |
2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904 |
2 KB |
2 |
2o7.net
citgroup.112.2o7.net — Cisco Umbrella Rank: 817571 |
490 B |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 3469 |
565 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 19 |
565 B |
2 |
mktoweb.com
284-lbb-572.mktoweb.com |
70 KB |
2 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1565 |
74 KB |
1 |
taboola.com
trc.taboola.com — Cisco Umbrella Rank: 918 |
369 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 111 |
565 B |
1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1557 |
225 B |
1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 708 |
273 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 494 |
239 B |
1 |
yahoo.com
1 redirects
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1694 |
674 B |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 159 |
16 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 408 |
539 B |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1614 |
3 KB |
1 |
mktoresp.com
284-lbb-572.mktoresp.com |
318 B |
1 |
omtrdc.net
citbank.tt.omtrdc.net — Cisco Umbrella Rank: 627995 |
719 B |
1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 996 |
15 KB |
1 |
marketo.com
na-ab33.marketo.com |
3 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120 |
1 KB |
88 | 38 |
Domain | Requested by | |
---|---|---|
11 | www.googletagmanager.com |
landing.cit.com
assets.adobedtm.com www.googletagmanager.com |
9 | use.typekit.net |
landing.cit.com
|
8 | sync-tm.everesttech.net | 8 redirects |
7 | landing.directcapital.com |
landing.cit.com
|
6 | assets.adobedtm.com |
landing.cit.com
assets.adobedtm.com |
5 | dpm.demdex.net |
1 redirects
assets.adobedtm.com
landing.cit.com |
4 | landing.cit.com |
landing.cit.com
|
3 | s.amazon-adsystem.com | 2 redirects |
3 | www.youtube.com |
landing.cit.com
www.youtube.com |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com landing.cit.com |
3 | munchkin.marketo.net |
landing.cit.com
munchkin.marketo.net |
2 | mid.rkdms.com | 1 redirects |
2 | sync.search.spotxchange.com | 1 redirects |
2 | ib.adnxs.com |
1 redirects
landing.cit.com
|
2 | dsum-sec.casalemedia.com |
1 redirects
landing.cit.com
|
2 | cm.g.doubleclick.net |
1 redirects
landing.cit.com
|
2 | siteintercept.qualtrics.com |
zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com
siteintercept.qualtrics.com |
2 | px.ads.linkedin.com | 2 redirects |
2 | citgroup.112.2o7.net |
assets.adobedtm.com
|
2 | www.google.de |
landing.cit.com
|
2 | www.google.com |
landing.cit.com
|
2 | 284-lbb-572.mktoweb.com |
landing.cit.com
284-lbb-572.mktoweb.com |
2 | use.fontawesome.com |
landing.cit.com
use.fontawesome.com |
1 | trc.taboola.com | |
1 | www.facebook.com | |
1 | insight.adsrvr.org |
js.adsrvr.org
|
1 | js.adsrvr.org |
assets.adobedtm.com
|
1 | image2.pubmatic.com |
landing.cit.com
|
1 | us-u.openx.net |
landing.cit.com
|
1 | pixel.rubiconproject.com |
landing.cit.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | cms.analytics.yahoo.com | 1 redirects |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | px4.ads.linkedin.com |
landing.cit.com
|
1 | www.linkedin.com | 1 redirects |
1 | c.bing.com | 1 redirects |
1 | zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com |
assets.adobedtm.com
|
1 | snap.licdn.com |
assets.adobedtm.com
|
1 | p.typekit.net |
landing.cit.com
|
1 | 284-lbb-572.mktoresp.com |
munchkin.marketo.net
|
1 | citbank.tt.omtrdc.net |
assets.adobedtm.com
|
1 | cm.everesttech.net | 1 redirects |
1 | citgroup.demdex.net |
assets.adobedtm.com
|
1 | static.ads-twitter.com |
assets.adobedtm.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | na-ab33.marketo.com |
landing.cit.com
|
1 | fonts.googleapis.com |
landing.cit.com
|
88 | 47 |
This site contains links to these domains. Also see Links.
