urlscan.io logo urlscan.io
SecurityTrails logo

ctntalbk.com Open in urlscan Pro
51.91.128.128  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://ctntalbk.com/citi/
Submission: On November 26 via manual from IN — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 41 HTTP transactions. The main IP is 51.91.128.128, located in France and belongs to OVH, FR. The main domain is ctntalbk.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 11th 2021. Valid for: 3 months.
This is the only time ctntalbk.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citibank (Banking)

Domain & IP information

IP Address AS Autonomous System
36 51.91.128.128 16276 (OVH)
1 18.197.253.20 16509 (AMAZON-02)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
41 4
Apex Domain
Subdomains		 Transfer
36 ctntalbk.com
ctntalbk.com
2 MB
5 google.com
www.google.com
cse.google.com
115 KB
1 ensighten.com
nexus.ensighten.com
739 B
41 3
Domain Requested by
36 ctntalbk.com ctntalbk.com
4 www.google.com 1 redirects www.google.com
1 cse.google.com ctntalbk.com
1 nexus.ensighten.com ctntalbk.com
41 4

This site contains no links.

Subject Issuer Validity Valid
ctntalbk.com
cPanel, Inc. Certification Authority		 2021-09-11 -
2021-12-10		 3 months crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ctntalbk.com/citi/
Frame ID: 5B23E7FAC6E73A861E87A024834CC6A3
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Citi Bank - See all business accounts from Citibank® - Citibank

Page Statistics

41
Requests

98 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

2589 kB
Transfer

2830 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu HTTP 301
  • https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ctntalbk.com/citi/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
cfd1d3cfc3fd8323f1e954efaa5533406e210ede8c1d8eeda136f7c569ba4800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
date
Fri, 26 Nov 2021 17:29:07 GMT
server
Apache
CBOLClassic.css
ctntalbk.com/citi/index_files/ 		195 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/CBOLClassic.css
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
6a9f238579b218a4f0a8560bac46774682aec64bc3926708131d73ac382629ec

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:05 GMT
server
Apache
accept-ranges
bytes
content-length
199373
content-type
text/css
JFPNav.js
ctntalbk.com/citi/index_files/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/JFPNav.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
345059a341cdf6fb013751ba01a3810ce3f42697157616174fc75c02fcb49c6b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
21340
content-type
application/javascript
US-Regional.css
ctntalbk.com/citi/index_files/ 		60 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/US-Regional.css
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
a835dcede539c68ef32660c1e48db855cf814627b484398dde236d4686b244e7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
61407
content-type
text/css
jquery-combined.js
ctntalbk.com/citi/index_files/ 		317 KB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/jquery-combined.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
001284ad03fb7f9cf411e5f477b6406ef02051087780859ebb7787f000087e13

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
324722
content-type
application/javascript
jfp_002.js
ctntalbk.com/citi/index_files/ 		87 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/jfp_002.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
054e9f20225a4584794776e202ca27abfa73c7d73bf0325b393b1ae360e5f932

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
89038
content-type
application/javascript
cssPref.js
ctntalbk.com/citi/index_files/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/cssPref.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
8824e4738ff9ccec6f5a45884909cdb71e44ee55d1b1d7cf6344d63ebcb32e9c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
1287
content-type
application/javascript
jfp.js
ctntalbk.com/citi/index_files/ 		349 KB
349 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/jfp.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
6a6bd34822bdd2ccbdd66fa8b64cdb44b44b0ce6ab3fbd7f672382460635a847

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:05 GMT
server
Apache
accept-ranges
bytes
content-length
357485
content-type
application/javascript
SitecatCampaigns.js
ctntalbk.com/citi/index_files/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/SitecatCampaigns.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
3365c6707b11af11e075eb8fc391bc5112836047b278191d10ab568a9bf65172

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
4998
content-type
application/javascript
citi_Common.js
ctntalbk.com/citi/index_files/ 		269 KB
269 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/citi_Common.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
4fbfcd1a12f9f47b2e663b202669aa470906c17debc61de1c342afe496fed413

