urlscan.io logo urlscan.io
SecurityTrails logo

www.citicards.com Open in urlscan Pro
23.45.237.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication...
Effective URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Submission: On January 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 22 domains to perform 99 HTTP transactions. The main IP is 23.45.237.67, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.citicards.com. The Cisco Umbrella rank of the primary domain is 176510.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 12th 2021. Valid for: a year.
This is the only time www.citicards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    173.213.4.17 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
fm.info6.citi.com
l.info6.citi.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    63.148.46.76 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com
sts.eccmp.com
9    23.45.237.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-237-67.deploy.static.akamaitechnologies.com
www.citicards.com
35    18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
4    52.208.47.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-47-212.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    104.111.238.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-178.deploy.static.akamaitechnologies.com
online.citi.com
1    52.17.105.123 (None, )

ASN- ()
citi.demdex.net
1    15.236.176.210 (None, )

ASN- ()
metrics1.citi.com
1    54.154.165.122 (None, )

ASN- ()
cm.everesttech.net
1    2600:9000:214f:9c00:1:76cf:fe80:93a1 (None, )

ASN- ()
c1.rfihub.net
8    2a00:1450:4001:82b::2008 (None, )

ASN- ()
www.googletagmanager.com
1    104.111.228.137 (None, )

ASN- ()
tags.bkrtx.com
2    34.241.165.255 (None, )

ASN- ()
citicorpcreditservic.tt.omtrdc.net
2    193.0.160.129 (None, )

ASN- ()
20766699p.rfihub.com
p.rfihub.com
2    151.101.130.133 (None, )

ASN- ()
resources.digital-cloud-citi.medallia.com
1    65.9.58.69 (None, )

ASN- ()
cdn.pbbl.co
1    2620:1ec:c11::200 (None, )

ASN- ()
bat.bing.com
1    2600:9000:214f:5e00:1d:bf0a:0:93a1 (None, )

ASN- ()
c.tvpixel.com
1    3.122.111.84 (None, )

ASN- ()
d.agkn.com
Apex Domain
Subdomains		 Transfer
35 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2777
343 KB
9 citicards.com
www.citicards.com — Cisco Umbrella Rank: 176510
469 KB
8 googletagmanager.com
www.googletagmanager.com
291 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
citi.demdex.net
7 KB
5 citi.com
fm.info6.citi.com — Cisco Umbrella Rank: 300581
l.info6.citi.com — Cisco Umbrella Rank: 107489
online.citi.com — Cisco Umbrella Rank: 22687
metrics1.citi.com
prod.report.nacustomerexperience.citi.com Failed
20 KB
3 eccmp.com
sts.eccmp.com — Cisco Umbrella Rank: 15877
17 KB
2 medallia.com
resources.digital-cloud-citi.medallia.com
89 KB
2 rfihub.com
20766699p.rfihub.com
p.rfihub.com
795 B
2 omtrdc.net
citicorpcreditservic.tt.omtrdc.net
2 KB
1 agkn.com
d.agkn.com
593 B
1 tvpixel.com
c.tvpixel.com
p.tvpixel.com Failed
32 KB
1 bing.com
bat.bing.com
11 KB
1 pbbl.co
cdn.pbbl.co
1 bkrtx.com
tags.bkrtx.com
16 KB
1 rfihub.net
c1.rfihub.net
6 KB
1 everesttech.net
cm.everesttech.net
517 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
30 KB
0 kampyle.com Failed
nebula-cdn.kampyle.com Failed
0 scorecardresearch.com Failed
sb.scorecardresearch.com Failed
0 googleadservices.com Failed
www.googleadservices.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 rlcdn.com Failed
sr.rlcdn.com Failed
99 22
Domain Requested by
35 nexus.ensighten.com www.citicards.com
nexus.ensighten.com
9 www.citicards.com fm.info6.citi.com
www.citicards.com
8 www.googletagmanager.com nexus.ensighten.com
www.googletagmanager.com
4 dpm.demdex.net 1 redirects www.citicards.com
3 sts.eccmp.com fm.info6.citi.com
sts.eccmp.com
2 resources.digital-cloud-citi.medallia.com nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
2 citicorpcreditservic.tt.omtrdc.net www.citicards.com
2 online.citi.com www.citicards.com
1 d.agkn.com
1 c.tvpixel.com nexus.ensighten.com
1 bat.bing.com nexus.ensighten.com
bat.bing.com
1 cdn.pbbl.co nexus.ensighten.com
1 p.rfihub.com c1.rfihub.net
1 20766699p.rfihub.com c1.rfihub.net
1 tags.bkrtx.com nexus.ensighten.com
1 c1.rfihub.net nexus.ensighten.com
1 cm.everesttech.net 1 redirects
1 metrics1.citi.com www.citicards.com
1 citi.demdex.net nexus.ensighten.com
1 l.info6.citi.com fm.info6.citi.com
1 ajax.googleapis.com fm.info6.citi.com
1 fm.info6.citi.com
0 nebula-cdn.kampyle.com Failed resources.digital-cloud-citi.medallia.com
0 sb.scorecardresearch.com Failed
0 p.tvpixel.com Failed www.citicards.com
0 www.googleadservices.com Failed www.googletagmanager.com
0 stags.bluekai.com Failed tags.bkrtx.com
0 prod.report.nacustomerexperience.citi.com Failed www.citicards.com
0 sr.rlcdn.com Failed nexus.ensighten.com
99 29

This site contains links to these domains. Also see Links.

Domain
www.citi.com
online.citi.com
online.citibank.com
sealinfo.verisign.com
Subject Issuer Validity Valid
info6.citi.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-28 -
2022-03-03		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.eccmp.com
DigiCert SHA2 Secure Server CA		 2020-03-06 -
2022-06-08		 2 years crt.sh
www.accountonline.com
DigiCert SHA2 Extended Validation Server CA		 2021-11-12 -
2022-12-13		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
online.citibank.com
DigiCert SHA2 Extended Validation Server CA		 2020-03-13 -
2022-05-14		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
metrics1.citi.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-02 -
2022-08-30		 2 years crt.sh
*.rfihub.net
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2021-04-02 -
2022-04-07		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.digital-cloud-citi.medallia.com
SSL.com RSA SSL subCA		 2021-11-15 -
2022-10-20		 a year crt.sh
*.pbbl.co
Amazon		 2021-11-04 -
2022-12-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.tvpixel.com
Amazon		 2022-01-14 -
2023-02-12		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Frame ID: 181B3D836C96C403FC2BB4CD719AFD9F
Requests: 93 HTTP requests in this frame

Frame: https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: C8A40C185A8C6ED0B2A1C89725EF196A
Requests: 1 HTTP requests in this frame

Frame: https://20766699p.rfihub.com/ca.html?ver=9&ra=280&rb=648&ca=20766699&_o=17169175&_t=checkapplicationstatus&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=checkapplicationstatus&pe=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&pf=https%3A%2F%2Ffm.info6.citi.com%2F&ra=25375260485424156
Frame ID: 7744185171EFE6EFDC8FA97015778146
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/ca.html?ver=9&ra=536&rb=648&ca=&_o=17169175&_t=&pe=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&pf=https%3A%2F%2Ffm.info6.citi.com%2F&ra=308860647303574
Frame ID: 616D4AFBD7B95DF5D9D4271498129BE4
Requests: 1 HTTP requests in this frame

