wine-delux.com
Open in
urlscan Pro
35.213.186.163
Malicious Activity!
Public Scan
Submitted URL: https://kutt.it/kutout
Effective URL: https://wine-delux.com/test/citt/citi.com-login/Citi/app/
Submission: On June 24 via manual from US — Scanned from IT
Effective URL: https://wine-delux.com/test/citt/citi.com-login/Citi/app/
Submission: On June 24 via manual from US — Scanned from IT
Summary
This website contacted 21 IPs
in 5 countries
across 20 domains to perform 94 HTTP transactions.
The main IP is 35.213.186.163, located in
Singapore, Singapore and
belongs to GOOGLE, US.
The main domain is wine-delux.com.
TLS certificate: Issued by R3 on June 21st 2022. Valid for: 3 months.
This is the only time wine-delux.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 21st 2022. Valid for: 3 months.
This is the only time wine-delux.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citibank (Banking)Domain & IP information
34
35.213.186.163
(Singapore, Singapore)
ASN15169 (GOOGLE, US)
PTR: 163.186.213.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 163.186.213.35.bc.googleusercontent.com
| wine-delux.com |
3
52.51.78.176
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
9
18.197.253.20
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
| nexus.ensighten.com |
1
96.16.135.39
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com
| tags.bkrtx.com |
12
2a00:1450:4001:812::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
52.215.108.43
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-108-43.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-108-43.eu-west-1.compute.amazonaws.com
| citi.demdex.net |
1
15.188.95.229
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
| metrics1.citi.com |
1
99.80.65.197
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-65-197.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-65-197.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
1
65.9.65.116
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
| js.adsrvr.org |
1
143.204.89.51
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-51.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-51.fra50.r.cloudfront.net
| cdn.pbbl.co |
1
35.190.60.146
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
| sr.rlcdn.com |
1
104.89.42.102
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com
| stags.bluekai.com |
1
142.250.186.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
| www.googleadservices.com |
1
35.71.131.137
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| insight.adsrvr.org |
1
35.241.45.82
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
| udc-neb.kampyle.com |
8
2a00:1450:4001:80f::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 34 |
wine-delux.com
2 redirects
wine-delux.com |
3 MB |
| 12 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89 |
495 KB |
| 9 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2618 |
94 KB |
| 8 |
google.com
www.google.com — Cisco Umbrella Rank: 8 |
1 KB |
| 8 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 |
10 KB |
| 7 |
google.it
www.google.it — Cisco Umbrella Rank: 17199 |
1 KB |
| 4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 192 citi.demdex.net — Cisco Umbrella Rank: 38934 |
6 KB |
| 2 |
medallia.com
resources.digital-cloud-citi.medallia.com — Cisco Umbrella Rank: 24017 |
89 KB |
| 2 |
adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1332 insight.adsrvr.org — Cisco Umbrella Rank: 594 |
3 KB |
| 2 |
rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3055 20766699p.rfihub.com — Cisco Umbrella Rank: 36637 |
1 KB |
| 1 |
kampyle.com
udc-neb.kampyle.com — Cisco Umbrella Rank: 2178 |
318 B |
| 1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126 |
15 KB |
| 1 |
bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 494 |
338 B |
| 1 |
rlcdn.com
sr.rlcdn.com — Cisco Umbrella Rank: 13239 |
98 B |
| 1 |
pbbl.co
cdn.pbbl.co — Cisco Umbrella Rank: 10094 |
|
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 850 |
517 B |
| 1 |
citi.com
metrics1.citi.com — Cisco Umbrella Rank: 23204 |
511 B |
| 1 |
bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3370 |
16 KB |
| 1 |
rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5238 |
6 KB |
| 1 |
kutt.it
1 redirects
kutt.it — Cisco Umbrella Rank: 647988 |
1010 B |
| 94 | 20 |
| Domain | Requested by | |
|---|---|---|
| 34 | wine-delux.com |
2 redirects
wine-delux.com
|
| 12 | www.googletagmanager.com |