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
275303
content-type
application/javascript
jquery.js
ctntalbk.com/citi/index_files/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/jquery.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
547aa03fed892c64d4ef7897f90c505204fc249496bee4ef7c1ff81b374d33f7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
18255
content-type
application/javascript
branding_main.css
ctntalbk.com/citi/index_files/ 		333 KB
335 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/branding_main.css
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
bf027f7247a836032e2d18817cea470627f784b0f07ccbef787418301ab97db2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
340538
content-type
text/css
Bootstrap.js
ctntalbk.com/citi/index_files/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/Bootstrap.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
defad9d5acb2571c7af092bcdf4ca8afcfb7cd68398c68293b43ca586ac05c32

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
95914
content-type
application/javascript
LOInm_002
ctntalbk.com/citi/index_files/ 		104 B
132 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/LOInm_002
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
ef515391b6dbbf25aa03b354a6370eeb199defe497877abfc45da1fe77c696f9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
104
a_004.js
ctntalbk.com/citi/index_files/ 		314 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/a_004.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
bc21bf7554153f7a11d3de9d9e83be8670fb28d88ee928ea08035c85d0425a7a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
314
content-type
application/javascript
a_007.js
ctntalbk.com/citi/index_files/ 		278 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/a_007.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
b3aa525ae519451bf353f97bb9fbfd81e63d73231afec5f22e8210f5c3eb5927

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
278
content-type
application/javascript
a_002.js
ctntalbk.com/citi/index_files/ 		278 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/a_002.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
55ef85b7d743b8077c3f9efda02a3cee5d8eea50ded570a2ea263bef6fb4df0d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
278
content-type
application/javascript
a_006.js
ctntalbk.com/citi/index_files/ 		278 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/a_006.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
52bfa31c9d40113b332de7307868da6e60cd85f544dcf2ead0b3b7cb4feec55b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
278
content-type
application/javascript
a_005.js
ctntalbk.com/citi/index_files/ 		278 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/a_005.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
f96dff943168f77b7c5beecc73cdbfc9ae8eebfe10591cff023e03b111796356

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:05 GMT
server
Apache
accept-ranges
bytes
content-length
278
content-type
application/javascript
a.js
ctntalbk.com/citi/index_files/ 		278 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/a.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
e529cf6c6f77c227c1fb60e748a9b51e5e9ffa113610f4d40268857e7f1bdf99

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
278
content-type
application/javascript
jsapi
ctntalbk.com/citi/index_files/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/jsapi
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
7b1fb6be707dc406801b1e2dde8ec8ad02ad11d85c6cc3c74c7de8a3797032c8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
26155
defaulten.css
ctntalbk.com/citi/index_files/ 		45 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/defaulten.css
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
9f05ed0042413c63c4332b26a7307be0f5fc30381a4b1d78a704946796ccde29

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
46570
content-type
text/css
default.css
ctntalbk.com/citi/index_files/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/default.css
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
1bdded2ba37d7b3ac61c559fbb3048c22b11d70fffa36142208fe4fdccc95ec3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
14311
content-type
text/css
defaulten.js
ctntalbk.com/citi/index_files/ 		289 KB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/defaulten.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
ad77fb73e1825c9771c2fbd49ad19fcb3d66258c34d1fcdcbe50cbf601d4bc19

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
296240
content-type
application/javascript
LOInm
ctntalbk.com/citi/index_files/ 		104 B
132 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/LOInm
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
547b3a01e8429614c1453e4a3ae0e2474648459524f415752f7774de883bd767

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
104
jfpw.css
ctntalbk.com/citi/index_files/ 		24 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/jfpw.css
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
01eb5ca7c2d4972b9644c31ae2a49e07d44eae62751d69612892bffd8ac032e9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
24790
content-type
text/css
common.js
ctntalbk.com/citi/index_files/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/common.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
e74d75c134268bd736505ca52442d561a0c00a8d95647e92d2259f7cb1762751

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
21749
content-type
application/javascript
ima4.jpg
ctntalbk.com/citi/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntalbk.com/citi/images/ima4.jpg
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
cf6451cff8133a8cc2bfd93a7ce2b869632b5aa3eefffbcc15c4f8ac39b2d0fa