Frame: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 93648A6799709F4B75A589D8AACCC9B9
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/63068?ret=html&phint=language%3Den_US&phint=product&phint=event%3D&phint=category%3Dpre-login%20self-service&phint=page%3DCheck%20Application%20Status&phint=section1%3Dcards&phint=section2%3Dacq&phint=section3%3Dapplication&phint=section4%3DNewWelcome&phint=bankappstatus&phint=productID&phint=__bk_t%3DCheck%20Your%20Application%20Status&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ffm.info6.citi.com%2F&phint=__bk_l%3Dhttps%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&phint=__bk_v%3D3.1.10&limit=10&r=7811781
Frame ID: DEFDB098C4921CD5B7FE1B6888B68F9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Check Your Application Status

Page URL History Show full URLs

  1. https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2F... Page URL
  2. https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicat... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

99
Requests

76 %
HTTPS

25 %
IPv6

22
Domains

29
Subdomains

20
IPs

3
Countries

1333 kB
Transfer

4475 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011%26enid%3D218033DCD28EF1489EC2A32FC7E4614C4E64&linkName=CT_SecuredApplication&transId=E2022011965076107 Page URL
  2. https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1642630814328 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1642630814328
Request Chain 53
  • https://cm.everesttech.net/cm/dd?d_uuid=84980667132467775234342492031490006922 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeiOngAAAGdZXQQA

99 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url.aspx
fm.info6.citi.com/ats/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011%26enid%3D218033DCD28EF1489EC2A32FC7E4614C4E64&linkName=CT_SecuredApplication&transId=E2022011965076107
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
/
Resource Hash
1999b7b60b033c6cd9ae7f9b2bcd4b2eeaf46e7d5213059e8e64cbefec6583df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
0
X-Powered-By
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
SERVER
Date
Wed, 19 Jan 2022 22:20:10 GMT
Content-Length
3812
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
Keep-Alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011%26enid%3D218033DCD28EF1489EC2A32FC7E4614C4E64&linkName=CT_SecuredApplication&transId=E2022011965076107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 11:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Jan 2023 11:35:16 GMT
open.aspx
l.info6.citi.com/rts/ 		43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.info6.citi.com/rts/open.aspx?tp=i-16IJ-9x-M-5Ch04B-1q-4uNM7B-1c-OI-G-l734cuhHAl-1zeMw7
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011%26enid%3D218033DCD28EF1489EC2A32FC7E4614C4E64&linkName=CT_SecuredApplication&transId=E2022011965076107
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.213.4.17 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 22:20:10 GMT
Server
X-Powered-By
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, max-age=0
Expires
0
conversen-SDK.js
sts.eccmp.com/sts/scripts/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011%26enid%3D218033DCD28EF1489EC2A32FC7E4614C4E64&linkName=CT_SecuredApplication&transId=E2022011965076107
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:11 GMT
Last-Modified
Thu, 28 Oct 2021 04:27:16 GMT
Server
Microsoft-IIS/8.0
Age
1917
X-Powered-By
ASP.NET
ETag
"0ea5516b4cbd71:0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15567
617
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 		35 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/617
Requested by
Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:12 GMT
X-AspNetMvc-Version
3.0
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
35
image.gif
sts.eccmp.com/wts/WebEvent/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sts.eccmp.com/wts/WebEvent/image.gif?isSplit=false&guid=6504c3d8-f622-e505-3118-a7149827c92c&segmentNumber=1&pm[linkName]=CT_SecuredApplication&pm[transId]=E2022011965076107&rp[cr]=617&rp[wegc]=&rp[et]=100&rp[ap]=&rp[we]=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:11 GMT
X-AspNetMvc-Version
3.0
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
807
Primary Request flow.action
www.citicards.com/cards/credit/application/ 		265 KB
147 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Requested by
Host: fm.info6.citi.com
URL: https://fm.info6.citi.com/ats/url.aspx?cr=617&wu=1&we=1&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011%26enid%3D218033DCD28EF1489EC2A32FC7E4614C4E64&linkName=CT_SecuredApplication&transId=E2022011965076107
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7070e3105dfe63391f3b82e5129a325fc470fae24850e8d93bc464d72d2f18f6
Security Headers
Name Value
Content-Security-Policy Frame-Ancestors 'self' https://sit01.disputes.citi.com https://disputes.citi.com
X-Frame-Options Allow-From https://sit01.disputes.citi.com https://disputes.citi.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fm.info6.citi.com/

Response headers

Content-Type
text/html; charset=ISO-8859-1
X-Ion-Hop
Prod
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache private no-store max-stale=0 must-revalidate max-age=0 proxy-revalidate s-max-age=0
Pragma
no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate
Content-Security-Policy
Frame-Ancestors 'self' https://sit01.disputes.citi.com https://disputes.citi.com
X-Akamai-CITISITE
SWDC
Content-Language
de-DE
X-DEBUG-TIER2-PARENT
5a38e3-23.205.100.70-1642630813-AUTH1-SHPIP23.15.240.213-TCIP185.213.155.164
X-UA-Compatible
IE=Edge IE=Edge
X-Frame-Options
Allow-From https://sit01.disputes.citi.com https://disputes.citi.com
X-DEBUG-TIER2
86899896-23.15.240.213-1642630813-AUTH1-SHPIP4.79.61.108-TCIP185.213.155.164
Content-Encoding
gzip
Date
Wed, 19 Jan 2022 22:20:13 GMT
Transfer-Encoding
chunked
Connection
keep-alive Transfer-Encoding
Vary
Accept-Encoding
X-Robots-Tag
noindex, nofollow
newWelcome.min.css
www.citicards.com/cards/wv/welcome/css/ 		291 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22ad331165b712e3d879b32dcf10ce25a5b65bf6860eb7a5c3cf0b7d35e0ad7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Oct 2021 14:38:18 GMT
X-Akamai-CITISITE
SWDC
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46581
Expires
Thu, 20 Jan 2022 04:20:14 GMT
jquery-1.12.4.min.js
www.citicards.com/cards/wv/welcome/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citicards.com/cards/wv/welcome/js/jquery-1.12.4.min.js
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 15:55:25 GMT
X-Akamai-CITISITE
GTDC
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33706
Expires
Thu, 20 Jan 2022 04:20:14 GMT
Bootstrap.js
nexus.ensighten.com/citi/na_prod/ 		289 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81a91a3eba73606202b154382131ce76d4b36d14edbe459ff5d477acb9e9b625

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 18:06:26 GMT
server
nginx
etag
W/"61b8dd22-482f4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
newWelcome.min.js
www.citicards.com/cards/wv/welcome/js/ 		834 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citicards.com/cards/wv/welcome/js/newWelcome.min.js
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88ff40e8c631cea3789a0fe72a9268a218e12e05e2ce4fabeeae3c7de42c3928

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:20:09 GMT
X-Akamai-CITISITE
GTDC
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
216669
Expires
Thu, 20 Jan 2022 04:20:14 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1642630814328
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1642630814328
363 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1642630814328
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
HTTP/1.1
Server
52.208.47.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-47-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b6cec40f4f675bc2a085c8d6a2d09bb5eef3f696ea2ff3e72a2fd4a2b14de18f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v027-010f8de1e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
j9geoRJ+TQw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.citicards.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
307
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v027-0da9e18e5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.citicards.com
X-TID
TOdYJxPRTo0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1642630814328
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
citi_app_sprite-blue.svg
www.citicards.com/cards/wv/welcome/img/NewBanner/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citicards.com/cards/wv/welcome/img/NewBanner/citi_app_sprite-blue.svg
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2cd8c98a7ba7914c78ad67f963d95201ca25a3b3e925b82eb5e298169c63a1c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Sep 2020 09:13:36 GMT
X-Akamai-CITISITE
GTDC
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1906
Interstate-ExtraLight.woff
www.citicards.com/cards/wv/welcome/css/fonts/interstate/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citicards.com/cards/wv/welcome/css/fonts/interstate/Interstate-ExtraLight.woff
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
Origin
https://www.citicards.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Jun 2021 04:23:51 GMT
X-Akamai-CITISITE
SWDC
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1532
icons@1x.png
www.citicards.com/cards/wv/welcome/css/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citicards.com/cards/wv/welcome/css/images/icons@1x.png
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e8aa099376459830d295cba8264ffadb98343db5539af204925bf6932a0ed45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Accept-Ranges
bytes
Last-Modified
Wed, 05 Oct 2016 16:52:26 GMT
Connection
keep-alive
X-Akamai-CITISITE
GTDC
Date
Wed, 19 Jan 2022 22:20:14 GMT
Content-Length
9761
Content-Type
image/png
serverComponent.php
nexus.ensighten.com/citi/na_prod/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Tue%20Dec%2014%2018:06:16%20GMT%202021&ClientID=1129&PageID=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
39bbb6cccc290f90865a106530370b9817faae88214290e9b8fdef20ed4ae412