Domain |
---|
cit.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.youtube.com |
www.cit.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
landing.cit.com Cloudflare Inc ECC CA-3 |
2022-03-16 - 2023-03-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
landing.directcapital.com Cloudflare Inc ECC CA-3 |
2022-03-16 - 2023-03-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
284-lbb-572.mktoweb.com Cloudflare Inc ECC CA-3 |
2022-02-26 - 2023-02-26 |
a year | crt.sh |
na-ab33.marketo.com Cloudflare Inc ECC CA-3 |
2022-05-02 - 2023-05-02 |
a year | crt.sh |
*.marketo.net DigiCert SHA2 Secure Server CA |
2022-02-06 - 2023-02-07 |
a year | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-07 - 2023-04-07 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.112.2o7.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-08 - 2023-04-20 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-11 - 2022-10-12 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-30 - 2022-11-30 |
a year | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-04 - 2023-05-04 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-28 - 2022-12-29 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://landing.cit.com/Apple-Thank-You.html
Frame ID: E0D77A90FD83CAAEDEF57972D5567AEE
Requests: 73 HTTP requests in this frame
Frame:
https://citgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 5D92707542A724B95871CBDEC77874E8
Requests: 14 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=vxv1tyr&ref=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&upid=cbayhei&upv=1.1.0
Frame ID: E758DABCC5DBC726C6811E9E641D732B
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/4c661c09-f5d9-4603-9fa7-d8ac00cd8057.png)
Detected technologies
Detected patterns
- adnxs\.(?:net|com)
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
![](/vendor/wappa/icons/Marketo.png)
Detected patterns
- munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
![](/vendor/wappa/icons/OpenX.png)
Detected patterns
- https?://[^/]*\.openx\.net
![](/vendor/wappa/icons/PubMatic.png)
Detected patterns
- https?://[^/]*\.pubmatic\.com
![](/vendor/wappa/icons/Rubicon Project.png)
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Terms & Use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Fraud Warning
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 40- https://cm.everesttech.net/cm/dd?d_uuid=77993062973864856062590517511111797557 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxvvFQAAALIuZQOY
- https://c.bing.com/c.gif?uid=77993062973864856062590517511111797557&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1957&dpuuid=333982C2F625686E32E890D9F74E6963
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1471674%26time%3D1662775061541%26url%3Dhttps%253A%252F%252Flanding.cit.com%252FApple-Thank-You.html%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1471674&time=1662775061541&url=https%3A%2F%2Flanding.cit.com%2FApple-Thank-You.html&liSync=true&e_ipv6=AQLYe63SLof_HgAAAYMlHe4at4An3IiiREaBwGJG8DoLjWFGdkBBup-YrQmk8KTOng2A473t7g
- https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=77993062973864856062590517511111797557&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UZV9of5E2pHhW5KneD9oLh6HlB0.kFBy4Qg-~A
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXh2dkZRQUFBTEl1WlFPWQ== HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXh2dkZRQUFBTEl1WlFPWQ==&google_tc=
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YxvvFQAAALIuZQOY&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxvvFQAAALIuZQOY HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxvvFQAAALIuZQOY&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=YxvvFQAAALIuZQOY HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYxvvFQAAALIuZQOY
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=YxvvFQAAALIuZQOY
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxvvFQAAALIuZQOY
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YxvvFQAAALIuZQOY&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YxvvFQAAALIuZQOY&img=1&__user_check__=1&sync_id=f4fb406f-30ab-11ed-94aa-1f057aaa0406
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=YxvvFQAAALIuZQOY&t=2592000&o=0
- https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=77993062973864856062590517511111797557&_ct=img HTTP 302