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
34075
content-type
image/jpeg
sign_instnt_access.gif
ctntalbk.com/citi/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntalbk.com/citi/images/sign_instnt_access.gif
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
4fdd50822eef2cd07a01e2116d95cd5991d8830164814a40225b7a53756aaf03

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
16411
content-type
image/gif
ima1.jpg
ctntalbk.com/citi/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntalbk.com/citi/images/ima1.jpg
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
42cbb670adfbf179c01f1042f07b8c21c122768fd075eeca8fef9f4983a806ef

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
35048
content-type
image/jpeg
ima2.jpg
ctntalbk.com/citi/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntalbk.com/citi/images/ima2.jpg
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
fc810df59e9f8810ef5a1e6cf0408662287a559aff3c2178b4820d4913f41fc1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
15129
content-type
image/jpeg
ima3.jpg
ctntalbk.com/citi/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctntalbk.com/citi/images/ima3.jpg
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
a1ba083c4359c3f4725c9fd9fe39ee8ef3a6d829829a4bfbbb9516a6c56767a3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
35023
content-type
image/jpeg
tealeaf.js
ctntalbk.com/citi/index_files/ 		90 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/tealeaf.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
61f2a569a2395547975c0e7b38c08c5843ae93052260611934c72b21f8ee978e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:05 GMT
server
Apache
accept-ranges
bytes
content-length
92556
content-type
application/javascript
linkCapture.js
ctntalbk.com/citi/index_files/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/linkCapture.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
d33c3580a6f74918cb48b98df98c9d7bb24dffe18938325ba9327459dd0ce424

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
1223
content-type
application/javascript
branding_universal_megaMenu.js
ctntalbk.com/citi/index_files/ 		67 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/branding_universal_megaMenu.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
6ad000cfd9512b69f7e6d40bf57196632d29da5d547f6b15055cbcca1e3638e9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
68258
content-type
application/javascript
btAdServe.js
ctntalbk.com/citi/index_files/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctntalbk.com/citi/index_files/btAdServe.js
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.91.128.128 , France, ASN16276 (OVH, FR),
Reverse DNS
grey.obambu.com
Software
Apache /
Resource Hash
4d09cfb5ba7471be2d35405a0510a67a3a6825e1e0337aca7dd94256e6c107d8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/citi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:07 GMT
last-modified
Fri, 26 Nov 2021 01:54:02 GMT
server
Apache
accept-ranges
bytes
content-length
1388
content-type
application/javascript
serverComponent.php
nexus.ensighten.com/citi/na_prod/ 		1 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/na_prod/serverComponent.php?r=936091.8371022571&ClientID=1129&PageID=https%3A%2F%2Fctntalbk.com%2Fciti%2F
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/index_files/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
edc7c6f977342847aa6fa7810bfbd062aa27d78296fa8314a446e0ef83a9e403

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 17:29:08 GMT
cache-control
no-cache, no-store
content-type
text/javascript
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Fri, 26 Nov 2021 17:29:07 GMT
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
  • https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Requested by
Host: ctntalbk.com
URL: https://ctntalbk.com/citi/
Protocol
H2
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
535987a34983fec56b87c053ee86e0a574ab1d460a6bdc8c6af41ed88fa0b49f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Fri, 26 Nov 2021 17:29:08 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3502
x-xss-protection
0
expires
Fri, 26 Nov 2021 17:29:08 GMT

Redirect headers

date
Fri, 26 Nov 2021 17:09:16 GMT
x-content-type-options
nosniff
server
sffe
age
1192
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
expires
Fri, 26 Nov 2021 17:39:16 GMT
cse_element__fr.js
www.google.com/cse/static/element/54e62135847a1703/ 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/cse_element__fr.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b2c4251d3aa97b7a2ea0739feea23948a36f462bb5481cf3296132d6ca15d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 02:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101847
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 24 Nov 2022 02:48:35 GMT
default+fr.css
www.google.com/cse/static/element/54e62135847a1703/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/default+fr.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 17:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 23 Nov 2022 17:04:20 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=009695499870347544712:e3dyicpbrwu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ctntalbk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 16:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 26 Nov 2021 17:46:14 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citibank (Banking)