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
cache-control
no-cache, no-store
content-type
text/javascript
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Wed, 19 Jan 2022 22:20:13 GMT
citi_app_sprite.svg
www.citicards.com/cards/wv/welcome/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.citicards.com/cards/wv/welcome/img/citi_app_sprite.svg
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa2d499915cc9d27d3ed17f446d25a0fe5068ef7623e03f7ff274ca5cc20650b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2016 21:17:18 GMT
X-Akamai-CITISITE
GTDC
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1904
tagging.js
online.citi.com/CBOL/taggingTransformation/ 		71 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.citi.com/CBOL/taggingTransformation/tagging.js
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/wv/welcome/js/newWelcome.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd866415f5b82a72a060b91d03a907632ec1d539253a885c64d3db6ec9c103e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
Strict-Transport-Security max-age=300
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
last-modified
Fri, 05 Nov 2021 18:31:24 GMT
x-akamai-citisite
SWDC
date
Wed, 19 Jan 2022 22:20:14 GMT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
expires
Thu, 20 Jan 2022 04:20:14 GMT
cache-control
max-age=21600
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-length
14183
content-type
application/x-javascript
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
c4672d80f0441a067c634981e1aa57f8.js
nexus.ensighten.com/citi/na_prod/code/ 		1 KB
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/c4672d80f0441a067c634981e1aa57f8.js?conditionId0=3381696
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3ea0132cb5e6f30bc1e74ddf7d499673476cfcd4f67ce7a89d14dce60ba6712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Mon, 27 Jan 2020 17:57:04 GMT
server
nginx
etag
W/"5e2f2470-40d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
669e4959e6b9a307a1e99ff8c3e116f2.js
nexus.ensighten.com/citi/na_prod/code/ 		1 KB
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/669e4959e6b9a307a1e99ff8c3e116f2.js?conditionId0=1838258
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e706cb21512dfb08845f4bcd6890d200878c00e4e753fa6cc668c89bd93cf84d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 19:12:00 GMT
server
nginx
etag
W/"61818d80-425"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
beb3f601929f5d4344d1648e914d96e2.js
nexus.ensighten.com/citi/na_prod/code/ 		2 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/beb3f601929f5d4344d1648e914d96e2.js?conditionId0=4823267
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
46fef6da13b6cce514054e81bc763437741225fb7c2afecea58b94e929c02bf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 17:19:01 GMT
server
nginx
etag
W/"612e6485-6be"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
80302f70355692458aa73941cfa73c73.js
nexus.ensighten.com/citi/na_prod/code/ 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/80302f70355692458aa73941cfa73c73.js?conditionId0=4905576&conditionId1=4905577&conditionId2=4905574&conditionId3=4905575
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44869454f080ce369ca2515da2f5111b233004f7ac52013c4a5a161d78d349e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 18:06:26 GMT
server
nginx
etag
W/"61b8dd22-52eb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
1e9cc14fde6576c02e498ddb8e80f52f.js
nexus.ensighten.com/citi/na_prod/code/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/1e9cc14fde6576c02e498ddb8e80f52f.js?conditionId0=475817
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cba290cc02b5f6de745dbc78f1ed287808804ce3d763418857153a61506be79b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 18:06:26 GMT
server
nginx
etag
W/"61b8dd22-1cca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
fdf45a7c15c1cee06bb71e10dac4e26e.js
nexus.ensighten.com/citi/na_prod/code/ 		989 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
last-modified
Tue, 14 May 2019 17:01:42 GMT
server
nginx
etag
"5cdaf476-3dd"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
989
05835b2148e5361c050a3817e67c033d.js
nexus.ensighten.com/citi/na_prod/code/ 		42 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/05835b2148e5361c050a3817e67c033d.js?conditionId0=4877290&conditionId1=4877291&conditionId2=4877288&conditionId3=4877289&conditionId4=4877294&conditionId5=4877295&conditionId6=4877292&conditionId7=4877293&conditionId8=4863821&conditionId9=4897549&conditionId10=3811922&conditionId11=3834893&conditionId12=4877298&conditionId13=3834882&conditionId14=1838309&conditionId15=4877299&conditionId16=4877264&conditionId17=4877296&conditionId18=4877297&conditionId19=3834884&conditionId20=4877301
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44a3749d700b0ff8736b0992dcc8aeeb2b8c99dfc04d3b202945c61512ca6504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:41:32 GMT
server
nginx
etag
W/"6193ed4c-a632"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
f4443168be840e83b043120f9fab6827.js
nexus.ensighten.com/citi/na_prod/code/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/f4443168be840e83b043120f9fab6827.js?conditionId0=455825
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d5160ce3002efe6aaaa756e3543e2925870e2b91df6d428fd139441fa8ab7aec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 18:06:26 GMT
server
nginx
etag
W/"61b8dd22-42ea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
fc1735cfee41cce33762d6c3b37fcef2.js
nexus.ensighten.com/citi/na_prod/code/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/fc1735cfee41cce33762d6c3b37fcef2.js?conditionId0=462132
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
25d2190b144b4e413b662df7d8a0f0bc087fbdc9bb66d1a1f69fc027a8d4c7ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:36:41 GMT
server
nginx
etag
W/"61a66129-324c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
6ed794d287f262c0bca91d950d85eafe.js
nexus.ensighten.com/citi/na_prod/code/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/6ed794d287f262c0bca91d950d85eafe.js?conditionId0=475830
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e5fd33e37a641fabc8c494c1748c85c15692d6aa0b46b1b968ace1f8f297813

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 18:06:26 GMT
server
nginx
etag
W/"61b8dd22-1c9e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
42d4d669434e7d621371bd59ca097dbf.js
nexus.ensighten.com/citi/na_prod/code/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/42d4d669434e7d621371bd59ca097dbf.js?conditionId0=4897099
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Thu, 07 Oct 2021 17:28:43 GMT
server
nginx
etag
W/"615f2e4b-12bc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
f7703ba75034eab2c1c00bad055fab28.js
nexus.ensighten.com/citi/na_prod/code/ 		9 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/f7703ba75034eab2c1c00bad055fab28.js?conditionId0=4882778&conditionId1=4882777&conditionId2=1107477&conditionId3=1107478&conditionId4=1020470&conditionId5=1020469&conditionId6=1020468&conditionId7=1020467
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f86a1d93a04fa97faf2232a6dfdb05cbc2a6074eeb3812a24a1d2b28c21a9967