wine-delux.com
www.googletagmanager.com |
| 9 | nexus.ensighten.com |
wine-delux.com
|
| 8 | www.google.com | |
| 8 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 7 | www.google.it | |
| 3 | dpm.demdex.net |
1 redirects
wine-delux.com
|
| 2 | resources.digital-cloud-citi.medallia.com |
nexus.ensighten.com
resources.digital-cloud-citi.medallia.com |
| 1 | udc-neb.kampyle.com | |
| 1 | insight.adsrvr.org |
js.adsrvr.org
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | stags.bluekai.com |
tags.bkrtx.com
|
| 1 | sr.rlcdn.com |
nexus.ensighten.com
|
| 1 | cdn.pbbl.co |
nexus.ensighten.com
|
| 1 | js.adsrvr.org |
wine-delux.com
|
| 1 | 20766699p.rfihub.com |
wine-delux.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | metrics1.citi.com |
wine-delux.com
|
| 1 | citi.demdex.net |
wine-delux.com
|
| 1 | tags.bkrtx.com |
nexus.ensighten.com
|
| 1 | a.rfihub.com |
wine-delux.com
|
| 1 | c1.rfihub.net |
nexus.ensighten.com
|
| 1 | kutt.it | 1 redirects |
| 94 | 23 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.citi.com |
| www.citicards.com |
| online.citi.com |
| jobs.citi.com |
| www.jdpower.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.wine-delux.com R3 |
2022-06-21 - 2022-09-19 |
3 months | crt.sh |
| nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-14 - 2022-10-12 |
a year | crt.sh |
| *.rfihub.net Amazon |
2021-12-29 - 2023-01-27 |
a year | crt.sh |
| *.rfihub.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
| *.bkrtx.com DigiCert SHA2 Secure Server CA |
2022-02-07 - 2023-02-06 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
| metrics1.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-07-02 - 2022-08-30 |
2 years | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
| *.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA |
2021-11-15 - 2022-10-20 |
a year | crt.sh |
| *.pbbl.co Amazon |
2021-11-04 - 2022-12-02 |
a year | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
| odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2022-02-26 - 2023-03-01 |
a year | crt.sh |
| www.googleadservices.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.kampyle.com SSL.com RSA SSL subCA |
2022-02-28 - 2023-03-31 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.google.it GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://wine-delux.com/test/citt/citi.com-login/Citi/app/
Frame ID: 0E10C4BB18F32FF79FD53D85E59E6D30
Requests: 89 HTTP requests in this frame
Frame:
https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: EAEC924321DA4C776366952257C69A94
Requests: 1 HTTP requests in this frame
Frame:
https://20766699p.rfihub.com/ca.html?rfiidc=5140084921067799697&rfiaid=6f952e4210f342bbb6678a78123bf415&ver=9&ra=1902&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fwine-delux.com%2Ftest%2Fcitt%2Fciti.com-login%2FCiti%2Fapp%2F&pf=&ra=47208574363104194
Frame ID: AF2E41D40B908B68080A0BC9FE8ED4C7
Requests: 1 HTTP requests in this frame
Frame:
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 3991ADFB1AC140FC9A6D19578E633818
Requests: 1 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/63068?ret=html&phint=language&phint=product&phint=event&phint=category&phint=page&phint=section1&phint=section2&phint=section3&phint=section4&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_l%3Dhttps%3A%2F%2Fwine-delux.com%2Ftest%2Fcitt%2Fciti.com-login%2FCiti%2Fapp%2F&phint=__bk_v%3D3.1.10&limit=10&r=91042002
Frame ID: 77142E92FE3B40F3B0183D0878498243
Requests: 1 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fwine-delux.com%2Ftest%2Fcitt%2Fciti.com-login%2FCiti%2Fapp%2F&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=https://wine-delux.com/test/citt/citi.com-login/Citi/app/&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Frame ID: AD931D6DB0512B5DE8AB19D1A345FA65
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Online Banking, Mortgages, Personal Loans, Investing | Citi.comPage URL History Show full URLs
-
https://kutt.it/kutout
HTTP 302
https://wine-delux.com/test/citt/citi.com-login/Citi/ HTTP 302
https://wine-delux.com/test/citt/citi.com-login/Citi/app HTTP 301
https://wine-delux.com/test/citt/citi.com-login/Citi/app/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Ensighten
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //nexus\.ensighten\.com/
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
22 Outgoing links
These are links going to different origins than the main page.