669 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| isSubappBusy string| warnType string| lockType string| displayType string| displayPhrase string| displayPhrase2 string| LOCK string| WARN string| logOffWhenCancelled string| suppressWarn string| suppressLock boolean| isE2e object| openWins number| openWinsCount string| execFuncName function| addWinToList function| closeOpenWins function| confirmGo function| ConfirmGo function| setSubappBusy function| setSubappBusy2 function| ConfirmGo2 function| submitLinkPostForm function| submitLinkPostForm2 function| encryptE2e function| validateToken function| validateCredential function| validateCredentialOnClient function| validateRequired function| validateRequired2 function| validateMaxLength function| validateInputText function| getCookie function| setCookie function| isEmpty function| isWhitespace function| displayHelp function| OnClickHandler function| NS6OnClickHandler object| _evt function| winMouseDown function| winSize function| popupWinSize function| getClickPos function| showPopup_W_XY function| showPopup_L_XY function| showPopup function| doPopup function| linkParentAndCloseSelf function| trim function| openPrintWin string| navClass undefined| L1 undefined| L2 undefined| L3 undefined| L4 function| hlMenu number| TimerId number| NumExt boolean| bTimerId object| img function| TimeStamp function| clrScrTOwinp function| setScrTO function| TerminateTO function| GetTimeDiff function| getmoretime function| doOnload function| doUnload function| unloadCookie object| xmlhttp object| urlToSubmit undefined| KBAconfirmPhrase function| createAjaxObject function| checkKBA function| processStateChange function| grayOut function| btn_continue function| btn_noThanks function| GBhide object| child_win function| launchPopupForTY undefined| xmlhttpWindow function| udpateTYWindowHandle function| loadCookie function| $ function| jQuery function| DP_jQuery_1637947747874 object| JFPWClass object| JFPAJAXCSRF string| normalDomain object| CJW function| doNothing function| mustOverrideMe object| JFP function| JFPObject object| _subscribe_topics object| _subscribe_handlers function| _subscribe_getDocumentWindow undefined| mixin function| $jq function| loadCSS function| createCookie function| readCookie function| loadPrefCSS function| showPrefCSS boolean| foundFirstErrorTooltip object| firstErrorTooltipId boolean| firstFieldHasCSError object| jQuery172011536609753667126 function| DP_jQuery_1637947747889 string| dtacssPh4FallbackVal function| somOfferSiteCatTracking object| somTrackingObj function| tv function| format2Digits object| qs object| qv undefined| cookie undefined| cs undefined| cv undefined| today undefined| d undefined| prm undefined| s_cook object| mbarpositions string| currentMBPosition object| currentMBOfferNames string| cnfTxt function| stmtWarn function| decypherProfile string| KAcookieName string| KAcookiePath number| KAmsgInterval number| KAfsTimeout string| KAdestURL number| KAnow number| KAtimerId function| KAstart function| KAsend function| bookmark function| createJAMP function| loadContent function| adjustHeader string| unlinkingmortgageInstanceId function| openOverlayForMortgageFunctionality function| closingOverlay function| forwardToUnlinkFromAccSum function| continueUnlinkConfirm function| fireJAXRSUnlinkFromAccSum function| enableIcon function| disableIcon function| clickEvent function| showAll function| collapseAll function| togglePanel undefined| isFlashSupported number| fmnv number| fmav object| n number| noOfItems string| totHyperLink number| tempcounter number| maincounter string| ss function| launchPopupHHonors object| chld_win object| sendMsgChldWin function| launchPopup function| isflashsupported function| fc function| changeParamValueOfUrl function| formatFieldsValue function| handleDefaultOffers function| nextMBPosition function| prevMBPosition function| carouselMBar_itemVisibleInCallbackAfterAnimation function| getOffset function| handleCMSDrivenScrollOption function| resetCarouselButton function| resetCarouselButtons