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 04:04:14 GMT
server
nginx
etag
W/"5ef17f3e-23e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
30c6491fc05ee3c82df4d1f450bd4d65.js
nexus.ensighten.com/citi/na_prod/code/ 		1 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/30c6491fc05ee3c82df4d1f450bd4d65.js?conditionId0=4863822
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c8a257b72ee6c137e641e3bcb13b96959a89b010589025632d4dd6cd135e306c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 04 Feb 2020 18:16:27 GMT
server
nginx
etag
W/"5e39b4fb-537"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
557566dc60916e3de69e006bef252459.js
nexus.ensighten.com/citi/na_prod/code/ 		2 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 27 Aug 2019 16:59:12 GMT
server
nginx
etag
W/"5d656160-887"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
d74f82b561a6aa5d9247eaf72394131a.js
nexus.ensighten.com/citi/na_prod/code/ 		2 KB
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/d74f82b561a6aa5d9247eaf72394131a.js?conditionId0=480881
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:36:41 GMT
server
nginx
etag
W/"61a66129-631"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
01af778b9dd93145b3e1400485968163.js
nexus.ensighten.com/citi/na_prod/code/ 		458 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/01af778b9dd93145b3e1400485968163.js?conditionId0=4865244
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dc1904a557b3b1f7d001adb461950fa564369fd7f0929e270a44c784f8ce7816

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
last-modified
Tue, 22 Oct 2019 16:59:12 GMT
server
nginx
etag
"5daf3560-1ca"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
458
8d41b91aa6f7e01455b63508cbd3590e.js
nexus.ensighten.com/citi/na_prod/code/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/8d41b91aa6f7e01455b63508cbd3590e.js?conditionId0=4841049&conditionId1=4841043&conditionId2=4841044&conditionId3=4841046
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c354ae36ab00d6e42499bd1773e35fc24b11ec9586645429e34468366f6d5321

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:41:32 GMT
server
nginx
etag
W/"6193ed4c-254a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
e00070ccd7bf17997a5f7fd37457b46c.js
nexus.ensighten.com/citi/na_prod/code/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/e00070ccd7bf17997a5f7fd37457b46c.js?conditionId0=455826
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2b177050fc3aa6e0fa884c2b4b2092052ea438f508e35d3c195411e97167486b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:41:32 GMT
server
nginx
etag
W/"6193ed4c-1ee6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
c942fa5b036f63cf515027e22894e5aa.js
nexus.ensighten.com/citi/na_prod/code/ 		156 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/c942fa5b036f63cf515027e22894e5aa.js?conditionId0=421908
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1a52e20a2d1a14c0f487d961757fe56caa17d172a64820c54950eba91c50933a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:36:41 GMT
server
nginx
etag
W/"61a66129-26e38"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
51aba9f62787efbaa13e53a8d1ae3892.js
nexus.ensighten.com/citi/na_prod/code/ 		1 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 17:19:01 GMT
server
nginx
etag
W/"612e6485-52a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
468b3e37a21c4198f4939c8aaca98066.js
nexus.ensighten.com/citi/na_prod/code/ 		1 KB
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/468b3e37a21c4198f4939c8aaca98066.js?conditionId0=4854834
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Thu, 07 Oct 2021 17:28:43 GMT
server
nginx
etag
W/"615f2e4b-5c5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
15eac799b2af1fdddaf2cc2761208a51.js
nexus.ensighten.com/citi/na_prod/code/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/15eac799b2af1fdddaf2cc2761208a51.js?conditionId0=482202&conditionId1=4916548
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e41be68908f5ae00533b712a57e654dfd10db8ba83379d83f1d59e6835ed1e13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 18:06:26 GMT
server
nginx
etag
W/"61b8dd22-328d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
d139e7d35fc18934e03ae7d1eb3769bf.js
nexus.ensighten.com/citi/na_prod/code/ 		119 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/d139e7d35fc18934e03ae7d1eb3769bf.js?conditionId0=486757
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e7ef42c5bbd7f8d71f7c0a6b1d7de5aab5ef30619267afd49f0f2d27998cdc93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:36:41 GMT
server
nginx
etag
W/"61a66129-1da35"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
3d21eb2c2fe638b9ff501ec1e1760321.js
nexus.ensighten.com/citi/na_prod/code/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/3d21eb2c2fe638b9ff501ec1e1760321.js?conditionId0=406476
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c5ed698ab63ea66ac02c6afceb41c5a6c9097e306cbe623d1be498d11acff8e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 17:19:01 GMT
server
nginx
etag
W/"612e6485-130b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
54c51299d0fb90aca7dafc702c72f8da.js
nexus.ensighten.com/citi/na_prod/code/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/54c51299d0fb90aca7dafc702c72f8da.js?conditionId0=4876315&conditionId1=4876313&conditionId2=4876316&conditionId3=4903730
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6de6c3d812f1ed438f45696d8ced6a62a426eb631fe08445323b80519c7dd9c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:41:32 GMT
server
nginx
etag
W/"6193ed4c-35c6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
98bee068f68171950fb97a251d5f5b81.js
nexus.ensighten.com/citi/na_prod/code/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/98bee068f68171950fb97a251d5f5b81.js?conditionId0=467299
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6245952a84f047f47eabe2d7cc6ba2d90207b5396d594c07ef9ec58a10736740

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:36:41 GMT
server
nginx
etag
W/"61a66129-57c5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
212ceff1143d15f557ed066c32ca7d78.js
nexus.ensighten.com/citi/na_prod/code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/212ceff1143d15f557ed066c32ca7d78.js?conditionId0=4876314
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f4ff42ce6048352b9da69b9328e996ce98fd32c5652cf1f4fb9fa49105cca7c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:41:32 GMT
server
nginx
etag
W/"6193ed4c-cda"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
6fc077db0ae024d5d8280fa9a26d5d30.js
nexus.ensighten.com/citi/na_prod/code/ 		26 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/6fc077db0ae024d5d8280fa9a26d5d30.js?conditionId0=1407237&conditionId1=1407236&conditionId2=1407332&conditionId3=1407239&conditionId4=1407329&conditionId5=1407235&conditionId6=1407234&conditionId7=1407330&conditionId8=1407327&conditionId9=1406895&conditionId10=1407320&conditionId11=1407032
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a2d1f46d2a49f69c7dd34106c384366b5aff8e89c317ce3823c11c1035c16eae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:41:32 GMT
server
nginx
etag
W/"6193ed4c-66ab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
8c08f268ec7af97405839d0208de3aab.js
nexus.ensighten.com/citi/na_prod/code/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/8c08f268ec7af97405839d0208de3aab.js?conditionId0=458636
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7a1552dff502b840a123f9a26ee7809d15494c80a98fc70c977e204f107293d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:41:32 GMT
server
nginx
etag
W/"6193ed4c-2ec0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
96e0eb995483e83e7b3f71968eedeed1.js
nexus.ensighten.com/citi/na_prod/code/ 		396 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/96e0eb995483e83e7b3f71968eedeed1.js?conditionId0=3013337
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 19:45:13 GMT
server
nginx
etag
W/"61940a49-63067"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
bbe74042d2c18c356e57531f9f2dfac9.js
nexus.ensighten.com/citi/na_prod/code/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/bbe74042d2c18c356e57531f9f2dfac9.js?conditionId0=454787
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7a8a62a3886ead9e2e63671ff2c95ef598f5e0e2199c7f71194a753754620057