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards
Title: View All Credit Cards
Title: View All Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=low-interest-credit-card
Title: 0% Intro APR Credit Cards
Title: 0% Intro APR Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=balance-transfer-credit-cards
Title: Balance Transfer Credit Cards
Title: Balance Transfer Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=reward-credit-cards
Title: Rewards Credit Cards
Title: Rewards Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citicards.com/cards/credit/application/flow.action?isInvitation=N&OC=CC-CITI-3D5
Title: See If You're Pre-Qualified
Title: See If You're Pre-Qualified
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=all-small-business-credit-cards&m=f
Title: Small Business Credit Cards
Title: Small Business Credit Cards
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/citi.action?ID=banking-overview
Title: Banking Overview
Title: Banking Overview
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/citi.action?ID=checking-account-overview
Title: Checking
Title: Checking
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/citi.action?ID=savings-account-overview
Title: Savings
Title: Savings
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/citi.action?ID=cd-ira-account-overview
Title: Certificates of Deposit
Title: Certificates of Deposit
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/cd-ira/citi.action?ID=citi-ira
Title: Banking IRAs
Title: Banking IRAs
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/current-interest-rates/checking-saving-accounts
Title: Rates
Title: Rates
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/small-business-banking
Title: Small Business
Title: Small Business
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/ag/personal-loan
Title: Personal Loans & Lines of Credit
Title: Personal Loans & Lines of Credit
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=mortgage_home_mortgage
Title: Mortgage
Title: Mortgage
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=mortgage_heloc
Title: Home Equity
Title: Home Equity
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=FinancialGoals
Title: Your Financial Goals
Title: Your Financial Goals
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=InvestingCiti
Title: Investing with Citi
Title: Investing with Citi
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=InsightsTools
Title: Insights and Tools
Title: Insights and Tools
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/pands/detail.do?ID=CitigoldOverview
Title: Citigold®
Title: Citigold®
Search URL Search Domain Scan URL
URL: https://jobs.citi.com/
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: http://www.jdpower.com/awards
Title: jdpower.com/awards
Title: jdpower.com/awards
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://kutt.it/kutout
HTTP 302
https://wine-delux.com/test/citt/citi.com-login/Citi/ HTTP 302
https://wine-delux.com/test/citt/citi.com-login/Citi/app HTTP 301
https://wine-delux.com/test/citt/citi.com-login/Citi/app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1656113888859 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1656113888859
- https://cm.everesttech.net/cm/dd?d_uuid=70150984761386773244318191011783579295 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YrZK4QAAAJvqpwOV
94 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
wine-delux.com/test/citt/citi.com-login/Citi/app/ Redirect Chain
|
126 KB 126 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tc.min.js
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
45 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ddl.min.css
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
624 KB 624 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main_branding.css
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
272 KB 272 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.js
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
204 KB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Bootstrap.js
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
328 KB 328 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
homePage.min.css
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
24 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.tmpl.js
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citilive-search-responsive.css
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
58 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
default+en.css
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
40 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
default.css
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
11 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.js
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
96 B 349 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
463166.gif
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
42 B 282 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cbol-smartSearch.css
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