function| isEmptyString function| launchPopupForRDSADATY object| realHref number| debug function| editLocation function| saveLocation function| clearLocation function| checkLocationInfo function| showModalNoBorder function| saveLocationChanged function| regionChanged function| setRPCookie function| stateChanged function| findVariable function| showModal function| GetXmlHttpObject function| setModalHandlers function| setAjaxHandlers function| sendAlert function| editLocationForm function| submitRPSelectStateForm boolean| isHeightOfRegionalPricingReset number| locationErrorHeight function| showError function| getHeightOfRegionalPricingDialogSnapshot function| getLocationErrorHeight function| openModalWindow function| clearLocationForm function| openModalWindowSLP function| showpdf function| submitRPSelectStateFormSLP function| openModalWindowSLPAda function| loadToolTip function| loadToolTipForAcctSummary function| MBarLaunchPage function| populatePreQualParams function| MBarLaunchPageCOR function| fireOfferURL object| dashboard object| alertHTML function| handleAccountLinkCall function| handleRtuAccountCall function| fireJAXRS function| offerService function| processJSONDataForDashboardOffers function| openOverlay function| openOverlayForOfferSeeMore function| openQuotesSnapshotOverlay function| openUnlinkRequestMortagageOverlay function| openUnlinkAccountMortgageOverlay function| openApplicationMortgage function| openViewDetails function| openContinueRequest function| continueUnlink function| openOMRDetails function| openOMRStatusDetails function| checkStatus function| closeIconClick function| link function| showClosedAccountOverlay object| tooltipInitializer function| acctPanelToolTip object| productLevelTooltip function| alertSeeMoreOverlay function| closeAcctAlertOverlay object| htmlTruncator string| checkingCatCode string| savingsCatCode string| investmentCatCode string| loansCatCode string| cardsCatCode string| retirementCatCode number| dashboardTTC number| acctInfoTTC number| adaTTC number| count function| fireOffersJAXRS function| mBarWidget_itemVisibleInCallbackAfterAnimation function| mBarWidget_itemVisibleAfterAnimation function| processJSONDataForMBarOffers function| handleBackScrollOption function| resetWidgetButton function| formOfferDom object| alertToggle function| inc function| showRecentActivityInDialog function| showAccountPanelAppInDialog function| getSelectedCreditCardAccountForTrans function| showMTApp function| getFormattedText function| isNegativeBalance function| unlinkAccount function| linkAccount string| instanceID function| showClosedAccountDialog function| cancelClosedAccnt function| unlinkClosedAccnt string| alertIndex string| alertMessage string| __timerAlert function| showAlertDialog function| showAlertDialogOverlay function| closeOverlay string| TERM_OPTION_FINAL_DATE string| TERM_OPTION_NO_OF_TFRS string| TERM_OPTION_TOTAL_AMT string| TERM_OPTION_UNTIL_CANCELLED string| TERM_OPTION_EXPIRY_DATE string| FREQ_ONE_TIME function| sfBack function| sfAfterCheck function| setFocusOnAmountField function| ConfirmGoLock function| isSRTFieldPresent function| loader function| amountRadioClicked function| dateRadioClicked function| selectAmountInput function| selectAmountOption function| setOthersToBlank function| getSelectedIndex function| radioAmountOptionWOText function| radioAmountOptionWText function| populateTransferAmount function| populateEmptyTransferAmount function| selectDateInput function| disableNonSelected function| enableNonSelected function| focusAndSelect function| disableOptionalFields function| enableAllFields function| ltrim function| rtrim function| trimForOverlays function| FormatAmt function| FormatAmtWithoutCurrCode function| appendThousandSeperator function| removeLeadingZero function| replace boolean| firstError_selectAccts boolean| selectFromLabel_selectAccts boolean| selectToLabel_selectAccts function| processSrcAcct_selectAccts function| processToAcct_selectAccts function| processInfoBubble_selectAccts function| selectFormatForTo function| selectFormat