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 17:19:01 GMT
server
nginx
etag
W/"612e6485-168b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
b5e5b27d99b7c6493b31bb7b0ef3f231.js
nexus.ensighten.com/citi/na_prod/code/ 		82 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/b5e5b27d99b7c6493b31bb7b0ef3f231.js?conditionId0=486724&conditionId1=486679&conditionId2=486678&conditionId3=486677&conditionId4=486612&conditionId5=486622&conditionId6=486621&conditionId7=486620&conditionId8=486682&conditionId9=486681&conditionId10=486680&conditionId11=486695&conditionId12=486694&conditionId13=486628&conditionId14=486691&conditionId15=486627&conditionId16=486626&conditionId17=486690&conditionId18=486624&conditionId19=486703&conditionId20=486701&conditionId21=486700&conditionId22=486699&conditionId23=486697&conditionId24=486696&conditionId25=487799&conditionId26=4845560&conditionId27=487797&conditionId28=486707&conditionId29=486706&conditionId30=486705&conditionId31=486704&conditionId32=486719&conditionId33=486717&conditionId34=487803&conditionId35=4845556&conditionId36=487800&conditionId37=4845558&conditionId38=486712
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c2ce52116fb94155c89526ed1a062148fa7eab7483311bc2d89368638941d16e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:41:32 GMT
server
nginx
etag
W/"6193ed4c-14683"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
3fac67bbed26d3e121bb84cefe395515.js
nexus.ensighten.com/citi/na_prod/code/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/code/3fac67bbed26d3e121bb84cefe395515.js?conditionId0=455897
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 18:06:26 GMT
server
nginx
etag
W/"61b8dd22-fe5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
dest5.html
citi.demdex.net/ Frame C8A4 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citi.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.105.123 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Wed, 19 Jan 2022 22:20:14 GMT
DCS
dcs-prod-irl1-2-v027-09221f2e5.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 19 Jan 2022 14:02:08 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
+UNJYso4Tao=
transfer-encoding
chunked
Connection
keep-alive
id
metrics1.citi.com/ 		89 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&mid=89567191599750494883882168056590837289&ts=1642630814549
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 -, , ASN (),
Reverse DNS
Software
jag /
Resource Hash
d453d9c3f2998788fa4174b5d0c2d4d130b24eccd555af5f78e13e2088cf0767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citicards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-dghtt
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.citicards.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YeiOngAAAGdZXQQA
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=84980667132467775234342492031490006922
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeiOngAAAGdZXQQA
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeiOngAAAGdZXQQA
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
HTTP/1.1
Server
52.208.47.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-47-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v027-0da9e18e5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YHonuVOQSak=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeiOngAAAGdZXQQA
Date
Wed, 19 Jan 2022 22:20:14 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/98bee068f68171950fb97a251d5f5b81.js?conditionId0=467299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9c00:1:76cf:fe80:93a1 -, , ASN (),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:51:01 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 21:50:51 GMT
server
Jetty(9.3.29.v20201019)
age
1753
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA53-C1
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
9fJ7dmVXgXHU9Y6UQPgzUM9JHyJ2axeDSIuhwM1Xc6fPe3C3zzT-8Q==
expires
Wed, 19 Jan 2022 22:51:01 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6268858
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2166235de561c64e92f864fdb92ecbc2dbd26d772d8fb990823564771133a1da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36240
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 22:20:14 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6260004
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c71e4ea2e3b232eba01ad8f7f4dc749db29d8943068c0c18e4c9a9cebcc66f05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36237
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 22:20:14 GMT
tagging_transformation.json
online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/tagging_transformation.json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.238.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Content-Security-Policy frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
appversion,client_id
Origin
https://www.citicards.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
GET,POST,PUT,DELETE
access-control-allow-headers
Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,sessionID,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,AMWResponse,action,challengeType,TMXSessionId,tenantName,TMXDigitalApplicationType,accessToken,familyIndicator,Otpid,deviceId,subscriberId,CitiProfOnly,digitalApplicationType,environmentId,BioCatchSessionId,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,tenantId,appid,X-Akamai-CITISITE,Dclocation,Uuid,appVersion,devicemodelname,kore-token,x-ts-client-version,stateToken
access-control-expose-headers
Accept,Accept-Language,Authorization,businessCode,client_id,content-type,countryCode,uuid,x-ibm-client-id,eventid,sessionID,bizToken,citiuuid,applicationId,channelId,Scope,blackBox,devicePrint,deviceTokenCookie,AMWResponse,action,challengeType,TMXSessionId,tenantName,TMXDigitalApplicationType,accessToken,familyIndicator,Otpid,deviceId,subscriberId,CitiProfOnly,digitalApplicationType,environmentId,BioCatchSessionId,X-Migration-Target,x-soz9htcz-a,x-soz9htcz-b,x-soz9htcz-c,x-soz9htcz-d,x-soz9htcz-e,x-soz9htcz-f,x-soz9htcz-z,x-soz9htcz-uniquestatekey,tenantId,appid,X-Akamai-CITISITE,Dclocation,Uuid,appVersion,devicemodelname,kore-token,x-ts-client-version,stateToken
access-control-allow-credentials
true
content-encoding
gzip
content-length
0
vary
Accept-Encoding
cache-control
max-age=21600
date
Wed, 19 Jan 2022 22:20:15 GMT
access-control-allow-origin
https://www.citicards.com
x-webkit-csp
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy
frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
tagging_transformation.json
online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/ 		0
0
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/c942fa5b036f63cf515027e22894e5aa.js?conditionId0=421908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.228.137 -, , ASN (),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 May 2021 19:14:21 GMT
Server
nginx/1.15.8
ETag
W/"60a8068d-cbc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Wed, 19 Jan 2022 22:20:14 GMT
Connection
keep-alive
Content-Length
16078
Expires
Wed, 26 Jan 2022 22:20:14 GMT
id
dpm.demdex.net/ 		363 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=89567191599750494883882168056590837289&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%0130F4474F1A529A37-6000135F1FECD69D&ts=1642630814666
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.47.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-47-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
34a85e429091ae881787eb5396f65301084cb96bf75173d0dcc014caae6bd0a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.citicards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v027-09179a57f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
vKyaRdWySzk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.citicards.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 UTC
json
citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ 		537 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/json
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.165.255 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7c2a4b7c27e4c19bf29d651b7125d11b4156b698a851e182c9d7aa2b6cc8675

Request headers

Referer
https://www.citicards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 22:20:15 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.citicards.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
ebbd28a960574359bf1ddfc56c4f2b02
json
citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ 		537 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/json
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/credit/application/flow.action?ID=ApplicationStatus&langId=EN&applicationID=220119648233011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.165.255 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7c2a4b7c27e4c19bf29d651b7125d11b4156b698a851e182c9d7aa2b6cc8675

Request headers

Referer
https://www.citicards.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 22:20:15 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.citicards.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
f73b206fd31b49d49e39b2ca626ea083
ca.html
20766699p.rfihub.com/ Frame 7744 		337 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://20766699p.rfihub.com/ca.html?ver=9&ra=280&rb=648&ca=20766699&_o=17169175&_t=checkapplicationstatus&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=checkapplicationstatus&pe=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&pf=https%3A%2F%2Ffm.info6.citi.com%2F&ra=25375260485424156
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
ab7c22095a7b4e8a2f4aab65814b3a2ddc1ebdcfc7f08e2295dd453dc651db64