- https://mid.rkdms.com/restricted
- https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
- https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
- https://dpm.demdex.net/ibs:dpid=139200&dpuuid=_s8SwLzpSiefw7-u0gIyvQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
- https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=77993062973864856062590517511111797557
88 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Apple-Thank-You.html
landing.cit.com/ |
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firstPrint.css
landing.directcapital.com/rs/284-LBB-572/images/ |
197 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-cosmic.css
landing.directcapital.com/rs/284-LBB-572/images/ |
143 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.2.0/css/ |
46 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marketo-forms-cosmic.js
landing.directcapital.com/rs/284-LBB-572/images/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3-1-1.min.js
landing.cit.com/rs/284-LBB-572/images/ |
85 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-679949560fa1.min.js
assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/ |
547 KB 123 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarketoLogos_CIT_288x52_horizontal.gif
landing.cit.com/rs/284-LBB-572/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forms2.min.js
284-lbb-572.mktoweb.com/js/forms2/js/ |
208 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cit-footer-logo-final.png
na-ab33.marketo.com/rs/637-HHN-232/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styleguide.polyfill.min.js
landing.directcapital.com/rs/284-LBB-572/images/ |
94 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styleguide.masks.min.js
landing.directcapital.com/rs/284-LBB-572/images/ |
362 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styleguide.components.min.js
landing.directcapital.com/rs/284-LBB-572/images/ |
369 KB 55 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styleguide.charts.min.js
landing.directcapital.com/rs/284-LBB-572/images/ |
519 KB 129 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net// |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stripmkttok.js
landing.cit.com/js/ |
2 KB 848 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ofc8kjj.js
use.typekit.net/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 207 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 442 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/09d302/00000000000000007735a14e/30/ |
47 KB 47 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/e30e66/00000000000000007735a151/30/ |
50 KB 51 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1416a9/00000000000000007735a15a/30/ |
46 KB 46 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1c49b4/00000000000000007735a15b/30/ |
50 KB 50 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/5e6988/00000000000000007735a163/30/ |
46 KB 46 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/37de2f/00000000000000007735a165/30/ |
49 KB 50 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/61b4ba/00000000000000007735a167/30/ |
47 KB 47 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/4b1947/00000000000000007735a16d/30/ |
50 KB 50 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getForm
284-lbb-572.mktoweb.com/index.php/form/ |
162 B 398 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ |
63 KB 63 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net/162/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
citgroup.demdex.net/ Frame 5D92 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
citgroup.112.2o7.net/ |
2 B 267 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YxvvFQAAALIuZQOY
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
delivery
citbank.tt.omtrdc.net/rest/v1/ |
350 B 719 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
992 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
visitWebPage
284-lbb-572.mktoresp.com/webevents/ |
2 B 318 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
www-widgetapi.js
www.youtube.com/s/player/977792fa/www-widgetapi.vflset/ |
161 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 228 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
114 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