function| submitTransferDetailsOnChange undefined| ccAccount function| submitTransferDetails function| checkTransfer function| dateEnteredByCalendarHook function| executeForShowConfirmation function| submitTransferDetailsCall function| amountEntryOverlayRecap function| toggleInfoBubble function| showHelpForProduct function| openHelpWin function| selectFormatMT function| selectFormatMTEnterAmount function| showTruncatedValueOnTFR function| toggleErrorBubble function| srcCopsCheck function| destCopsCheck function| executeOnSuccess function| payAnotherBill function| submitConfirmation function| executeOnPaymentConfirm function| back function| executeBackActionOnSuccess function| submitPayeeSelection function| memoOptional function| submitPayeeDetails function| submitPaymentToRecap function| summary function| executeOnSuccessSummary function| cancelReEnrollment function| continueReEnrollment function| executeOnSuccessBP function| getOverlay function| loadFlash function| initializeFinapp function| makePFMAjaxCall boolean| editFormField function| goToPaymentsLanding function| cancelOverlayLanding function| redirectWithInstanceId function| redirectWithoutInstanceId function| redirectPastWithoutInstanceId function| detailedNRIActivate function| makePaymentCreditCard function| rewardsLogoLink function| renderMortgageTable function| refreshSliders function| forwardToTempDelay function| openMortgageURL function| getCreditCardLinks function| hideServiceCCHeading function| getCardsPaymentLinks function| hidePaymentsCCHeading function| showClosedAcctOverlayDialog function| cancelClosedAccntOverlay function| unlinkClosedAccntOverlay undefined| isTYCall string| selectedAccountIndex string| selectedDestinationAccountIndex function| loadSomOfferData function| displaySomOffer function| displayDealOffers function| displayContextualOffer function| updateSOMImgForSPFCO function| displayBTSpotOffers function| displayMBAROffers function| updateSOMForMBAR function| updateSOMForCO function| updateSOMImgForCO function| handleOfferForMBAR function| modifyPreQualUrl function| launchPageForMBAR function| SvcHubFireUrl function| SvcGlobalAppFireURL undefined| xmlhttpSOMAcceptance function| updateSOMOfferAccept function| updateOfferStatus function| updateSOMForCOPostSubmit function| updateSOMSubmitEvent function| launchPopupForDR function| submitForSSOToDR function| LinkMisLog function| overlaycallus function| displayQTOOffer function| alertSeeMoreOverlayLink function| SubmitForECSSO function| refreshingDashboard function| submitForCheckImage function| closeAmexSpeedBumpWindow function| openADAPrintWindow function| updateUserEvent function| reportSC function| doMakePaymentFromADA function| goToCitiWallet function| processOfferClicked function| processOfferDeclined function| processDefaultOfferClicked function| pageReload function| goToICTFR function| launchOWTOffer function| fraudLink function| updateSOMForOWT function| updateEventForLTO function| updateAOMCORForMBAR function| updateAOMCORImgForCO function| updateAOMCORImgForSPFCO function| makePaymentCreditCardForADA function| makePaymentCreditCardForSTMT function| seeAllStatementsNew function| getYodleefastLinkOverlay function| copsredirect function| aoCopsRedirect function| updatecontactinforedirecteditatpay function| updatecontactinforedirectdelatpay function| updatecontactinfoForSeedrw function| updatecontactinfoForAdddra function| REWDBarLaunchPage function| redirectTraNotSPF function| redirectTraNotMRC function| activateNRIblockedCard function| reversePositionID object| proserconSiteCatalyst function| formSubmitForEnroll function| formSubmitforEBill function| executeOnSuccessEbill function| POSSpeedBumpLaunch function| viewEbillSubmit string| _locale function| Statements function| Click_To_Pay object| ensBootstraps object| Bootstrapper function| targetPageParams boolean| bt_ad_contentH2 function| BTWrite boolean| bt_ad_contentI1 boolean| bt_ad_contentI2 boolean| bt_ad_contentI3 boolean| bt_ad_contentI4 boolean| bt_ad_contentI5 number| googleLT_ object| google