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/

Response headers

Date
Wed, 19 Jan 2022 22:20:14 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
must-revalidate,no-cache,no-store
Content-Type
text/html;charset=iso-8859-1
Content-Length
337
Server
Jetty(9.3.29.v20201019)
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6260004&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6268858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af0e0b2199b7899b32b510c44210ce6c00d2295921c5a04e5b3003c05b095225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36242
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 22:20:14 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6269322&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6268858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ed32ea017735d24c0f824599e4601ea6421fe4b153cf5c2bb069b02d95b9391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36245
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 22:20:14 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6256710&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6268858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
305b0eaee6ee81e4962614bd70b4137133cfada2f3d697090d75abdb620430bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36267
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 22:20:14 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6415812&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6268858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd9eaf8e54baf1b8ed06e0a985a1a65cecd2878fff5e207581b74eb966ba02cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36240
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 22:20:14 GMT
Interstate-ExtraLight.otf
www.citicards.com/cards/wv/welcome/css/fonts/interstate/ 		25 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.citicards.com/cards/wv/welcome/css/fonts/interstate/Interstate-ExtraLight.otf
Requested by
Host: www.citicards.com
URL: https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.237.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9df60fb9744a6ccb9d6293a757171fe61e72daf364a7e3001f6430c69c5af89c

Request headers

Referer
https://www.citicards.com/cards/wv/welcome/css/newWelcome.min.css
Origin
https://www.citicards.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 22:20:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Sep 2016 17:21:13 GMT
X-Akamai-CITISITE
GTDC
Vary
Accept-Encoding
Content-Type
text/plain
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16664
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ce1ab6d7d544d02fdbfd070df6d6290a630944648f78629bccf6b7c426254ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
IdOZgvi3jqk.08uCgbQo3.QBW2M.OAZG
content-encoding
gzip
etag
"f18dcd577f0deae68783ef9243454a0c"
age
74047
via
1.1 varnish
x-cache
HIT
content-length
676
x-amz-id-2
kwH5FcSnqX+IW9Q1k/VcFIpZgfl9NvNEdy/m/08OSfFovYoildwe4Co+yiwvV+aYEStcvurcwMk=
x-served-by
cache-hhn4057-HHN
last-modified
Wed, 19 Jan 2022 01:45:56 GMT
server
AmazonS3
x-timer
S1642630815.143194,VS0,VE1
date
Wed, 19 Jan 2022 22:20:15 GMT
vary
Accept-Encoding
x-amz-request-id
TTJNNRJDN77AP006
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
ca.html
p.rfihub.com/ Frame 616D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://p.rfihub.com/ca.html?ver=9&ra=536&rb=648&ca=&_o=17169175&_t=&pe=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&pf=https%3A%2F%2Ffm.info6.citi.com%2F&ra=308860647303574
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/

Response headers

Date
Wed, 19 Jan 2022 22:20:15 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache
Content-Type
text/html;charset=utf-8
Content-Length
118
Server
Jetty(9.3.29.v20201019)
1560.js
cdn.pbbl.co/r/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pbbl.co/r/1560.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.69 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-916451471
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0dfabe5f06a20f12215d1a3ef55ce4736b048dd70b56209c8ee5b0aefdc7ca78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39730
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 22:20:15 GMT
425466.html
sr.rlcdn.com/ Frame 9364 		0
0
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:14 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E4E5C04CA62C4901A22F12CF49F6F3F9 Ref B: FRAEDGE1320 Ref C: 2022-01-19T22:20:15Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
dpm_pixel_min.js
c.tvpixel.com/js/current/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&comscore=true
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/na_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5e00:1d:bf0a:0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 18:14:59 GMT
server
AmazonS3
age
13232
etag
W/"08e770c8a17bf087d50cec01af0892c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
date
Wed, 19 Jan 2022 18:39:44 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
aCCW3z7jv5Gxnfh6xtRxVRMoh9bn5_Q2Y29xCHGtLqQ5SQUG5r1CCw==
/
d.agkn.com/pixel/9340/ 		43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/9340/?che=644348989.187693&abid=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.111.84 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 22:20:14 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
cls_report
prod.report.nacustomerexperience.citi.com/glassbox/reporting/ 		0
0
63068
stags.bluekai.com/site/ Frame DEFD 		0
0
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-916451471&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6268858
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 22:20:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39745
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 21:00:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 22:20:15 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
generic1642556755234.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ 		529 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
Requested by
Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.citicards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
rSjn3UrYpUyqzJwJI83SrWd_Yi2yQGv5
content-encoding
gzip
etag
"23e4d609fe08b7a8c3e4f1da77c7f96c"
age
74046
via
1.1 varnish
x-cache
HIT
content-length
89391
x-amz-id-2
vAOcHgs4LckHFmvPZmxnEoJ66pI6b8rmQvGftoq/9c1w08Eps2OzzdecmTcaPEZvbKOjShVarCw=
x-served-by
cache-hhn4057-HHN
last-modified
Wed, 19 Jan 2022 01:45:56 GMT
server
AmazonS3
x-timer
S1642630815.176715,VS0,VE1
date
Wed, 19 Jan 2022 22:20:15 GMT
vary
Accept-Encoding
x-amz-request-id
B2W0DTEWDJ52YBAX
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 		0
0
tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ 		0
0
p
sb.scorecardresearch.com/ 		0
0
16003743.js
bat.bing.com/p/action/ 		0
0
0
bat.bing.com/action/ 		0
0
0
bat.bing.com/action/ 		0
0
16001692.js
bat.bing.com/p/action/ 		0
0
0
bat.bing.com/action/ 		0
0
0
bat.bing.com/action/ 		0
0
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
online.citi.com
URL
https://online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/tagging_transformation.json
Domain
sr.rlcdn.com
URL
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Domain
prod.report.nacustomerexperience.citi.com
URL
https://prod.report.nacustomerexperience.citi.com/glassbox/reporting/cls_report?_cls_s=c2df3623-2562-4f4d-b6f9-1e08ff6b5df1%3A0&_cls_v=2036156a-ca0c-4d85-af5a-392139e53f0b&pv=2&f_cls_s=true
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/63068?ret=html&phint=language%3Den_US&phint=product&phint=event%3D&phint=category%3Dpre-login%20self-service&phint=page%3DCheck%20Application%20Status&phint=section1%3Dcards&phint=section2%3Dacq&phint=section3%3Dapplication&phint=section4%3DNewWelcome&phint=bankappstatus&phint=productID&phint=__bk_t%3DCheck%20Your%20Application%20Status&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ffm.info6.citi.com%2F&phint=__bk_l%3Dhttps%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&phint=__bk_v%3D3.1.10&limit=10&r=7811781
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion_async.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=AW-960621875&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=AW-644574043&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=AW-975701947&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=AW-830907969&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=AW-695231162&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=AW-819500023&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=AW-959299794&l=dataLayer&cx=c
Domain
p.tvpixel.com
URL
https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Domain
p.tvpixel.com
URL
https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Domain
sb.scorecardresearch.com
URL
https://sb.scorecardresearch.com/p?c1=2&c2=34402982&ns_type=hidden&ns_event=page_view&c6=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&c7=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&c8=Check%20Your%20Application%20Status&c9=https%3A%2F%2Ffm.info6.citi.com%2F&rn=1642630815175
Domain
bat.bing.com
URL
https://bat.bing.com/p/action/16003743.js
Domain
bat.bing.com
URL
https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=a8fd7b3f-d0f3-4e43-a846-39b3cc65752f&sid=f9e0b8a0797511ecb06707e6ef87b865&vid=f9e0e3f0797511ec848ff1855b174a29&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Check%20Your%20Application%20Status&p=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&r=https%3A%2F%2Ffm.info6.citi.com%2F&lt=2172&evt=pageLoad&msclkid=N&sv=1&rn=185400
Domain
bat.bing.com
URL
https://bat.bing.com/action/0?ti=16003743&Ver=2&mid=a8fd7b3f-d0f3-4e43-a846-39b3cc65752f&sid=f9e0b8a0797511ecb06707e6ef87b865&vid=f9e0e3f0797511ec848ff1855b174a29&vids=0&ec=jJRSACQ_AppStatusAppIDZipNW&ea=Application&evt=custom&msclkid=N&rn=594114
Domain
bat.bing.com
URL
https://bat.bing.com/p/action/16001692.js
Domain
bat.bing.com
URL
https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=270b01c5-d04c-4ae9-be26-65f495462d19&sid=f9e0b8a0797511ecb06707e6ef87b865&vid=f9e0e3f0797511ec848ff1855b174a29&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Check%20Your%20Application%20Status&p=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&r=https%3A%2F%2Ffm.info6.citi.com%2F&lt=2172&evt=pageLoad&msclkid=N&sv=1&rn=110853
Domain
bat.bing.com
URL
https://bat.bing.com/action/0?ti=16001692&Ver=2&mid=270b01c5-d04c-4ae9-be26-65f495462d19&sid=f9e0b8a0797511ecb06707e6ef87b865&vid=f9e0e3f0797511ec848ff1855b174a29&vids=0&ec=jJRSACQ_AppStatusAppIDZipNW&ea=Application&evt=custom&msclkid=N&rn=140639
Domain
nebula-cdn.kampyle.com
URL
https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| isResponsive string| siteId string| pageDef string| screen_id string| app_id string| sc object| ieHtml5Els function| $ function| jQuery function| $jq function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| domainName string| JFP_CSRF_TOKEN_AO object| OBJ_JFP_CSRF_TOKEN boolean| isCSRFAutomationEnabled function| isValidDomain function| isValidUrl function| GG4RldqLuje2 function| addExtraField function| FLrCfwvzdcb6H function| qYxWichdCOp5C string| pID string| cmrCheck string| appleBusChatEligible string| eligiblityFlag string| retailSc string| retailOfferType string| expediaEmailCheck string| expediaCustomerCheck string| TARGET_ID string| pendResBureauEnable string| blockedBureauverify string| consTotalPurchAprDownsell string| totalPurchAPRDownsell string| consTotalDownsellAprCount string| totalDownsellAprCount string| consTotalPurchApr string| totalPurchAPR string| addressVerify string| RTBFlag string| prodId string| prspectId string| appId string| businessTypCd string| prodType string| appType number| randomddvar string| BankDigi boolean| fundVerifReq string| securePh2Fallback string| po string| isAvoka string| googleAPIKey string| isPrefillAddressRequired string| isAddressRequired string| isAddressRequiredAuth boolean| isECMLogin boolean| benefitsErrorFlag boolean| isEmailRequired string| creditBureauType string| acsEmailFlag string| resEmailFlag object| citiData object| eventGroup string| eventList function| _trackAnalytics object| _dl object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| adobe_visitor boolean| fallBackZip object| acqTagging string| appStatus object| validationOptions function| targetPageParams object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| topDM function| impValueCheck function| impValueRadio function| PasswordMeter boolean| maskFlag object| blurring boolean| iOS string| titleAttr function| initNavMenu function| formValidation function| editForm function| cancelForm function| showForm function| saveProgress function| hideForm function| toggleAllMenus function| menuTopClick function| menuTopKeyPress function| menuChildKeyPress function| expandMenu function| collapseMenu object| jQuery19108500353477662677 object| respond function| ZeroClipboard boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR function| Picker string| LcCXaxl0aSKYB1228 string| NgQnhX1AyqWGBuA3f string| u471YwKXrdbh6HJHenH object| DD function| _rfi object| dataLayer function| gtag undefined| copyNextSource object| configs object| taggingDataLayer function| AppMeasurement_Module_ActivityMap function| AppMeasurement number| s_objectID number| s_giq string| rsidAry object| s_tms function| bk_async object| val object| _cls_config object| _detector number| currEventSetId number| pendingEventCount object| pendingEventSets object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls object| google_tag_manager object| google_tag_data