search-white.png
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
429 B 670 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citiHomePage.min.js
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
14 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP3379_H.jpg
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
201 KB 201 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP6166_M.jpg
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
99 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
M1-M7_Rewards.jpg
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
99 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
M1-M7_Citi-card-cluster-4.jpg
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP5904_M.jpg
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
98 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
GettyImages-858243764.jpg
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
82 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2019CertifiedMobileApp.png
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ddl.min.js
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
64 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
363 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 107 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Enterprise-White.png
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.woff
wine-delux.com/test/citt/citi.com-login/Citi/libraries/fonts/interstate/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Bold.woff
wine-delux.com/test/citt/citi.com-login/Citi/libraries/fonts/interstate/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/citi/na_prod/ |
1 KB 740 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Citi-Branding-Sprite.png
wine-delux.com/test/citt/citi.com-login/Citi/libraries/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fdf45a7c15c1cee06bb71e10dac4e26e.js
nexus.ensighten.com/citi/na_prod/code/ |
989 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
056fe804a45840fa1a41b33cc15114dc.js
nexus.ensighten.com/citi/na_prod/code/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
557566dc60916e3de69e006bef252459.js
nexus.ensighten.com/citi/na_prod/code/ |
2 KB 961 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dd2e4b625ebab8391ed3f4779bd70b02.js
nexus.ensighten.com/citi/na_prod/code/ |
158 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
51aba9f62787efbaa13e53a8d1ae3892.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 847 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
506d0184fdb9cb628051e08d1e517b6e.js
nexus.ensighten.com/citi/na_prod/code/ |
175 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ea3d4340d0fcbc94d3792ab3c1606902.js
nexus.ensighten.com/citi/na_prod/code/ |
75 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oo_icon_retina.gif
wine-delux.com/GFC/branding/olab/images/ |
8 KB 8 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc.min.js
c1.rfihub.net/js/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
idr.js
a.rfihub.com/ |
83 B 723 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bk-coretag.js
tags.bkrtx.com/js/ |
51 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
99 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
citi.demdex.net/ Frame EAEC |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
metrics1.citi.com/ |
48 B 511 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=YrZK4QAAAJvqpwOV
dpm.demdex.net/ Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ca.html
20766699p.rfihub.com/ Frame AF2E |
118 B 685 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
99 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
99 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
99 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.ttf
wine-delux.com/test/citt/citi.com-login/Citi/libraries/fonts/interstate/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Bold.ttf
wine-delux.com/test/citt/citi.com-login/Citi/libraries/fonts/interstate/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1560.js
cdn.pbbl.co/r/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
108 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
425466.html
sr.rlcdn.com/ Frame 3991 |
0 98 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
63068
stags.bluekai.com/site/ Frame 7714 |
71 B 338 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
108 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
109 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
108 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
108 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
108 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
108 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
108 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic1654793721838.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
519 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
up
insight.adsrvr.org/track/ Frame AD93 |