function| google_exportSymbol function| google_exportProperty string| tempe string| temppM string| temppV string| tempHref boolean| cancelFlag function| cancelAOFunc function| clearCancelAO function| capturePromoID function| setPromoID function| isCustomer function| isBanker function| isInvestor function| isMember function| applyNow function| applyNowExtSite function| applyHE function| captureSC function| findLocations function| srchLocations function| setDefaultCheckingCompare function| setDefaultSavingsCompare function| adServe function| BTScriptLoad function| adServeA function| adServeA2 function| adServeSB1 function| adServeSB2 function| adServeTopper function| adServeB1 function| adServeB2 function| adServeB3 function| adServeB4 function| adServeB5 function| adServeB6 function| adServeMM function| adServeSignon function| adServeSignoff function| goPicker function| stateNoMatchAlert function| continueStateNoMatch function| cancelStateNoMatch object| TLT function| Sizzle undefined| bv_masterID function| btPixelBeacon undefined| __address undefined| __zipcode undefined| __city undefined| __state undefined| __st string| __cszipmsg undefined| __ekw string| __ekwmsg number| lpinterval number| lpWait undefined| sendMessageWindow undefined| isBrandingSessionMapped function| lpAvailabilityCheckInit function| footer function| displayOverlay function| sof function| getBrandingData function| getFinalURL function| lnk function| citiSearch boolean| isWin function| checkForEnter function| searchLocations function| moreSrchLocations function| restoreSearchLocationsDefaults function| lnkCiti function| lnkChat function| psdetail function| trackdetail function| uidTrim function| onMessageClick function| topV string| PRODUCTS string| PROFILE function| isSSOFromSB function| isCitiGoldCore function| isCitiGold function| isIPB function| isPBG function| qstrparam function| isGEB function| isCPC function| isEnrolledInEquinox function| isBPActivate function| isNewUser function| hasProductOwned function| isBillPresentment function| isPaperless function| isIIT function| isThankYou function| isMBEligible function| isMBEnrolled function| isCheckingPlusEligible function| isMyFi function| isSB function| isCCinTY function| isAMEXselect function| isAMEXatm function| isAMEXtravel function| isAMEXtktAccess function| AOpromo function| isVANelig function| isTSCBOLEI function| isHiltonCC function| isCashbackCC function| isRIAMigrated function| hasChecking function| hasCheckingPlus function| hasBrokerage function| hasMarginAcct function| hasIRA function| hasCD function| hasCC function| hasMortgage function| hasSavings function| hasIMMA function| hasOtherRetmnt function| hasUnsecCrdt function| hasSecCrdt function| hasUnsecLoan function| hasSecuredLoan function| hasBusinessAcct function| hasMiscAcct function| isCitigold function| isFriend function| isRegisteredUser function| isVisitor number| cntMessages string| _uid string| _dta string| _ll string| _mid boolean| _jfp object| _j string| _jcontext string| _pbg string| classIE string| mainnavFlyoutIE string| useragent function| initMLC function| isTestDomain function| msgToolTip number| num_of_display object| helpers function| signonHover object| pageTimer function| setPageTimeout object| delayTimer function| delayPageTimeout function| resetPageTimeout undefined| branding_sc_p3 function| sessionRecovery function| callSessionCheck function| sessionCheckReturn function| beforeYouGo function| lpShowButtonBranding function| lpAvailabilityCheck function| constructPFMURL function| gssCallback object| requestURL object| params undefined| element undefined| h1Element undefined| newElement function| gsearch2 function| scEventL function| scEvent function| gsearch function| searchComplete function| renderSearchControls function| POSSpeedBumpLaunchTimeTrade string| _u string| _site string| _pgi boolean| isCitibank string| _f boolean| isAO string| _dh object| __gcse number| pgi_r string| _rsid string| pgi_masterID string| pgi_v object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol

3 Cookies

Domain/Path Name / Value
ctntalbk.com/ Name: JSESSIONID
Value: null
ctntalbk.com/ Name: 7830
Value: error
ctntalbk.com/ Name: 17005
Value: error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cse.google.com
ctntalbk.com
nexus.ensighten.com
www.google.com
18.197.253.20
2a00:1450:4001:809::200e
2a00:1450:4001:829::2004
51.91.128.128
001284ad03fb7f9cf411e5f477b6406ef02051087780859ebb7787f000087e13
01eb5ca7c2d4972b9644c31ae2a49e07d44eae62751d69612892bffd8ac032e9
054e9f20225a4584794776e202ca27abfa73c7d73bf0325b393b1ae360e5f932
1bdded2ba37d7b3ac61c559fbb3048c22b11d70fffa36142208fe4fdccc95ec3
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
3365c6707b11af11e075eb8fc391bc5112836047b278191d10ab568a9bf65172
345059a341cdf6fb013751ba01a3810ce3f42697157616174fc75c02fcb49c6b
42cbb670adfbf179c01f1042f07b8c21c122768fd075eeca8fef9f4983a806ef
4d09cfb5ba7471be2d35405a0510a67a3a6825e1e0337aca7dd94256e6c107d8
4fbfcd1a12f9f47b2e663b202669aa470906c17debc61de1c342afe496fed413
4fdd50822eef2cd07a01e2116d95cd5991d8830164814a40225b7a53756aaf03
50b2c4251d3aa97b7a2ea0739feea23948a36f462bb5481cf3296132d6ca15d3
52bfa31c9d40113b332de7307868da6e60cd85f544dcf2ead0b3b7cb4feec55b
535987a34983fec56b87c053ee86e0a574ab1d460a6bdc8c6af41ed88fa0b49f
547aa03fed892c64d4ef7897f90c505204fc249496bee4ef7c1ff81b374d33f7
547b3a01e8429614c1453e4a3ae0e2474648459524f415752f7774de883bd767
55ef85b7d743b8077c3f9efda02a3cee5d8eea50ded570a2ea263bef6fb4df0d
61f2a569a2395547975c0e7b38c08c5843ae93052260611934c72b21f8ee978e
6a6bd34822bdd2ccbdd66fa8b64cdb44b44b0ce6ab3fbd7f672382460635a847
6a9f238579b218a4f0a8560bac46774682aec64bc3926708131d73ac382629ec
6ad000cfd9512b69f7e6d40bf57196632d29da5d547f6b15055cbcca1e3638e9
7b1fb6be707dc406801b1e2dde8ec8ad02ad11d85c6cc3c74c7de8a3797032c8
8824e4738ff9ccec6f5a45884909cdb71e44ee55d1b1d7cf6344d63ebcb32e9c
9f05ed0042413c63c4332b26a7307be0f5fc30381a4b1d78a704946796ccde29
a1ba083c4359c3f4725c9fd9fe39ee8ef3a6d829829a4bfbbb9516a6c56767a3
a835dcede539c68ef32660c1e48db855cf814627b484398dde236d4686b244e7
ad77fb73e1825c9771c2fbd49ad19fcb3d66258c34d1fcdcbe50cbf601d4bc19
b3aa525ae519451bf353f97bb9fbfd81e63d73231afec5f22e8210f5c3eb5927
bc21bf7554153f7a11d3de9d9e83be8670fb28d88ee928ea08035c85d0425a7a
bf027f7247a836032e2d18817cea470627f784b0f07ccbef787418301ab97db2
cf6451cff8133a8cc2bfd93a7ce2b869632b5aa3eefffbcc15c4f8ac39b2d0fa
cfd1d3cfc3fd8323f1e954efaa5533406e210ede8c1d8eeda136f7c569ba4800
d33c3580a6f74918cb48b98df98c9d7bb24dffe18938325ba9327459dd0ce424
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
defad9d5acb2571c7af092bcdf4ca8afcfb7cd68398c68293b43ca586ac05c32
e529cf6c6f77c227c1fb60e748a9b51e5e9ffa113610f4d40268857e7f1bdf99
e74d75c134268bd736505ca52442d561a0c00a8d95647e92d2259f7cb1762751
edc7c6f977342847aa6fa7810bfbd062aa27d78296fa8314a446e0ef83a9e403
ef515391b6dbbf25aa03b354a6370eeb199defe497877abfc45da1fe77c696f9
f96dff943168f77b7c5beecc73cdbfc9ae8eebfe10591cff023e03b111796356
fc810df59e9f8810ef5a1e6cf0408662287a559aff3c2178b4820d4913f41fc1