114 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
114 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
114 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
114 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1957&dpuuid=333982C2F625686E32E890D9F74E6963
dpm.demdex.net/ Frame 5D92 Redirect Chain
|
42 B 948 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 265 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=30646
dpm.demdex.net/ Frame 5D92 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.4dc17d50d8eb18566aef.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
61 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 5D92 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/700891725/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 5D92 Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/700891725/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-user-list/700891725/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame 5D92 Redirect Chain
|
43 B 874 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 5D92 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 5D92 Redirect Chain
|
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 5D92 Redirect Chain
|
0 225 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCc9c0d0a313094b67ae65efd6a3a230dc-source.min.js
assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/ |
971 B 797 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCd372b36788194cdea6299a2835e3a23d-source.min.js
assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC0f4346e708914bc99beff1bca6a18fe0-source.min.js
assets.adobedtm.com/d6f1f8f7c874/6c90376dd2da/b634a82a9f1a/ |
784 B 660 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 5D92 Redirect Chain
|
43 B 549 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iframe_api
www.youtube.com/ |
992 B 517 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s02813392048979
citgroup.112.2o7.net/b/ss/citg-citglob-prod/1/JS-2.22.4-LCUM/ |
43 B 223 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
up
insight.adsrvr.org/track/ Frame E758 |
0 182 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b.php
www.facebook.com/fr/ Frame 5D92 Redirect Chain
|
43 B 565 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cm
trc.taboola.com/sg/adobe/1/ Frame 5D92 |
43 B 369 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
restricted
mid.rkdms.com/ Frame 5D92 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ecm3
s.amazon-adsystem.com/ Frame 5D92 Redirect Chain
|
43 B 479 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
123 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| labelClassToggle function| $ function| jQuery object| gaplugins object| gaGlobal object| gaData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| twq object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| regeneratorRuntime object| twttr object| Typekit object| MktoForms2 object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| _babelPolyfill function| IMask function| van11yAccessibleHideShowAria function| Color function| Chart function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| tag object| firstScriptTag object| x object| players number| n boolean| twentyFlag boolean| fiftyFlag boolean| seventyFlag number| playerState undefined| player function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerStateChange function| createPlayer object| MunchkinTracker object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| _linkedin_data_partner_id object| QSI object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| lintrk boolean| _already_called_lintrk object| WAFQualtricsWebpackJsonP-cloud-1.76.1 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _qsie number| s_loadT function| cookieWrite function| cookieRead string| g function| video function| updatePlayerInfo object| y object| playArray object| statusArray object| s_i_citg-citglob-prod function| ttd_dom_ready function| TTDUniversalPixelApi41 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
landing.cit.com/ | Name: BIGipServersjfweb-nginx-app_https Value: !VEktdo2+y1Wq6mnMZROflEEG2tCikvtvoPudSxNDrHTte0nz6IaW3HARja0dr03Vo07ofi0lctcJEfw= |
|
.landing.cit.com/ | Name: __cf_bm Value: KuA2uQ9_.bBPHH6YTb8tAIx5o8bj_KuWIuPDBWawSko-1662775060-0-AaIrjwxwOHtUlsJ32bMrerZ1gW4l0IBnJ0ivAo7tzwwA3nmcKii9NTNQfvbp6c8H2tykWZP3/y4ubDo48FMq2K0= |