0 182 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 318 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/644574043/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.it/pagead/1p-user-list/644574043/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
www.google.it/pagead/1p-user-list/916451471/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/830907969/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.it/pagead/1p-user-list/830907969/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/695231162/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.it/pagead/1p-user-list/695231162/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.it/pagead/1p-user-list/959299794/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/975701947/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.it/pagead/1p-user-list/975701947/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/819500023/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.it/pagead/1p-user-list/819500023/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.it/pagead/1p-user-list/960621875/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.google.it
- URL
- https://www.google.it/pagead/1p-user-list/916451471/?random=1656113893164&cv=9&fst=1656111600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa6m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwine-delux.com%2Ftest%2Fcitt%2Fciti.com-login%2FCiti%2Fapp%2F&tiba=Online%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&async=1&fmt=3&is_vtc=1&random=924341213&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citibank (Banking)166 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils function| _rfi object| RocketfuelBCP string| module string| lang string| searchEnable string| userRole string| visitor string| isLoggedin string| _j function| $ function| jQuery object| jQuery19107734247648580677 object| respond object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| adobe_visitor object| citiData function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| domainName string| JFP_CSRF_TOKEN object| OBJ_JFP_CSRF_TOKEN boolean| isCSRFAutomationEnabled function| isValidDomain function| isValidUrl function| aPxdlBqHVfFwaa function| wxkf45GzeCwW function| iB0P1kIhMcnA3mv function| addExtraField string| topDM number| signonInitialHeight undefined| signonModalHeight boolean| signonBlock function| populateEFDParams function| populateClientData function| submitRSADevicePrint function| submitmobilegeolocation function| doSubmit function| signOnUnamePwdError function| clearFieldErrorValidation function| onSelectUser function| insertAfter function| mask function| focusOn function| blurOn function| doMask function| OpenInNewTab function| displayLable function| launchPopup function| tv function| initMLC function| displayServerName function| isTestDomain function| getCookie function| setCookie function| calLinkCharLength function| truncateOtherAlert function| truncateBrowserAlert function| passTmplObj function| closeAlertBox function| showFullMsg function| hideFullMsg function| truncateMsg function| showAlerts function| hideAlerts function| handleOutageAlert function| handleSignonLink function| adjustHeroHeight function| adjustHeroOnRotation string| counter undefined| loginExp undefined| jsonContent undefined| offerPlacements boolean| epTurnedOff object| PRConfig function| commaSeperatedList function| arraysEqual object| CM function| onYouTubeIframeAPIReady boolean| iOS string| titleAttr string| Es4BlxFG1oLsnw1tQM string| L1PV5V3Fkad1sVauiJy6 string| Opz1GMs1tIa6fAj1PzH function| _focusFirstHeader function| _focusPreviousHeader function| _focusNextHeader function| bk_async object| val object| dataLayer function| gtag object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls object| google_tag_manager object| google_tag_data undefined| CCSID undefined| citiLocale boolean| citiNGA undefined| pageID object| _pp object| KAMPYLE_EMBED function| ttd_dom_ready function| TTDUniversalPixelApi object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| wine-delux.com/ | Name: PHPSESSID Value: 57c681865482bb386b6a854b6e437202 |
|
| .demdex.net/ | Name: demdex Value: 70150984761386773244318191011783579295 |
|
| wine-delux.com/ | Name: 7830 Value: error |
|
| wine-delux.com/ | Name: 7018 Value: |
|
| wine-delux.com/ | Name: 64072 Value: |
|
| wine-delux.com/ | Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg Value: 1 |
|
| .rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0MjQwMze3tDSzNBfiM9RNL3MqTopMC3TyjDICANHI-HQlAAAA |
|
| .rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0MjQwMze3tDSzNBfiM9RNL3MqTopMC3TyjDICANHI-HQlAAAA |
|
| .wine-delux.com/ | Name: _gcl_au Value: 1.1.1495406816.1656113889 |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YrZK4QAAAJvqpwOV |
|
| .citi.com/ | Name: s_ecid Value: MCMID%7C75641395704010828633625065514683805500 |
|
| .dpm.demdex.net/ | Name: dpm Value: 70150984761386773244318191011783579295 |
|
| wine-delux.com/ | Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg Value: -330454231%7CMCIDTS%7C19168%7CMCMID%7C75641395704010828633625065514683805500%7CMCAAMLH-1656718689%7C6%7CMCAAMB-1656718689%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1656121089s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19175%7CvVersion%7C3.1.2 |