24 Cookies

Domain/Path Name / Value
fm.info6.citi.com/ Name: BIGipServercnv_ats_ssl_pool
Value: 1128732682.47873.0000
l.info6.citi.com/ Name: ASP.NET_SessionId
Value: gfgmafqazhh0v2aaqm1pherk
l.info6.citi.com/ Name: BIGipServercnv_ats_ssl_pool
Value: 1095178250.47873.0000
.citi.com/ Name: xyz_cr_617_et_100
Value: cr=617&wegc=&et=100&ap=&we=1
www.citicards.com/ Name: ADRUM_BTa
Value: R:26|g:311d835d-5513-4075-808d-dc4f1cb8ea43|n:customer1_dcc566ed-e7b9-4e3e-8ca6-d24104939fe4
www.citicards.com/ Name: SameSite
Value: None
www.citicards.com/ Name: JSESSIONID
Value: 0000g0L7xK9TqSC53y6jFcKvk5j:1923acq5
www.citicards.com/ Name: ADRUM_BT1
Value: R:26|i:6421|e:643|d:57
.citicards.com/ Name: ak_bmsc
Value: B1DA0E802AC2FB6EBA9F6BC7430ABEA9~000000000000000000000000000000~YAAQJrUQApOCqXJ+AQAArhhtdA60vfVnQWMyh0YIZpize39ZRBW/VjMt6jaIrj8zuFX8L/6914icxF/rn36/Pi8cwZ/HfSxMxBMD2BH9MB9mxGx1qU3K2Y4F9Marng7IK0BZuJBYb19VqoGgfVBlfzZi57KdPh06kmXHyRz8leZ2EF6oitovSSb0jr5hR2iQXmwc74+VrV0Px2zhpY2PYhwl6CRRfYIYqztzcbh5C4L+hOfjW7k07cOjRz8ztTluftM6iFAcVk/LMz5ZcccqJe3FBKFidWX8ab2mFlCHNiwoeRJKcAyaB84iRZc7fcGZvm/jwScHXgFED46S4+elKcdiNNFxyf+FJ3tiy8sNGjqkBqUBMtg1eKZ/6jLP1pU0eZJ102Q=
.citicards.com/ Name: check
Value: true
.citicards.com/ Name: mbox
Value: session#35c0dcfe4911428ca2849764ab798873#1642632675
.demdex.net/ Name: demdex
Value: 84980667132467775234342492031490006922
.citicards.com/ Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg
Value: 1
.citi.com/ Name: s_vi
Value: [CS]v1|30F4474F1A529A37-6000135F1FECD69D[CE]
.citi.com/ Name: s_ecid
Value: MCMID%7C89567191599750494883882168056590837289
www.citicards.com/ Name: 7830
Value: error
www.citicards.com/ Name: 7018
Value:
www.citicards.com/ Name: 64072
Value:
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YeiOngAAAGdZXQQA
.citicards.com/ Name: _cls_v
Value: 2036156a-ca0c-4d85-af5a-392139e53f0b
.citicards.com/ Name: _cls_s
Value: c2df3623-2562-4f4d-b6f9-1e08ff6b5df1:0
.dpm.demdex.net/ Name: dpm
Value: 84980667132467775234342492031490006922
.citicards.com/ Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg
Value: -330454231%7CMCIDTS%7C19012%7CMCMID%7C89567191599750494883882168056590837289%7CMCAAMLH-1643235614%7C6%7CMCAAMB-1643235614%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1642638014s%7CNONE%7CMCAID%7C30F4474F1A529A37-6000135F1FECD69D%7CMCSYNCSOP%7C411-19019%7CvVersion%7C3.1.2
.citicards.com/ Name: _gcl_au
Value: 1.1.1599998836.1642630815