|
.landing.directcapital.com/ | Name: __cf_bm Value: p3tVYKTIdoAdernkJLZQqdFg4oBbr383wozCME5bGiY-1662775060-0-AX2AZObbgs1w1MLGpmpz3tjJ0kUffJ7k7V+2CUmIhvCmTrkRY37x+GwU4Lf5twtKypkoVEC4lCaxYEcltAXe9eQ= |
|
.cit.com/ | Name: _ga Value: GA1.2.2071950756.1662775061 |
|
.cit.com/ | Name: _gid Value: GA1.2.1474238222.1662775061 |
|
.cit.com/ | Name: _gat_gtag_UA_8170919_5 Value: 1 |
|
.cit.com/ | Name: at_check Value: true |
|
.284-lbb-572.mktoweb.com/ | Name: __cf_bm Value: aBu0HRganZ6ZRMfOLSzG611gaJUqf1WLbKtAVtL5.nM-1662775061-0-AcE85vTv78FrWV07IyIlT7j5Rrsm+KzNl2MBn4UP7aeftVUTgM4DTi6its9KJlHyTgbiEyMVCbcu1PvWUHyyq3o= |
|
.na-ab33.marketo.com/ | Name: __cf_bm Value: IKfj3rpYVQidyervHSLNnH5EqcSDqiZ99ryVMD3aTeA-1662775061-0-AS/R+O1gPtvfgdm1DclbtXfN2ChAbShmY/tPW4usj9XAXTwXDKQBZiKeYaMeDV8kS4bEo+8bw0kgWke4vi66FAY= |
|
.demdex.net/ | Name: demdex Value: 77993062973864856062590517511111797557 |
|
.cit.com/ | Name: AMCVS_13340C0F53DAAFAC0A490D45%40AdobeOrg Value: 1 |
|
.cit.com/ | Name: _mkto_trk Value: id:284-LBB-572&token:_mch-cit.com-1662775061287-79525 |
|
.youtube.com/ | Name: YSC Value: Tk1tVGxsyiI |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: eiUkUrMAyk8 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YxvvFQAAALIuZQOY |
|
.cit.com/ | Name: mbox Value: session#09b58eecf9f54064af5a46ec6a754f02#1662776922|PC#09b58eecf9f54064af5a46ec6a754f02.37_0#1726019862 |
|
.dpm.demdex.net/ | Name: dpm Value: 77993062973864856062590517511111797557 |
|
.cit.com/ | Name: AMCV_13340C0F53DAAFAC0A490D45%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19246%7CMCMID%7C77973615758267160552592425459100768708%7CMCAAMLH-1663379861%7C6%7CMCAAMB-1663379861%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662782261s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19253%7CvVersion%7C5.4.0 |
|
.cit.com/ | Name: _gcl_au Value: 1.1.383364891.1662775062 |
|
.bing.com/ | Name: MUID Value: 333982C2F625686E32E890D9F74E6963 |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQIoUqDmbp7JVwAAAYMlHezUQCG2fn2kJCF6DxAszi2iLEdUsp7bRKVqzjMPJm5e1DvXm_zLRk9DkQ |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQKV-J2QL9arAwAAAYMlHezUXB9G1VW03sNZDRThZpGHNI2InkB9w76UkdrhvyznfFngpKTVMARBBwjZV5M7jw |
|
.ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.linkedin.com/ | Name: bcookie Value: "v=2&53880e6b-237c-41b4-843e-ea95697f6ae2" |
|
.linkedin.com/ | Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2505:u=1:x=1:i=1662775061:t=1662861461:v=2:sig=AQFDt4ERFuU_UvIt8Fyhlk-VA0npeNui" |
|
.yahoo.com/ | Name: A3 Value: d=AQABBBXvG2MCEN3HG0YNAns79ebeE8MD6-E&S=AQAAAtrULxnK-Gtp0LezG39wBYA |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&20220910015741d1dbe78e-2b40-40d9-88cf-e68cdb8aebddAQGc5m_2J_Rjn2DaMwqPFBHnV3yjTlJO" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE2NjI3NzUwNjE7MjswMjHFGu8maV+UDwX2Uhs61LjmMvOEbjtHLqvz+ron4MfbJA== |
|
.casalemedia.com/ | Name: CMID Value: YxvvFsC3BDSA8s09QFO6eAAA |
|
.casalemedia.com/ | Name: CMPS Value: 1124 |
|
.casalemedia.com/ | Name: CMPRO Value: 1124 |
|
.casalemedia.com/ | Name: CMTS Value: 1177 |
|
.adnxs.com/ | Name: uuid2 Value: 4027691061966250398 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2GTxhn(mh!]tbPl1MwL(!R7qUY$*QAieOjYWJXJF8*B@N$)qjLlgYS<QG=%9sk?bIRwi:w9Ld1_Ol4(17Mco/y@Yw#u#C=*i1o! |
|
.cit.com/ | Name: s_cc Value: true |
|
.spotxchange.com/ | Name: audience Value: f4fb4021-30ab-11ed-94aa-1f057aaa0406 |
|
.demdex.net/ | Name: dextp Value: 1957-1-1662775061540|30646-1-1662775061684|144230-1-1662775061788|144231-1-1662775061889|144232-1-1662775061990|144233-1-1662775062090|144234-1-1662775062191|144235-1-1662775062292|144236-1-1662775062393|144237-1-1662775062494|147592-1-1662775062594|129099-1-1662775062695|139200-1-1662775062796 |
|
.amazon-adsystem.com/ | Name: ad-id Value: A5AdbThqEkbzpiJq1GBqDFk |
|
.amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
284-lbb-572.mktoresp.com
284-lbb-572.mktoweb.com
assets.adobedtm.com
c.bing.com
citbank.tt.omtrdc.net
citgroup.112.2o7.net
citgroup.demdex.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
landing.cit.com
landing.directcapital.com
mid.rkdms.com
munchkin.marketo.net
na-ab33.marketo.com
p.typekit.net
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.amazon-adsystem.com