|
| wine-delux.com/ | Name: mdLogger Value: false |
|
| wine-delux.com/ | Name: kampyle_userid Value: 0177-d57a-4408-9cd0-c2f6-22cc-f185-3f01 |
|
| wine-delux.com/ | Name: kampyleUserSession Value: 1656113893015 |
|
| wine-delux.com/ | Name: kampyleUserSessionsCount Value: 1 |
|
| wine-delux.com/ | Name: kampyleSessionPageCounter Value: 1 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnxr7BFui4Y-ikMuHc2btTR2m77SlLkDHWgqDV6saueYbQ3l0xEg4Cia1UZ |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20766699p.rfihub.com
a.rfihub.com
c1.rfihub.net
cdn.pbbl.co
citi.demdex.net
cm.everesttech.net
dpm.demdex.net
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
kutt.it
metrics1.citi.com
nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
stags.bluekai.com
tags.bkrtx.com
udc-neb.kampyle.com
wine-delux.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
www.google.it
104.89.42.102
142.250.186.130
143.204.89.51
15.188.95.229
151.101.66.133
18.197.253.20
193.0.160.128
2600:9000:214f:e600:1:76cf:fe80:93a1
2606:4700:3032::6815:2beb
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2008
2a00:1450:4014:80a::2003
2a00:1450:4014:80b::2004
35.190.60.146
35.213.186.163
35.241.45.82
35.71.131.137
52.215.108.43
52.51.78.176
65.9.65.116
96.16.135.39
99.80.65.197
0227a7c580fffd060ac3fd93b45acfad39e4e72a3c916438ad2fd8cb4b5ddd5a
086af99cb27b9a8654199200ab40e7a212f601c06ab095608b0d349f5bae48d4
0a2ab6d1effcb4fff6e96e4da9c4a4cd68e8115be4346b63210cc638d561fd66
14ab745ee125eadc458fe8b9541a3b0b142607b3d914b99045afe60df55be99a
188df01a46b7ddc5b39b19929a3c18d033e93d574f763094e982b3934c04ee0d
1cb0ce5d364e57fd2a1cbfcbf1dc50a0abd9cdccd8ff041129ffaf5a7258a047
21699cd3ccf27e45c3de307f19af57ca9dfeac53c85e499ab783fbf19433bb6d
268525c9e50ce0e3e2d8a24503a8d60477962fea84d006a48062bb5aea176efd
3006f5112afaf4c8b03bb15e3f4b40a001aaae393f02234de47d61bec6e5c291
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
3f298930866d36b0166cba59dd9d6aef6e52d6e032f8a23fe04e9f9c3fb20e64
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
429d8af3190c76d5fcb9b1cad2aa6eb555684921323da905d62017fbdbf557c6
458779544d6f044fc6cd95d02ca301addad20c9b8ab6e3fd046ef1fb02b747c0
4651d964eb415abe43a18f19f0c0d6a433ea5a1549c948d25b1307218653cda9
4999a8bcfc1f9fd95a0c4e42cfbac1abdf5a6c9e26734abbe4bc157b8c2b49ab
4e7e8fcfaa5ed83de57c2d40ea21cda76928ccfe53eadf7ec52d4dc36629d625
4f34779c41e7bd017b63196172b8e16170ec26c5c4a3fa184827f14df30d85fe
5072c1ff21bc2a0e138eb892abf5196457c32930fc304ea85fd335b85b8559d2
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
62c3bee8e3f9bed4db8e297c3ef1d242ecc2fc2b7db57a743f79b4384bc9ec9c
640a8c2b98f9829a9cbfb20b45aeb134a040bf8046af794ffbde45dc922a3237
6480365a730c449a48ddf38ff1829c350305aae349d6faf4913f06dd55fc548c
6966bf7d495ce7b0bde3301c1bb6426bde394b2ab5812d07fb5eba0cd42949c0
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
771c92ecc9167287111bc793f6392bfb0dc8a51a830b497f7591e6d3493fc1fc
7952ce7fa3716a1e04ac9d48f28833a3917c1bf40df9d764bcf2cff809642401
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
82a4d8db295c8e86bc3e4da97774e39c4dabc6e1986a8376594e268fd7d743a1
8530edd3e4e769e835a29895b0dc1ebbd6ebccdc50944d3e99de486e19169c57
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8e26e2927f7f4b473554f2e5df34d96f132cab4fe4e0ce8b5a16ae705984b0f2
960842f7c30338886ce3383118699a20b93da75e00234ebe5ea3610cd3b63c25
96a6bab0b1b03336312267f917b278641de4c7bd62ba5822c9686bf6eebe49b8
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
adc23a1cc1bc5da6d68592351541f4a772493d04dfb4c75a83f680854b68f812
adee524d25764d9511c4c0c0edd492d1e1a32263a6dc29945b82a07dce904252
b526e4d51312500d1f4846bb6e2428768bd4655535a7893bd4f3ce7c125d4a86
b7264725078e153ab3a4af37c52374b3a5d46b8fb5fc7b5f8af2e773364eef93
bc4570a63016e2cf47c3a9622c57cc8936ee05f72f6b992afc2e277913d02fef
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c14ac9075b0f598877150f5cc397795b9365a02e5d05c7572e3edef2f326b42b
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76
caf8559a8c0cf43e211220aaeb31fdad82c9702097d7d833db36c5a990509553
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
cdb828e2f4e62e1900133748ba426481b6c8383ebaca93133988da409506d3b4
d118102507b97407ebf1533cc98ccd2e9d244524b456fd9c2b469b553396238a
d3110c26dde81fa12fbed258fcbd62b227c781900096e4416c8bb756b40115d4
dd6b3c87451dbe524ca0db949d8e69e8e52c8f118c41d4477eb2218427d2ec56
de5c74261bd0ee53c00620f14c87bbd4b8b88ab8bc9621266892a29e31de24bc
e05565885e234eeb2f32d5dabdf0a586c5dab3badbba206b1c27e1b34a75148b
e1372ef665e42afe4e71bc1955c57ee9c0b39ed4c749c8e982438e61e3d05d1d
e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81d41804ba08b6e2b4fdf43d8dbac0da1780b73406f5ce1b8b45f98573703a1
ec9c06bd243ba2b20fa8a4a9c44d5b275797e899ae17c576fd4adc06c7c6f883
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f2dd1ff20c3df202418f9d59c76f40bdb304d7a85d7163fc9935391528f3dee8
f9e961f85d4ae6c04a50baa4d5bc6e66f45ef0fe5870fcfd4baff2e80574d0b5
fb42046c6feabb3126634752069391d76d8ded5770a936eb1ce0cdd6aa7358b9