4 Console Messages

Source Level URL
Text
network error URL: https://20766699p.rfihub.com/ca.html?ver=9&ra=280&rb=648&ca=20766699&_o=17169175&_t=checkapplicationstatus&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=checkapplicationstatus&pe=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DApplicationStatus%26langId%3DEN%26applicationID%3D220119648233011&pf=https%3A%2F%2Ffm.info6.citi.com%2F&ra=25375260485424156
Message:
Failed to load resource: the server responded with a status of 500 (Task java.util.concurrent.FutureTask@5bc2471c rejected from java.util.concurrent.ThreadPoolExecutor@7c045627[Running, pool size = 32, active threads = 32, queued tasks = 0, completed tasks = 0])
network error URL: https://www.citicards.com/cards/wv/welcome/css/fonts/interstate/Interstate-ExtraLight.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cdn.pbbl.co/r/1560.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20766699p.rfihub.com
ajax.googleapis.com
bat.bing.com
c.tvpixel.com
c1.rfihub.net
cdn.pbbl.co
citi.demdex.net
citicorpcreditservic.tt.omtrdc.net
cm.everesttech.net
d.agkn.com
dpm.demdex.net
fm.info6.citi.com
l.info6.citi.com
metrics1.citi.com
nebula-cdn.kampyle.com
nexus.ensighten.com
online.citi.com
p.rfihub.com
p.tvpixel.com
prod.report.nacustomerexperience.citi.com
resources.digital-cloud-citi.medallia.com
sb.scorecardresearch.com
sr.rlcdn.com
stags.bluekai.com
sts.eccmp.com
tags.bkrtx.com
www.citicards.com
www.googleadservices.com
www.googletagmanager.com
bat.bing.com
nebula-cdn.kampyle.com
online.citi.com
p.tvpixel.com
prod.report.nacustomerexperience.citi.com
sb.scorecardresearch.com
sr.rlcdn.com
stags.bluekai.com
www.googleadservices.com
www.googletagmanager.com
104.111.228.137
104.111.238.178
15.236.176.210
151.101.130.133
173.213.4.17
18.195.42.228
193.0.160.129
23.45.237.67
2600:9000:214f:5e00:1d:bf0a:0:93a1
2600:9000:214f:9c00:1:76cf:fe80:93a1
2620:1ec:c11::200
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
3.122.111.84
34.241.165.255
52.17.105.123
52.208.47.212
54.154.165.122
63.148.46.76
65.9.58.69
0dfabe5f06a20f12215d1a3ef55ce4736b048dd70b56209c8ee5b0aefdc7ca78
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206
1999b7b60b033c6cd9ae7f9b2bcd4b2eeaf46e7d5213059e8e64cbefec6583df
1a52e20a2d1a14c0f487d961757fe56caa17d172a64820c54950eba91c50933a
2166235de561c64e92f864fdb92ecbc2dbd26d772d8fb990823564771133a1da
22ad331165b712e3d879b32dcf10ce25a5b65bf6860eb7a5c3cf0b7d35e0ad7d
25d2190b144b4e413b662df7d8a0f0bc087fbdc9bb66d1a1f69fc027a8d4c7ad
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
2b177050fc3aa6e0fa884c2b4b2092052ea438f508e35d3c195411e97167486b
2cd8c98a7ba7914c78ad67f963d95201ca25a3b3e925b82eb5e298169c63a1c3
305b0eaee6ee81e4962614bd70b4137133cfada2f3d697090d75abdb620430bf
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
34a85e429091ae881787eb5396f65301084cb96bf75173d0dcc014caae6bd0a4
39bbb6cccc290f90865a106530370b9817faae88214290e9b8fdef20ed4ae412
44869454f080ce369ca2515da2f5111b233004f7ac52013c4a5a161d78d349e2
44a3749d700b0ff8736b0992dcc8aeeb2b8c99dfc04d3b202945c61512ca6504
46fef6da13b6cce514054e81bc763437741225fb7c2afecea58b94e929c02bf0
4e5fd33e37a641fabc8c494c1748c85c15692d6aa0b46b1b968ace1f8f297813
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
5ed32ea017735d24c0f824599e4601ea6421fe4b153cf5c2bb069b02d95b9391
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
6245952a84f047f47eabe2d7cc6ba2d90207b5396d594c07ef9ec58a10736740
6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17
6de6c3d812f1ed438f45696d8ced6a62a426eb631fe08445323b80519c7dd9c6
6e8aa099376459830d295cba8264ffadb98343db5539af204925bf6932a0ed45
7070e3105dfe63391f3b82e5129a325fc470fae24850e8d93bc464d72d2f18f6
735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3
76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b
7a1552dff502b840a123f9a26ee7809d15494c80a98fc70c977e204f107293d2
7a8a62a3886ead9e2e63671ff2c95ef598f5e0e2199c7f71194a753754620057
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ce1ab6d7d544d02fdbfd070df6d6290a630944648f78629bccf6b7c426254ff
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
81a91a3eba73606202b154382131ce76d4b36d14edbe459ff5d477acb9e9b625
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
88ff40e8c631cea3789a0fe72a9268a218e12e05e2ce4fabeeae3c7de42c3928
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9c6d485ae01a594ef22b3c44e1eca5314259061faacdcdfc51569aba58a4fc2b
9df60fb9744a6ccb9d6293a757171fe61e72daf364a7e3001f6430c69c5af89c
a2d1f46d2a49f69c7dd34106c384366b5aff8e89c317ce3823c11c1035c16eae
a3ea0132cb5e6f30bc1e74ddf7d499673476cfcd4f67ce7a89d14dce60ba6712
ab7c22095a7b4e8a2f4aab65814b3a2ddc1ebdcfc7f08e2295dd453dc651db64
af0e0b2199b7899b32b510c44210ce6c00d2295921c5a04e5b3003c05b095225
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6cec40f4f675bc2a085c8d6a2d09bb5eef3f696ea2ff3e72a2fd4a2b14de18f
bd9eaf8e54baf1b8ed06e0a985a1a65cecd2878fff5e207581b74eb966ba02cc
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c2ce52116fb94155c89526ed1a062148fa7eab7483311bc2d89368638941d16e
c354ae36ab00d6e42499bd1773e35fc24b11ec9586645429e34468366f6d5321
c5ed698ab63ea66ac02c6afceb41c5a6c9097e306cbe623d1be498d11acff8e2
c71e4ea2e3b232eba01ad8f7f4dc749db29d8943068c0c18e4c9a9cebcc66f05
c7c2a4b7c27e4c19bf29d651b7125d11b4156b698a851e182c9d7aa2b6cc8675
c8a257b72ee6c137e641e3bcb13b96959a89b010589025632d4dd6cd135e306c
cba290cc02b5f6de745dbc78f1ed287808804ce3d763418857153a61506be79b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d453d9c3f2998788fa4174b5d0c2d4d130b24eccd555af5f78e13e2088cf0767
d5160ce3002efe6aaaa756e3543e2925870e2b91df6d428fd139441fa8ab7aec
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0
dc1904a557b3b1f7d001adb461950fa564369fd7f0929e270a44c784f8ce7816
dd866415f5b82a72a060b91d03a907632ec1d539253a885c64d3db6ec9c103e9
e41be68908f5ae00533b712a57e654dfd10db8ba83379d83f1d59e6835ed1e13
e706cb21512dfb08845f4bcd6890d200878c00e4e753fa6cc668c89bd93cf84d
e7ef42c5bbd7f8d71f7c0a6b1d7de5aab5ef30619267afd49f0f2d27998cdc93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ff42ce6048352b9da69b9328e996ce98fd32c5652cf1f4fb9fa49105cca7c9
f86a1d93a04fa97faf2232a6dfdb05cbc2a6074eeb3812a24a1d2b28c21a9967
fa2d499915cc9d27d3ed17f446d25a0fe5068ef7623e03f7ff274ca5cc20650b