siteintercept.qualtrics.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
trc.taboola.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com
104.16.92.80
104.16.95.80
104.17.208.240
104.17.71.206
104.17.72.206
104.18.18.126
104.96.148.88
13.107.42.14
13.225.85.149
142.250.181.226
142.250.186.162
15.188.95.229
15.197.193.217
151.101.2.49
18.202.61.67
185.64.189.110
185.89.210.244
185.94.180.126
192.28.147.68
199.232.136.157
212.82.100.182
2606:4700:3032::ac43:a9f7
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:400c:c06::9a
2a02:26f0:10e::6860:5bb2
2a02:26f0:10e::6860:5bb9
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:587::1e80
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:600::300
3.231.36.173
34.247.98.180
34.98.64.218
52.209.70.49
52.46.130.91
69.173.144.139
0424e19520bce927755b6b3e6a31fd16af5d494271e3db98516e08aa180b043f
05f269e706e9bbc25e1907dac1879e7574cbaded179af4aab2f44189b2fdb0fc
087ffde713af10751722998e46fd7a0f04826fb2849a6b4dd70c2c65ced26bba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0ed04d996f15a249db19d44196e169ef0a0064ac66f57f44d922f8ea1283ae78
12c80f181ad8454b296667b61571079ad4a876bba486537e200005311d01d7fa
139bf22d76a2700e621ddae1d8ed98e17afcfcebf9c16db50850f5f27d1464c8
1ea612b02f8a8d321a665632d223dc0c2185c4f2e63d9a5b8ebbca6bfbd5384b
21643f29e3bc4a84cfea42c9af50f05ab02a6aadabf61e9dd21df093d5434d6b
28d65611d5b52af7f3693b83b959d7ac143bf4f574b69c16f7b910e5bb9af94a
3152e192826cd6895ab05c84646482c2aeea36ea43f6a0827135505101cdb051
3721f84ae175aaaeeaca6b1663bea177dc96ef6581703c6ca05d4687ebb14a52
3e2ccf5a974d78a6fdca5b2fe544a4fdeefb3bbe668d1deb95259d421fb3e514
4151ee72f9196e4c331de943e11b54e171065614fe168e79359752720ff261e1
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4d066e71f460f47d443274fbbb4b550bd1d68e2d4df4ad39e8117cdd3b3d9867
4df90a29f2653d233aeb2e965c26895c56dd507094e5ca16af6e08829eee15e2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
525ced4f4b18f422eb980a6df3d20d6caa4708f8b8ad2bd15f6bd654f16de643
53cfecdd7c51655f0b0a5689259a94297594578b4e5f11106d234e329b56f3a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5f68e1d0bece6e52a4cdbcdb10acf8bdc4b965c0832cef14b368f8a20516e356
61af872190101669cf96a2a4ed2ffde346f982173ee736fc9d7fdf52c6af51d0
61f29aa2417a11420644d2e9418b0a1e7a90bfd3600aa4adeb858def4fd85fc0
6d150d3cefed725c5039070d9df20be290d9fa1c1db29783efa0e4e9376b8946
74cac2928a65542ec11eb7da2bbddcbbd7b3694ff96a0f21f5ecbb151b3b746c
785cade122ecba0bec068079b96f577560f50005702c0fb00518ce3bee4c5bd7
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
920cff036d816cb3640e0eda8979e73dd5567855c7d288cf54db9c9f7fe7a930
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
9419a14ec1a7609748b39988e756ee1f397107c982f8630bbcbdc0e46907a2e7
94286ca58a1997c6bc8e198f493f80a05e8957875ca7dc7e86e615504cfe4e51
94f721cea60b90692738a2e4ab2997bbf8228d7554a4d5c13a909f1d5af03cf2
9791d0b7fe2afa6072e069a2205aa746e932ccce33fdd82d0d0ba05206fda3bb
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9e9369207f2b9592493c9bcc1d5fb8eb5dcceca5e9ff0893ed192bbc7c22f731
9ff518e7ce0cd3c8a3125ee46f2e60092105976804398fd115d82993d48d9fc4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a8aa15bc30271e18038a569622b36561f9be4accb743676f5e2463f79012205f
b0ede41fc4b35438e6f8a6be5c847311de69e773693e059fc40555c90983ed08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b755b4d8b94f93377b32c38d1d0d81554d63bb775cada532779ac9400182a677
bfd59510e72ef41028ea52e80ce93ddab54182b8682c0139082f25afb8f5d7db
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7b46022c4ae5a1798ed9e45a83ed40aead7f761070cb9af515bff95855db307
ca008650bc8e214efe3984de3bb68c687c113534d04f3c7a2169bef7e6b9d06d
cde91b64cf0430923c3b148ee53334577f543a709622d3e18059da89f69e8dbe
d02aac8e3e7a20b2529c39c29b7adb085f508674d7e308fcbcbca78bdde23eb1
d2d21b5bb3e2de507dbeb970c90f5f1340d7b9f14b1ce980d36f530ac98629ac
d30d6beac55924a14f58256b970878488099cbeaf0689a0c7adae77fb79976e8
d83e10b035461434af5a55fdee9d05f2b25b1d4247035cc550068d1595d8943c
db3f9e57da58af7f3f38be55628605bce1715a360d88a40971310bbef2bfeb97
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e76f0757694c207aca69fad0391588651b0f12106ec67518d57b1662b5aadaa6
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f347fcfc50a2369431e1317fd620a222e26e33e775a3bc19d117dc015f0389e0
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91